Decrypting Google Pay™ tokens

Learn about Google Pay network-based tokenisation and the available decryption methods.

Google Pay tokenised transactions provide a secure and convenient way for customers to pay using their Google devices. When customers initiate transactions using Google Pay, their sensitive payment information, such as credit card details, is replaced with a unique token. This token is used to represent the customer’s payment credentials throughout the transaction process, adding an extra layer of security by keeping the actual payment information hidden.

To ensure a smooth payment experience, explore the available decryption methods. These methods allow you to securely retrieve and process the tokenised payment data.

Prerequisites

To decrypt data, you need to add your Google merchant ID to your merchant account. See Apply for production access for information on how to get a Google merchant ID.

To proceed with this solution, you must have an emerchantpay merchant account. Apply for a merchant account by filling out and submitting this contact form.

You will be assigned an emerchantpay Account Manager, who will provide you with credentials and assist you with any of emerchantpay’s payment solutions.

Decryption methods

There are three decryption methods to consider, each offering varying degrees of convenience and control. Understanding these decryption approaches will help you determine the most suitable option for your specific needs and preferences.

Decryption through emerchantpay’s Web Payment Form

emerchantpay decryption

Merchant decryption

Decryption through emerchantpay’s Web Payment Form

Decrypting through emerchantpay’s Web Payment Form is the most simplified approach. To use this method, you need a Google Pay merchant account to obtain the necessary credentials for payment tokens decryption. emerchantpay is responsible for the setup process. However, using this decryption method comes with reduced independence and customization options.

To learn more, see Google Pay payment method.

emerchantpay decryption

When using emerchantpay’s decryption service, you retain control over managing your payment page and making direct requests to Google. You send the transaction result to emerchantpay for decryption and processing, relieving you of the responsibility of decrypting the payment tokens yourself.

Example of passing a request:

<payment_transaction>
  <transaction_id>***</transaction_id>
  <usage>***</usage>
  <description>***</description>
  <remote_ip>***</remote_ip>
  <amount>50000</amount>
  <currency>EUR</currency>
  <customer_email>***</customer_email>
  <customer_phone***</customer_phone>
  <notification_url>***</notification_url>
  <return_success_url>***/</return_success_url>
  <return_failure_url>***/</return_failure_url>
  <billing_address>
    <first_name>***</first_name>
    <last_name>***</last_name>
    <address1>***</address1>
    <zip_code>***</zip_code>
    <city>***</city>
    <country>***</country>
  </billing_address>
  <transaction_type>google_pay</transaction_type>
  <payment_subtype>sale</payment_subtype>
  <payment_token>{“signature”:”MEQCIBNPKx241szAINb0ofYrzBOGYoHAPr/V5B/BooqoZWztAiBBAwM4T7Sc5mKa8D3cDp7tdL5UsM4WbSM1oweDQtM8zg\u003d\u003d”,”intermediateSigningKey”:{“signedKey”:”{\”keyValue\”:\”MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEznU/zeB7Wo4atcHKHClej9Ks4KxSTXEkV+e8ehGuiast+nJKb/J7U27xuVzXs/El6S3JeGSkgetuQliySH/i9Q\\u003d\\u003d\”,\”keyExpiration\”:\”1681936285000\”}”,”signatures”:[“MEUCIQDCRZ977T17xdUUb/dPzqio5QpBkSsGKeiNsmgy4facfwIgTpacbdVom5iq4U1zJb48qeUEmy/wOCQkCAm3xfS2ef8\u003d”]},”protocolVersion”:”ECv2″,”signedMessage”:”{\”encryptedMessage\”:\”ZiysbDuQMwt+bPzBsyebeVC1hfnVL0hVeI5QdF8A8/v77297b5XrUudAH6tMJXp2agpHDPWpN+CjxLLsZMhT+iyTi5CrQHwHi0HxkTbYhkWY6RjCanU61OPiKlQh2UykNsd6AMK0b0kvAd2ed0jn5Apqkl3RHEsQz9Hg4g+rg3a2wAXTCj2rURLrus2RdOA+mwLNbTaeIqSfouzs9AFuzHK0RvEUrZElGThoy3+pJ02fO4tfJTfAtmynTfZb5D3Drw7+FN4U78EpKtiq2LzNzltDG2xyOxPJHWnpOvS+ntjtuaIjqiwOr9Z/u2EhxtfabguApRodpAjEOsbc4/2NHL9gAxP+lrk/YExVDdBsw7ffTdcPSfTZwCjv/F67vROXOXpmg384Ax9uCKdKIbxmtCawnUjkNpdFd8RH2y5166Gq77/U5pH1iBFjISTvfS3Jmy4GdAt4zll+ofK1fA8wQJAoBY1sJcJwJqBFfn3aZciElOa4UEliIv5VIrARkOv6fYnRItKBFzOap1UvXEqpIjNpPNYQMd2RX1HMDw7K/4KvLTfpzsjmDHjjcqyWy6xyWn0Olr1LMr8m1mT2aPdZ+UFvdVOY13zHkhbaK85g4KgN+2IdRNrfbIxVhiqbjPkIqouNFCWhXd9OGAz+WwPxNhsTvRzI32LuxWQpZNZiHAZRqNPh\”,\”ephemeralPublicKey\”:\”BEJvYbWHFp8WXzk4qSMpC5BA6bhtFlZieQFEgR/Kch1LyLGiO1+oOLO8JOYm0/J+fWcfQJ6r/qjOY1JXl3QYP5E\\u003d\”,\”tag\”:\”Xfh19gfCB0Whia1HoCjOuV9IgJPokEX3anxIxXr2BP8\\u003d\”}”}</payment_token>
  <return_pending_url>https://account.wexopay.com/</return_pending_url>
</payment_transaction>

Example of a Success response:

<payment_response>
<transaction_type>google_pay</transaction_type>
<status>approved</status>
<crypto>true</crypto>
<cvv_result_code> </cvv_result_code>
<authorization_code>274760</authorization_code>
<scheme_response_code>00</scheme_response_code>
<unique_id>cc7857dbb22892e03abe833e7733c3ca</unique_id>
<transaction_id>dab15c49-95d3-46d6-87d9-8027c468a2ca</transaction_id>
…
<amount>50000</amount>
<currency>EUR</currency>
<threeds>
<eci>05</eci>
</threeds>
<sent_to_acquirer>true</sent_to_acquirer>
</payment_response>

To learn more, see Google Pay payment method.

Merchant decryption

You can also choose to handle the decryption process yourself. Instead of specifying google_pay as the transaction_type and providing a payment_token, you must flag the transactions as scheme-tokenized.

This approach depends on your specific integration and it allows you to have direct control over the decryption process. You may choose to decrypt the payment tokens yourself for greater control, customization, and adherence to specific security or compliance requirements.

To use this method, you must:

Map the decrypted data as per emerchantpay’s API.
Have an account that is specifically enabled to support tokenised transactions.

When using the merchant decryption method, you don’t need a certificate to decrypt the data.

For detailed guidance on the merchant decryption method, see the Tokenized e-commerce API.

Example of passing a request:

<payment_transaction xmlns:xsi=”http://www.w3.org/2001/XMLSchema-instance” xmlns:xsd=”http://www.w3.org/2001/XMLSchema”>
<transaction_type>sale3d</transaction_type>
<transaction_id>***</transaction_id>
<remote_ip>***</remote_ip>
<amount>49000</amount>
<currency>EUR</currency>
<card_holder>***</card_holder>
<card_number>513659…8108</card_number>
<expiration_month>xxx</expiration_month>
<expiration_year>xxx</expiration_year>
<cvv>xxx</cvv>
<customer_email>***</customer_email>
<customer_phone>***</customer_phone>
<billing_address>
<first_name>***</first_name>
<last_name>***</last_name>
<address1>***</address1>
<zip_code>***</zip_code>
<city>***</city>
<country>**</country>
</billing_address>
<mpi_params>
<eci>02</eci>
<cavv>kBNCQdOyR7+gC0TewtJQZZeBXA+c</cavv>
<protocol_version>2</protocol_version>
</mpi_params>
<scheme_tokenized xsi:nil=”true”/>
<crypto>false</crypto>
</payment_transaction>

Example of a Success response:

<payment_response>
<transaction_type>sale3d</transaction_type>
<status>approved</status>
<cvv_result_code>M</cvv_result_code>
<authorization_code>428352</authorization_code>
<retrieval_reference_number>310709004106</retrieval_reference_number>
<scheme_response_code>00</scheme_response_code>
<unique_id>3994cd30195e79bf984e24557f2d865e</unique_id>
<transaction_id>z629tVws</transaction_id>
<response_code>00</response_code>
<mode>live</mode>
<timestamp>2023-04-17T09:15:49Z</timestamp>
<descriptor>***</descriptor>
<amount>49000</amount>
<currency>EUR</currency>
<threeds>
<eci>02</eci>
</threeds>
<sent_to_acquirer>true</sent_to_acquirer>
<scheme_transaction_identifier>MCSGVSHD8</scheme_transaction_identifier>
<scheme_settlement_date>0417</scheme_settlement_date>
</payment_response>

Google Pay is a trademark of Google LLC.

Was this page helpful?