\n
\n \n <\/tabs>\n <\/div>\n<\/div>\n","url":"https:\/\/docs.adyen.com\/pt\/payment-methods\/google-pay\/api-only\/google-pay-token-decryption","articleFields":{"description":"Learn how to decrypt Google Pay tokens.","id":"42833055","type":"page","_expandable":{"operations":""},"status":"current","feedback_component":true},"algolia":{"url":"https:\/\/docs.adyen.com\/pt\/payment-methods\/google-pay\/api-only\/google-pay-token-decryption","title":"Decrypt Google Pay tokens if you are PCI-compliant","content":"A Google Pay token contains encrypted card details that a shopper has stored in their Google Pay wallet. Google Pay tokens let you securely pass the data of your shoppers to a payment service provider, like Adyen, to process payments.\nIf you are PCI-compliant you can handle the token decryption and pass raw card details to Adyen.\nA benefit of handling the decryption is that auditing transactions is easier when you have more information, such as the shopper name. See Google's documentation for the full list of details in a decrypted token.\nOnly handle the token decryption on your own in advanced setup scenarios, like when you have to submit Merchant Plug-In (MPI) data in a Google Pay request.\nHandle the decryption\nRequirements\nTo decrypt Google Pay tokens on your own, you must:\n\nHave a Google Pay merchant ID.\nBe PCI-compliant to handle unencrypted card details.\nHave an API-only integration.\n\nDecryption process\nTo decrypt Google Pay tokens, follow the steps outlined on the Google developer portal.\nOverview:\n\nFetch the Google root signing keys.\nVerify that the signature of the intermediate signing key is valid by any of the root signing keys that is not expired.\nVerify that the intermediate signing key of the payload is not expired.\nVerify that the signature of the payload is valid by the intermediate signing key.\nDecrypt the contents of the payload after you verify the signature.\nVerify that the message isn't expired. This requires you to check that the current time is earlier than the messageExpiration field in the decrypted contents.\nUse the payment method details you just decrypted to make the payment.\n\nDepending on whether the card is stored as FPAN or DPAN, you get the following output:\n\n \n\n\n \n\nAPI reference\nThe parameters listed in this section are specific to using decrypted Google Pay tokens. For descriptions of other parameters go to \/payments.\nThe parameters you must send in the request are different for cards stored as FPAN and cards stored as DPAN.\n\nFPAN payments may trigger 3D Secure 2, which requires additional fields. You can handle 3D Secure 2 for FPAN in a similar way to other scheme payment methods described here.\n\n\n\n \n \n \n \n\n","type":"page","locale":"pt","boost":16,"hierarchy":{"lvl0":"Home","lvl1":"Payment methods","lvl2":"Google Pay","lvl3":"Google Pay for API only","lvl4":"Decrypt Google Pay tokens if you are PCI-compliant"},"hierarchy_url":{"lvl0":"https:\/\/docs.adyen.com\/pt","lvl1":"https:\/\/docs.adyen.com\/pt\/payment-methods","lvl2":"https:\/\/docs.adyen.com\/pt\/payment-methods\/google-pay","lvl3":"https:\/\/docs.adyen.com\/pt\/payment-methods\/google-pay\/api-only","lvl4":"\/pt\/payment-methods\/google-pay\/api-only\/google-pay-token-decryption"},"levels":5,"category":"Payment method","category_color":"green","tags":["Decrypt","Google","tokens","PCI-compliant"]}}