Digital wallets
Get started
Sign In
Digital wallets
Improve your checkout conversion by accepting payments via Apple and Google Pay

Digital wallets have gained significant popularity and emerged as one of the foremost choices for individuals when it comes to making purchases. Solidgate supports accepting wallet payments such as Google Pay and Apple Pay. With these payment methods, customers can effortlessly make purchases without the need to manually input their credit card information during the checkout process.

Merchants might consider integrations with digital wallet services due to their obvious benefits:

  • Higher conversion and sales rates: The possibility to pay in a few clicks or taps without entering payment details or carrying physical cards decreases friction at the checkout and leads to increased sales.
  • Reduced cart abandonment: The convenience of digital wallets can help reduce cart abandonment rates by simplifying the payment process for customers.
  • Security and fraud protection: These payment services utilize advanced security measures to protect customer payment information, such as tokenization and encryption.
  • Broader global reach: Digital wallets are widely used globally, allowing merchants to expand their reach and attract customers from different countries.
Both the Solidgate Guide
Understand how to integrate the payment form into your product.
Payment Form
and Guide
Easily build a safe and simple payment page with our straightforward, step-by-step guide.
Payment Page
include integration with Apple Pay and Google Pay. The information below is specifically tailored for merchants directly integrating with these digital wallet services.

Google Pay

With Google Pay, you can offer customers an effortless payment experience within your app or website, allowing them to use any credit or debit card securely stored in their Google Account.

To start processing payments via Google Pay, you need first register with Google. Once the integration is complete, you can add the Google Pay button to your checkout page and start requesting your customer’s encrypted payment information. As a merchant, sign up SITE with Google as a business. After completing the required steps, Google will provide you with a unique Google Pay merchant ID that is essential for production.

It is worth noting that Google Pay is only compatible with Android devices, making it a relevant factor when deciding on the right payment option for your business. Additionally, Google Pay works with the web, so it is crucial to verify the compatibility of your website with the web integration and ensure seamless operation with mobile app integration.

For information about the Google Pay integration process to accept payments in apps and websites, please refer to the following resources:

When you submit a payment data request to the Google API, be sure to include the following parameters:

1
2
'gateway': 'solid'
'gatewayMerchantId': '\<Replace with your public api key\>'

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
{
    apiVersion: 2,
    apiVersionMinor: 0,
    allowedPaymentMethods: [{
        type: 'CARD',
        parameters: {
            allowedAuthMethods: ['PAN_ONLY', 'CRYPTOGRAM_3DS'],
            allowedCardNetworks: ['AMEX', 'DISCOVER', 'MASTERCARD', 'VISA']
        },
        tokenizationSpecification: {
            type: 'PAYMENT_GATEWAY',
            parameters: {
                'gateway': 'solid',
                'gatewayMerchantId': ''
            }
        }
    }]
}

After integrating Google Pay into your payment system, the next step is to test the integration to ensure that it works correctly.

You can use the Google Pay API Sandbox to test your integration and simulate transactions without incurring any actual charges. You can also use test cards provided by Google to test different scenarios, such as successful and failed transactions.

3DS authentication

There are two card authentication methods for Google Pay:

  • PAN_ONLY
    The possibility to pay in a few clicks or taps without entering payment details or carrying physical cards decreases friction at the checkout and leads to increased sales. These transactions are typically authorized on a PC or laptop using a one-time password (OTP).
  • CRYPTOGRAM_3DS
    This authentication method is associated with cards stored as Android device tokens. Returned payment data includes a 3D Secure (3DS) cryptogram generated on the device. The token is specific to the device on which it was created.

Solidgate forces all Google Pay transactions using the PAN_ONLY data type to 3D Secure. There is no need to send additional parameters. Applying 3D Secure enables liability shift and minimizes payment risks for PAN_ONLY transactions. The payment processing flow is the following:

  1. The customer clicks on the Google Pay payment button and selects a payment method.
  2. Merchant initiates a payment using one of Solidgate's checkout solutions API or Google Pay API request.
  3. Google Pay securely returns a payment token for that method to the app or website.
  4. Solidgate defaults to the 3D Secure flow and forwards a verify_url embedded with the ACS URL to the merchant.
  5. To proceed with 3D Secure verification procedure, customer is redirected to the issuer`s page verify_url that can be received from the following methods:
  6. After the customer completes the authentication, merchant receives the corresponding status of the payment, and the customer is returned to the payment status page.

It is worth noting that the Google Pay transactions may not have 3D Secure authentication due to specifics of the CRYPTOGRAM_3DS authentication method.

The PAN_ONLY transactions can always be processed via 3D Secure flow where force3d parameter has the true value, while the CRYPTOGRAM_3DS transactions can only be processed via non-3D Secure flow. The latest is limited to Android devices, using the Google Chrome browser, and all other devices and browsers choose the PAN_ONLY authentication method.

This distinction exists because PAN_ONLY transactions involve authorization on a PC or laptop using OTP, while CRYPTOGRAM_3DS transactions tie the token to the specific device where the transaction occurred, ensuring a higher level of security and including a liability shift by default.

Apple Pay

Apple Pay is a wallet app that allows customers to conveniently and securely make payments in iOS apps and on the web by adding their preferred payment method to their device. It is supported on iPhone, iPad, Mac, and Apple Watch. Users can add their credit and debit cards to the service, and then use it to make payments by authenticating purchases with Touch ID, Face ID, or a passcode.

When considering Apple Pay as a payment option, it is worth ensuring that you offer your products and services in a region Reference that supports Apple Pay.

Integration setup

To initiate the integration with Apple Pay for payment processing on the web, complete the following set of steps:

  1. Configure Apple Merchant ID
    Acquire an Apple Merchant ID by registering for a new identifier SITE on the Apple Developer website. The Apple Merchant ID is a crucial component for securely processing payments through Apple Pay. Once obtained, it serves as a unique identifier for your merchant account within the Apple ecosystem, facilitating seamless and secure transactions.
  2. Create Payment processing certificate
    Once you have the merchant ID, create the Payment processing certificate that is linked to merchant ID and used for securing transaction data. For that, get a certificate signing request (.csr) file from Solidgate Support. Then follow the instructions for creating the certificate Reference in the Apple developer guide and use the Solidgate file for creating the signing request. When the certificate is created, download your Payment processing certificate (.cer file) and send it to Solidgate Support.
  3. Register and verify your domain
    Follow the Apple developer documentation to register Reference and verify Reference your merchant domain. Ensure that you register and verify all top-level domains and subdomains where you intend to display the Apple Pay button.
  4. Create Merchant identity certificate
    The identity certificate is required when merchants intend to process Apple Pay payments initiated from a web page. Apple verifies the ownership of the domain from which the payment originates. One identity certificate may be used to identify multiple domains. The steps for creating and exporting the certificate Reference are the same as for Payment processing certificate, differing only in the key size (2048 bits) and algorithm (RSA).
Please note that while the merchant ID never expires, the payment processing certificate, merchant identity certificate, and domain verification expire. Refer to Maintaining your environment Reference in Apple documentation for more details.

Complete the Apple Pay integration Reference into your checkout system ensuring its alignment with your existing transaction process and display the Apple Pay button Reference on your checkout interface.

For information about the Apple Pay configuration, please refer to the following resources:

The Apple Pay payment processing flow is the following:

  1. The customer clicks on the Apple Pay button and selects a payment method.
  2. Merchant captures the payment details from customers via Apple Pay.
  3. Merchant transmits this data to Solidgate using the Solidgate API reference.
  4. Solidgate processes the transaction.
  5. Upon successful processing, Solidgate sends a confirmation to the merchant, and the transaction status is displayed for the customer.
Please note that not all devices and browsers support Apple Pay.

Apple Pay guidelines

As a merchant seeking to integrate Apple Pay into your platform, it is crucial to follow the guidelines established by Apple to ensure compliance and deliver a seamless experience for your customers.

Liability shift

The concept of liability shift in the payment card industry is crucial for understanding the financial responsibility transfer in fraudulent transactions. This shift occurs when card issuers or payment processors take on the financial burden for fraudulent transactions approved despite the implementation of security measures like 3D Secure or EMV chip technology.

For merchants, this means a reduced risk of bearing the cost associated with chargebacks and related fees in case of fraud.

Apple Pay transactions using Mastercard, Discover, JCB, and American Express offer merchants liability protection similar to 3D Secure transactions. Merchants are commonly exempt from responsibility for unauthorized transactions made through Apple Pay, as the usage of tokenization protocols ensures the protection of cardholder details.

For Visa, Apple Pay supports liability shift only in Europe. In the case of Visa, the transfer of liability is applicable solely to the first transactions initiated by the customer (CITs). This protection is not extended to transactions initiated by the merchant (MITs) due to the absence of the cardholder during the on-session biometric authentication process.

To complete Apple Pay transactions, customers are required to employ Touch or Face ID for verification. While this authentication method aligns with the criteria for liability shift set by American Express, Discover, JCB, and Mastercard, it does not meet the security standards established by Visa.

Although this is a common practice, the issuers are not bound by these terms and can change the liability agreement at any time. Merchants are advised to consult with their acquiring bank or payment gateway provider to clarify the exact liability guidelines applicable to Apple Pay transactions.

Disabling CloudFlare SSL/TLS

Apple Pay currently does not support CloudFlare SSL/TLS.

Steps to Disable CloudFlare SSL/TLS:

  1. Access Cloudflare dashboard: Log in to your Cloudflare account and select your domain.
  2. Navigate to SSL/TLS settings: Go to the SSL/TLS section and then to Edge Certificates.
  3. Disable universal SSL: Choose the option to disable Universal SSL.

In the Acknowledgement and Confirmation process, it is important to carefully review the warnings presented in the Acknowledgement section. After understanding the implications, you should select the “I Understand” option. Following this, you need to confirm your choice by clicking on the “Confirm” button to complete the process. This step ensures that you are fully aware of the changes being made and their potential impact.

Remember to review and select an SSL certificate that aligns with Apple Pay's requirements after disabling Cloudflare's Universal SSL.