Request a payment authorisation (Payment Transaction Manager API)
The following section assumes you have read the documentation about the payment SDK's payment transaction manager API service. For guidance on how to use the payment transaction manager API to perform a payment request to Trust Payments, please refer to the "Payment Transaction Manager" on the Getting started with Android SDK page.
Once you’re in possession of the Google wallet token and want to perform a payment authorisation request, you must call the payment transaction manager's createSession method and pass in a JSON Web Token (JWT) as the parameter e.g.
val session = paymentTransactionManager.createSession({ JWTToken })
The JSON Web Token should be generated on your server side and signed with the the secret key provided by our Support Team. If you have yet to receive a JWT username and secret key, as described on the Getting Started with Google Pay page, please get in touch with our Support Team.
Click here to learn more about JWTs - We strongly advise to use a third party library when generating a JWT on your backend server, to avoid having to create your own JWT encoding and decoding methods.
JWT token payload should also include two additional fields for Google Pay authorisations:
wallettoken=<googlePayWalletToken>
walletsource=GOOGLEPAYOnce you have successfully created a JWT token and called the createSession method, you will need to call executeSession to process the payment. e.g.
val result = paymentTransactionManager.executeSession( session )
Payment authorisation response (Payment Transaction Manager API)
Before updating your system or sending out goods, you should verify the signature of the JWT response for each payment on your secure backend server.
Failing to verify the signature assigned to the JWT could introduce the potential of a bad actor to modify the authorisation response to make it appear as though the payment was successfully processed, when in actuality the card may have been declined.
For recommendations on how to best check the response, please refer to "Verify the response JWT signature" section onwards on the JSON Web Token page.
Request a payment authorisation (Webservices API)
The following content assumes you have obtained the necessary PCI certification to process and submit sensitive cardholder data from your server.
If you would rather send the authorisation request with a server-side API call, then you will need to securely transmit the Google Pay wallet token from your app to your secure server endpoint. It is then your responsibility to submit the encrypted payment data in an authorisation request to the Trust Payments Webservices API endpoint.
To submit the authorisation request from your server backend to the payment gateway, we would recommend you refer to our Webservices API documentation. There you will find examples to construct an authorisation request.
The following optional fields are both required in a Google Pay AUTH request. This is in addition to the required fields mentioned under the "Field specification" section on the AUTH request page.
‘walletsource’ : ‘GOOGLEPAY’
‘wallettoken' : ‘<encrypted payment data received from Google - JSON encoded string>’The following are additional considerations that are specific to your Trust Payments account.
| Property | Format | Description | |
| setAllowedCardNetworks | List |
The supported values for this property will depend on the payment methods supported on your Trust Payments account. Please contact our Support Team to confirm. |
|
| gatewayMerchantId | String |
The Trust Payments site reference configured in the Google Pay manager instance acts as your gateway merchant Id. You should have both a test and live site reference after following the steps in the Getting started with Google Pay section. When you are ready to move to the PRODUCTION environment, the sitereference must be set to your live site reference in the instance configuration. |
|
| gateway | String |
In your configuration, please set the property with value “trustpayments”. |
