Pan Only

Learn how to set up Google Pay™ using the 'PAN_ONLY' process.


Merchants wanting to process payments against PAN_ONLY cards are required to provide additional parameters to support 3-D Secure authentication when submitting their request into

Below is an overview of how the PAN_ONLY process works:

  1. decrypts the token value in the Google Pay™ request to determine if the auth_method is PAN_ONLY.
  2. We then return the response to the merchant containing the 3DS authentication_url.
  3. The merchant will redirect the cardholder to the authentication_url and will display the payment loader and complete the 3DS process.

Example request:

  "transaction": {
    "order_id": "1f1f2a61-5b68-4725-a0ce-9560514ec00b",
    "amount": 15.02,
    "currency": "gbp",
    "capture": true
  "payment": {
    "token": "{{token}}",
    "scheme": "visa",
    "type": "debit",
    "display_name": "**** 4242",
    "create_card": false,
    "reference": "Custom Ref 001"
  "customer": {
    "customer_id": "d6103140-7eff-4a84-b9f2-9a5972924b72"
  "tds": {
    "is_active": true,
    "challenge_preference": "no_preference",
    "challenge_window_size": "full_screen",
    "contact_url": "",
    "redirect_url": "",
    "webhook_url": ""

Get started

Before you get started you will need:

  • A direct integration into the API.
  • A Google Developer account.
  • To contact Google via the Business Console so that they can add your app to their system for production use. (This process involves submitting your website to Google for review.)

Set up Google Pay

Step 1: Defining your payment gateway

  1. When providing your payment tokenization method, set the tokenizationSpecification value as PAYMENT_GATEWAY. In addition provide acquired as your gateway and specify the company_id (assigned by that will subsequently be used when submitting your request into the API as the gatewayMerchantId value.
  2. Log into the Hub.
  3. Go to Settings > Payment Methods > Google Pay.
  4. Click + Add Merchant ID and enter your company_id valued assigned by
	"tokenizationSpecification": {  
  		"type": "PAYMENT_GATEWAY",  
    "parameters": {  
    	"gateway": "acquired",  
    	"gatewayMerchantId": "YOUR_ACQUIRED_COMPANY_ID"  



View the Google Developer documentation for more information on this.

Step 2: Set the allowedCardNetworks property

For supported payment type, select card. supports Google Pay payments from Visa, MasterCard & Amex cards, you can define these accepted card networks in the allowedCardNetworks property when initiating your request to the Google Pay API.

const allowedCardNetworks = ["VISA", "MASTERCARD", "AMEX"];



If you want to enable Amex cards there is further configuration needed for a specific Amex MID. Contact [email protected] for more information.

Step 3: Set the allowedCardAuthMethods

If you are not decrypting the Google Pay payload then you will not have visibility of the underlying credential, including whether the authentication method equals PAN_ONLY or CRYPTOGRAM_3DS.

const allowedCardAuthMethods = ["PAN_ONLY", "CRYPTOGRAM_3DS"];

Additional 3DS supporting parameters

When supporting the PAN_ONLY method, you are required as a minimum to submit the customer's name and tds object details. We recommend that you also send billing details, such as address and email, as this increases the chances of a frictionless flow.

See the below table detailing the supporting parameters:

first_namestringrequiredThe customer's first name.
last_namestringrequiredThe customer's last name.
line_1stringoptionalThe first line of the customer's address.
line_2stringoptionalThe second line of the customer's address.
citystringoptionalThe city of the customer's address.
statestringoptionalThe 3 letter ISO 3166-2 3-character state code of the customer's address. This should only be sent when processing in the US.
postcodestringoptionalThe postcode of the customer's address.
country_codestringoptionalThe ISO 3166 2-character code of the customer's address. - recommend
emailstringoptionalThe customer's email address.
is_activebooleanrequiredEnables the use of EMV 3-D Secure to authenticate the cardholder.
challenge_preferencestringrequiredIndicates your preference to the issuing bank on if the cardholder should be challenged or not.
challenge_window_sizestringrequiredIndicates your preference to the issuing bank the size of the challenge window to be displayed.
contact_urlstringoptionalLink to the contact us / support page of your website.
redirect_urlstringrequiredWhere the user should be redirected to once the authentication process has been completed
webhook_urlstringoptionalWhere we should send webhook notifications throughout the authentication process.

Google Pay API: request objects

The Google Pay API enables you to call up your customer's saved payment information.

To reduce friction, at the checkout you should request the billing object data required by when calling the Google Pay API. You can then use the available Google Pay API response data to populate the billing object parameters before submitting your request for authorisation.

Please see below for the request objects that should be configured when making a request into the Google Pay API (when PAN_ONLY Authentication Method is supported):

objectUse this object to configure your site's support for the Google Pay API.
booleanSet to true to request an email address. - not required
objectThis object allows you to set additional fields to be returned for a requested billing address.
stringSet to FULL to request complete billing address details. - MIN instead of full
booleanSet to true to request a phone number.



To view Google's own reference guide, click here.

Google Pay API: response objects

The table below describes the response objects and parameters returned in the Google Pay API response. The last column in the below table shows how the Google Pay API Response Data can be mapped into our API when submitting your request for authorisation.



The ' Parameter' column, refers to the API parameter that is mapped to the Google Pay parameter.

ParameterTypeDescriptionOur Parameter
paymentDataobjectResponse object that is returned after a payer approves payment.N/A
emailstringPayer's email address returned if emailRequired is set to true in
addressobjectPayer's billing address.N/A
namestringCardholder's name as stored on the payer's Google Wallet.
postalCodestringPayer's billing address postal code.customer.billing.address.postcode
countryCodestringThe ISO 3166 2-character code of the payer's address.customer.billing.address.country_code
phoneNumberstringThe payer's phone number, if phoneNumberRequired is set to true in PaymentDataRequest.number
address1stringThe first line of the payer's address.customer.billing.address.line_1
address2stringThe second line of the payer's address.customer.billing.address.line_2
address3stringThe third line of the payer's address.N/A
localitystringPayer's billing address city, town, neighbourhood, or
administrativeAreastringPayer's billing address state, county or province.customer.billing.address.state
sortingCodestringPayer's billing address sorting code.N/A

Process a Google Pay payment

Now that you have configured Google Pay you can process a payment using our guide here.