Very Good Security (VGS) enables its customers to accept and process mobile payments with Google Pay tokens. By integrating Google Pay with VGS as a payment gateway, a merchant can have the Google Pay token decrypted, vaulted, and revealed to their PSP securely in compliance with PCI without any heavy lifting on the merchant side. Thus, VGS offers merchants the ability to extract data from a Google Pay payment token and perform business transactions on those tokens while remaining out of PCI scope.
What is Google Pay?
Google Pay is a digital wallet platform and online payment system that allows merchants to provide in-app, online, and in-person contactless purchases on mobile devices. For merchants, Google Pay enables users to make payments with Android devices, minimizing user friction and increasing overall transactions. Users may also buy items in apps and on websites. Further, it is possible to buy Google products, send money to friends or family, and spend gift cards, loyalty cards, tickets, and coupons at your favorite stores.
Why integrate Google Pay with VGS?
Without VGS, you typically have two choices as a merchant: either use a specific Payment Service Processor (PSP) that supports Google Pay or manage the entire process yourself, including decrypting the card information from the Google Pay payment token. When opting for the latter approach, you are responsible for PCI compliance and for meeting all PCI-DSS standards. As you can imagine, for many, the cost, time, and expertise required to achieve PCI compliance are simply prohibitive.
VGS is a certified Payment Gateway for Google Pay and is your one-stop solution for decrypting Google Pay payment tokens and managing PCI compliance. By leveraging VGS’s industry-best Zero Data approach, merchants can reinvest significant time, money, and effort (which would otherwise be focused on information security) toward developing their core business.
How does it work?
Google Pay creates an encrypted payment token that contains a customer’s sensitive information and payment data. VGS has created an integration method that allows merchants to decrypt the payload from Google Pay (the "Google Pay payment token") and alias its card data while providing Zero Data PCI compliance.
All a merchant has to do is create a VGS account, configure a unique vault, and set the route. VGS manages everything else, including decryption and aliasing. The event diagram below depicts the data flow, end-to-end, starting from a user's checkout, and finishing with an acknowledgment of the completion of card processing.
When forwarding a payment request to a Payment Service Provider (PSP), the request must be proxied through VGS (our Forward Proxy). Upon the merchant’s request, the aliased data is revealed and then forwarded to the PSP for processing.
The Google Pay solution, along with the VGS Zero Data approach, offers a unique value proposition to our customers. Integration is as simple as enabling this solution on the VGS Integration Dashboard. Simply follow these steps: How To Integrate Google Pay with VGS.
Shahriar Kianersi 
