Page MenuHomePhabricator

EPIC: Implement GPAY through adyen
Open, Needs TriagePublic

Description

As an advancement manager, I would like to have gpay for future testing.

DoD:

  • Implement gpay for testing

context and docs:
As we consider more alternative payments for Wikimedia, I am entering this Phab task to share info about GPAY. In a meeting with Google, they state that our two primary processors now offer GPAY; Adyen has had it live for years with many clients and Ingenico is now adding GPAY to Connect, which is our current connection. Some key points:

  1. GPAY can be offered immediately through both providers.
  2. It is reported, reconciled and supported through the existing Ingenico/Adyen portals, so no new portal to learn for Finance or Donor Services
  3. It is free. Google makes it's money from the end user and not the merchant (Wikimedia).

Adyen's integration docs here: https://docs.adyen.com/payment-methods/google-pay/web-component

Ingenico's integration docs to come.

other general docs:
https://developers.google.com/pay/api/web/guides/paymentrequest/tutorial

Event Timeline

DStrine renamed this task from Implementing GPAY for donors to Implement GPAY through adyen, in a variant.Sep 3 2021, 4:30 PM
DStrine updated the task description. (Show Details)
DStrine moved this task from Q4 FY21-22 to Triage on the Fundraising-Backlog board.

From https://developers.google.com/pay/api/web/guides/ux-best-practices looks like we might want to make sure our 'opt-in' checkbox is OK for keeping the donor's email in Civi and mailing them later if we get it from GPay.

Use Google Pay to only gather relevant user data

If you gather data returned by the Google Pay API, it must be used for the purpose of the customer's current transaction only. This includes order confirmation, shipping notification, shipping tracking, order cancellation, refund, and refund notification information.

For example, the Google Pay API returns an email address when you set emailRequired to true in your PaymentDataRequest object.

Maintain this practice to nurture customer trust and loyalty.
Important: If you'd like to use any data returned by the Google Pay API for any purpose other than a transaction, you must obtain separate, express consent from the user, and you must request it from the user outside of the purchase flow.

We'll have to look into how GPay interacts with 3D Secure - My understanding with tokenized cards like Apple Pay was that 3D Secure didn't apply, but it seems to be different with GPay (https://developers.google.com/pay/api/web/guides/test-and-deploy/integration-checklist):

	If you selectively trigger 3D Secure (step-up authentication) for normal card transactions based on risk criteria, be sure to use the same risk criteria to trigger 3D Secure for Google Pay PAN PAN_ONLY transactions.
DStrine renamed this task from Implement GPAY through adyen, in a variant to EPIC: Implement GPAY through adyen, in a variant.Jan 19 2022, 9:24 PM
DStrine added a project: Epic.
Ejegg renamed this task from EPIC: Implement GPAY through adyen, in a variant to EPIC: Implement GPAY through adyen.Feb 1 2022, 11:34 PM
Ejegg updated the task description. (Show Details)