Overview
A banking form of payment (FOP) is one where Google and the Payment integrator (Partner Bank or integrator) perform a one-time exchange of account identity credentials and user authorization in order to establish an Association between Google and the Bank. Later on, a reference to this association can be presented back to the integrator to allow moving money from of the user's account to another bank account.
Google uses two flows to establish this exchange of information:
- Authentication-Authorization flow: authenticates the user and obtains authorization from the user to establish this connection.
- AssociateAccount flow: establishes an association for previously identified and authenticated users. This is done through a method call which establishes the association between Google and the Payment integrator. This flow is also referred to as association.
Once the association is established, Google will use it during money movement for a fast and seamless checkout experience for our users. Google calls this an instrument. A Google customer has one or more instruments. An instrument is a way to pay for services and goods within Google's various ecosystems and marketplaces.
These flows are described in more detail in the following sections. The examples in the following sections walk you through a fake bank called InvisiBank.
Authentication-Authorization Flow
The purpose of the authentication-authorization flow is to identify and authenticate the user to the integrator and to obtain authorization from the user to perform the other actions in the flow. Authentication-Authorization is handled using a redirect. This can either be to an app or a web redirect.
Redirect Authentication-Authorization
Redirect authentication-authorization happens by Google redirecting the user to an integrator-owned application. That application could be a web application or an Android application.
Android and Web redirects behave similarly. Here, Google redirects the user to the integrator's app. The integrator identifies and authenticates the user in whatever form is most natural for that integrator. Once authenticated, the integrator redirects the user back to Google's UI to finish the association. Upon redirect, Google provides a requestId
in order to identify this authentication session. That identifier is then used as authentication proof and identity during Association.
Integrators that choose this flow must provide a web authentication URL as this is the most common denominator across all surfaces (Desktop, Mobile). However Android authentication is strongly recommended as it provides the best user experience on Mobile.
Depending on the device context and the apps installed, Google UIs will choose the web or the Android App redirect.
This authentication mechanism provides the integrator with the most freedom. There are many ways to authenticate and identify a user. Username + password, biometric information and security questions are all viable solutions as well. Google doesn't intend to dictate how a integrator verifies a user. The integrator takes care of authenticating the user. By using this method, Google intends to use the integrator's various user interfaces to authenticate the user and provide Google with proof of authentication.
In addition, we will pass a list of Authorization
scopes that should be shown to the user to obtain authorization for each of these actions (e.g. in the AssociateAccount
flow, we need authorization to associate
the user's account with a Google Account).
For the Association flow, this flow will also allow a user to select the account that they have with the Payment integrator that they would like to be the target for the AssociateAccount call that will follow this flow.
For more information on authentication see this [detailed guide][Redirect Authorization Flow].
Association Flow
The purpose of the association flow is to establish an association in order to create an instrument. This flow:
- Creates an association in the integrator's system linking the account which was selected during the Authentication-Authorization flow to a specified Google Account.
- Negotiates a reference that will be used to refer to this Google Payment Token (
GPT
). - Provides account information to inform Google's risk engine.
The established reference to the GPT
is agreed on by both Google and the integrator.
The association flow requires that Google provide proof of authentication or authorization to the integrator. Prior to every association flow, Google invokes the authentication-authorization flow to acquire this proof.
The following diagram shows the sequence of calls for the authentication-authorization flow and association flow
For more information on authentication see this detailed guide.