Use Google wallet with braintree payment gateway - android-pay

I want to know, can i use google wallet with braintree payment gateway in android application. To be more technical clear, take MASKEDWallet from google wallet and fetch all useful information from it and send it to braintree payment gateway for completing the purchase.
Please help.

I'm a couple of days into working on same, so this is devoid of technical specifics (more conceptual). Also I'm doing so on the "web" side of Wallet Instant Buy (not Android), though the concept of sending payment details through, and meeting (PCI) requirements, to your (any) credit card payment gateway should be the same.
Unless I'm corrected by a Googler:
You'll need to make a FullWalletRequest to obtain the "full wallet" which means the actual card details that you need to send to your gateway (card no, cvc/cvv, expiration, billing address etc.).
At which point, it wouldn't differ from any other/existing (gateway type) credit card processing.
At the end of the day, what Google Wallet Instant Buy does:
provide a merchant application (droid/ios/web) a "Virtual Onetime Card", which,
represents a Google Wallet user's real card stored in his/her Google Wallet account, therefore securing actual card details and scoping the transaction (because it's one-time)
I would think the only possible caveat is whether or not a gateway accepts such type of of card (" a MasterCard-branded virtual prepaid debit card")..unlikely that would be an issue (in US, which is where the API is limited to at this time...)....
Digressing a bit. The other caveat that comes to mind is if you employ some fraud screening service. You're given a "virtual card" (not the real card of a cardholder), so if your service uses/needs that information to come up with a risk score, then its something you need to account for...
Hth....

Related

What security measurements we should take if we are storing banking details?

I am developing a mobile app, a market place buyers and sellers can meet.
When making payments, the buyer will have to enter his credit card information every time, because we are not saving them.
To get paid, sellers need to have their bank details stored with us (That's what we think). We are planning to use a payment gateway like Stripe or Braintree.
Now, we have 2 questions.
Instead of we storing the bank details, can we shift this responsibility to the payment gateway provider? So the information are with that service and not with us.
If it is mandatory for us to keep the bank details, what security measures we need to take?
I can't speak for Braintree, but Stripe can handle storing those. I'd suggest reaching out to them to tell them more about your use case and ask for more details. https://support.stripe.com/contact/email

Is it possible to query Stripe for a credit card belonging to any customer?

I have a subscription service for which free trials are allowed before signing up for the full payed service. I want to ask the customer to provide credit card details before gaining access to the free trial, to prevent abuse of the trial.
I'm using Stripe to handle payments so that I don't have to deal with storage of any sensitive payment information. This free trial scenario would seem to be very common, so I assumed there would be some way to query a card to make sure that it hasn't been used to sign up already. Just some API call that would accept the card number etc. and return a boolean.
I haven't seen anything like in the API docs. I know that fingerprints of cards are accessible after creating a card source, so is it advisable to store them myself and query them? Or have I missed something in the docs?
Just to be clear... I'm not looking to search a card for a particular customer. I know I can iterate over the cards to do that, but I'd have to iterate over the cards of every customer to accomplish what I want, which is not feasible.
Here you probaly want to contact the support team and suggest this as a new feature.
A possibility is the fingerprint you mention, in my opinion this would be the way i would do it too.
One single card should never be associated with one customer in a platform.
No, there is no way to check whether a credit card is used for another customer or not. And there shouldn't be. Because a customer has right to use his/her single credit card to maintain more than accounts.
You can easily integrate trial feature of a Subscription in Stripe which is best way to implement Trial feature using Stripe. If any customer's payment failed after trial expired then you will be notified by Stripe.
And Stripe and any other payment gateway is not advise to store any card info due to security issue.

Online payment - check provision

I'm developing a Symfony 3 application and the client chooses stripe for online payment
Users will make auctions on the website.
Is there a solution (with stripe or another system) to check if the user has provision on his account to accept the auction ?
Amounts can be quite big (10k€)
Thanks !
Olivia
A lot of payment gateways offer Auth/Capture separation, in which you can first authorize the payment (suggesting the shopper's credit card has enough in the CC cap\credit ceiling to afford this deal currently).
The issue is that this authorisation request often puts the funds on a "hold period" on the card - a time frame in which the CC cap is reduced as if the shopper purchased the item, and could cause the shopper to max-out their credit even if they didn't end up purchasing. This is why authorisation calls on large amounts need to be handled with caution.
If you want to go ahead with this business model, make sure you also have a cancel/reverse authorisation option - that will allow you to validate first with an auth only request, and then release the hold on the shopper's CC. I am not familiar with Stripe's API, but I know that BlueSnap has both Auth and Auth reversal APIs:
Auth API: https://developers.bluesnap.com/v8976-JSON/docs/auth-only
Auth reversal API: https://developers.bluesnap.com/v8976-JSON/docs/auth-reversal
You can use the auth & capture flow to create an authorization but not capture the funds immediately.
Note that such large amounts will probably have high decline rates. I recommend you reach out to Stripe's support at https://support.stripe.com/email to discuss your business model in more details.

API to change the credit card used by a google wallet subscription?

Again I am frustrated by the lack of documentation involved in developing using Google Wallet as a payment gateway and I may switch to another service.
My new question is as follows:
Can I programmatically change the payment card utilized by a Google Wallet for digital goods subscription?
If a card utilized in a subscription expires, that is on the user, However, If I do not provide a means of changing the payment card elegantly, that is on me!
Does anyone know how this can be done? Or would I have to create a whole new subscription to produce this effect? This should be a basic feature of any payment gateway so I am assuming that I am missing something.
It should also be noted that creating a new subscription may be problematic without an ability to cancel the previous subscription via the API. Provided that both the old and new cards are still valid, it would attempt to process the payments for both subscriptions!
On a side note, why does it seem that the Google Wallet API is missing so many key features? (annual subscriptions, subscription cancellation, the issue mentioned above, etc...?)
Thanks again everyone!
If Google can't successfully charge, they'll send you a failure postback which you can use to evaluate what to do with the subscription.
It would be best if you don't equate Wallet to a "payment gateway" (or credit card processing service/gateway) because it isn't.
At the end of the day, Wallet basically gives you some "access" to a Wallet User's data. It's up to the Wallet users' to add/remove whatever payment instruments they have in their Google Wallet.
in Wallet for Digital, Google also handles the transaction - the processing part, so you're freed of any PCI compliance, and related payment infrastructure to get stuff going.
Instant Buy, Google will send you a "virtual card" for you to process the transaction using your own/existing credit card processor/gateway. In this case, you do have to be PCI compliant and have existing infrastructure.
In both cases, you don't have access to the actual Wallet users' payment data. Google locks that stuff down.
Hth....

Amazon or priceline credit card payment system implementation

This is the scenario I expect the system behave:
I have a platform where users can register and store their credit card information online, and with specific user's action, system automatically settles payment.
Of course, user expect automatic payment system as we said so when they enter their card information, and the purpose of this is to simplify the process when they decided to pay for something.
My question is this:
I found that Amazon saves user's card information when they purchased some products then user doesn't need to put all the card information again but just select from the list of cards he used and with one click, it finishes payment.
Also, in price line, I found that it automatically settles after bid accepted.
So I tried to find the provider or payment gateway company that Priceline or Amazon provide, and tried to find the way to implement the system at least, but couldn't find any. What I have found so far were like, using paypal, and it requires user to have paypal id
I'm doing this in PHP, can anybody give me some clue please?
Thanks in advance.
You should be able to do this with most payment gateways that support recurring payments.
Typically what you would do for new customers is capture their card details 'as normal' (via the payment gateway). The payment gateway will return a token id which you then store against the customer record
Next time that customer makes a payment you can submit the tokenised card number to the payment gateway
Since you mentioned Amazon, you might want to look at their payment service API: http://aws.amazon.com/fps/

Resources