There are two basic authorization methods for Google Pay. We receive this parameter from Google Pay:

  • PAN_ONLY - can always be processed via 3Ds flow(parameter "force3d" : "true").
  • CRYPTOGRAM_3DS - can be processed only via non-3DS flow.

    The reason for that is PAN_ONLY transactions are authorized on a PC/laptop using OTP, whereas for CRYPTOGRAM_3DS transactions the token created after a successful transaction is only available for that particular device(the Android phone/tablet that the token was created on).

However, the CRYPTOGRAPHY_3DS transactions have a liability shift.