There are two basic authorization methods for Google Pay. We receive this parameter from Google Pay:
- PAN_ONLY - can always be processed via 3Ds flow(parameter "force3d" : "true").
- CRYPTOGRAM_3DS - can be processed only via non-3DS flow.
The reason for that is PAN_ONLY transactions are authorized on a PC/laptop using OTP, whereas for CRYPTOGRAM_3DS transactions the token created after a successful transaction is only available for that particular device (the Android phone/tablet that the token was created on).
However, the CRYPTOGRAPHY_3DS transactions have a liability shift.