Integrating Google TapAndPay SDK in Android for Push Tokenization

3 min readMar 27, 2024

In the realm of mobile payments, security and efficiency are paramount. Google’s TapAndPay SDK offers a robust solution for app developers looking to integrate payment tokenization into their Android applications. This blog post will guide you through integrating the TapAndPay SDK, emphasizing push tokenization for a seamless and secure payment experience.

Prerequisites

Before diving into the integration process, ensure you’ve completed the following prerequisites:

Familiarize yourself with the Google Play services APIs.
Get your app whitelisted by Google for using the Push Provisioning API. Contact Google support for whitelisting.

Understanding Push Tokenization

Push tokenization involves adding a virtual payment card to Google Pay, requiring coordination between your mobile app, Google Pay, the Card issuing platform, and the payment network. This process is crucial for enabling secure transactions within your app.

Key Tasks for Your Android App

Synchronize the active wallet to ensure your app’s user interface is consistent with the underlying wallet state.
Display, add, activate, and remove cards within your app, integrating closely with Google Pay’s functionalities.

Step-by-Step Integration Guide

Step One: Set Up the API Client

First, create a standard TapAndPay Client and initialise it:

TapAndPayClient mTapAndPayClient = TapAndPay.getClient(context);

Step Two: Synchronize the Active Wallet

To synchronize with the active wallet, call the getActiveWalletId() API. If no active wallet is found, you'll need to create one using the createWallet() API:

mTapAndPayClient.getActiveWalletId(googleApiClient).setResultCallback(new ResultCallback<GetActiveWalletIdResult>() {
    @Override
    public void onResult(GetActiveWalletIdResult result) {
        if (result.getStatus().isSuccess()) {
            String walletID = result.getActiveWalletId();
            // Next steps: Look up token IDs for the active wallet.
        } else {
            if (result.getStatus().getStatusCode() == TapAndPayStatusCodes.TAP_AND_PAY_NO_ACTIVE_WALLET) {
                // Prompt to create the wallet.
                createWallet();
            }
        }
    }
});

private void createWallet() {
    mTapAndPayClient.createWallet(currentActivity, REQUEST_CREATE_WALLET);
}

Step Three: Implement the Card User Interface

Implement UI components in your app to display the “Add to Google Pay” button, adhering to Google’s brand guidelines. Query each card’s status using the TapAndPay API to update the UI accordingly.

Step Four: Implement the Push-Provisioning Flow

Create the Opaque Payment Card (OPC): Generate the OPC using the Card Issuing platform and prepare your app to provision the card in Google Pay.
Push Tokenize the OPC: Use the pushTokenize method from the TapAndPay API to tokenize the OPC for use in Google Pay.

UserAddress userAddress = UserAddress.newBuilder()
        .setName(userAddressJSON.optString("name"))
        .setPhoneNumber(userAddressJSON.optString("phone"))
        .setAddress1(userAddressJSON.optString("address1"))
        .setAddress2(userAddressJSON.optString("address2"))
        .setLocality(userAddressJSON.optString("city"))
        .setAdministrativeArea(userAddressJSON.optString("state"))
        .setCountryCode(userAddressJSON.optString("country"))
        .setPostalCode(userAddressJSON.optString("postal_code"))
        .build();

PushTokenizeRequest pushTokenizeRequest = new PushTokenizeRequest.Builder()
        .setOpaquePaymentCard(opc)
        .setNetwork(network)
        .setTokenServiceProvider(tsp)
        .setDisplayName(pushTokenizeData.optString("display_name"))
        .setLastDigits(pushTokenizeData.optString("last_digits"))
        .setUserAddress(userAddress)
        .build();

mTapAndPayClient
        .pushTokenize(currentActivity, pushTokenizeRequest, REQUEST_PUSH_TOKENIZE);

Step Five: Activate Cards

Post-provisioning, some cards may require activation. Your app should detect this and request your backend to activate any cards pending activation. Optionally, use the tokenize() API to resume the identification and verification (ID&V) process.

Step Six: Remove Cards

To remove a tokenized card, use the requestDeleteToken() API to present a dialog to the user, confirming the deletion of the card.

Best Practices and Real-World Examples

Error Handling: Implement comprehensive error handling to cover scenarios such as lack of device support for Google Pay or user cancellation of the provisioning process.
User Experience: Design a seamless and intuitive user interface for card management within your app, ensuring users can easily add, activate, and remove cards.
Security Considerations: Always adhere to best practices for security, especially when handling payment information. Ensure all communications with backend servers are encrypted and secure.

Benefits of Using TapAndPay SDK

Integrating Google’s TapAndPay SDK for push tokenization in your Android app offers several advantages:

Enhanced Security: Tokenization abstracts sensitive card details, reducing the risk of fraud.
Streamlined Payments: Users enjoy a seamless checkout experience without the need to enter payment details manually.
Broad Compatibility: Supports a wide range of payment networks and card types, increasing your app’s versatility.

Conclusion

Integrating Google TapAndPay SDK in your Android application is a strategic move to enhance payment security and user experience. By following the steps outlined in this guide, developers can implement push tokenization efficiently, ensuring a seamless integration process. Keep in mind the best practices and real-world examples provided to maximize the benefits of using TapAndPay SDK in your mobile applications.