I have a php form for a conference registration for my small non-profit organization.
I have logic in the php that collects what the user is buying (conference registration, in non-covid years would also be lunches and banquet tickets). It then constructs a payment page at square via their Checkout API.
Just to make sure we’re all talking about the same thing, here’s the code that’s putting the request together:
$request = new \SquareConnect\Model\CreateOrderRequest();
$request->setIdempotencyKey(uniqid()); //uniqid() generates a random string.
$request->setLineItems($lineItems);
$checkout = new \SquareConnect\Model\CreateCheckoutRequest();
I then setup a return URL, request the square URL, and then put a “pay here” which goes to the square URL.
This all works fine, and we’ve been using it for a couple of years. But when the payment page at Square comes up, it has a big black “Google Pay” box above the credit card stuff. I honestly don’t know what Google Pay is, and it occasionally confuses the users. I’d like to disable it. But I don’t know how. I’ve spent a couple of hours looking through the documentation on Square’s site. I can find a few examples for the Checkout API, but I cannot find a complete reference.
When I search for “Checkout” and “Google Pay”, I see references to turning off Google Pay in a “weebly” settings menu. But I’m embedding this at the php layer, so I don’t think that applies. I also looked carefully through our account page at Square, but I cant’ find any references to Google Pay there either.
Thanks for any info.
Craig Steffen
Kentucky Philological Association webmaster
Unfortunately Google Pay cannot be disabled on the Checkout API. Google Pay allows users to use their Google Pay digital wallet (cards saved with Google, basically) to pay without having to re-type their card information. If you prefer more customization, I would recommend using the Square Payment Form, which you can choose to not include digital wallets as an option. It’s a payment form that is actually hosted on your own website (doesn’t redirect them to Square) to create a secure token that can be used to create the payment on the backend. Let me know if you have further questions about this, of course.
Thanks for the recommendation. The reason I wanted to stay with the Checkout API is that way, our site never sees the full credit card number, and so we don’t have to worry about PCI compliance or credit card data security. We just hand the the transaction off, and we get a callback saying that the payment was made.
No worries; even with the Square Payment Form you do not need to be PCI Compliant. The card information is entered and it locally (front-end Javascript) generates a secure token (called a nonce). So the raw card data is never sent to your backend, thus you still do not need to worry about it as no one could intercept it or see it other than the person who is entering it (who already has the data, since it’s their card).
Ah. Hmm. I guess I mis-understood that part of the documentation.
Since I’m about to push out the already-modified version of our conference registration form for this year’s conference, I think I’ll leave it be for now. But I will definitely look into this for next year.