Security best practices

To keep your payments profile secure for the protection of your customers and you, keep these security best practices in mind:

  • Never share your payments profile or merchant ID with anyone.

  • Never make a payment to Google through a third party. Always pay any balance due through your Google Account.

  • To send processing commands to Google, use an HTTPS connection secured by 128-bit Secure Sockets Layer (SSL) v3 or Transport Layer Security (TLS) connection (We don’t allow SSL v2).

  • Verify the authenticity of the server certificate presented to you.

  • To get Google notifications, specify an HTTPS callback URL secured by SSL v3 or TLS using a valid certificate from a major Certificate Authority.

  • Only accept messages authenticated by HTTP Basic Authentication using your Merchant ID and merchant key as the username and password.

  • Validate messages sent to your callback URL before processing them.

Search
Clear search
Close search
Google apps
Main menu
3459216946882301899
true
Search Help Center
true
true
true
true
true
1633573
false
false