How does payment gateway verify a transaction to see if it's authorised for a particular amount or not ?
I assume that by authorised, you mean what gets sent to the payment UI and what the user submits/confirms. If so, they payment gateway doesn't verify the amounts match up. That is something that your app would need to do.
What if amount submitted together with the payment data is not the one authorised ?
Nothing prevents this from happening, this is the responsibility of the app.
For a little more context, Google Pay doesn't actually get involved in the authorization flow with the payment gateway.
Google Pay for web exposes a callback that you could use to call the payment gateway to authorize a payment (see example). The main advantage this provides is that it allows you to verify that a payment option can be transacted on for the given amount, and if authorization fails, the user can select a different payment option within the payment UI.
Once the payment UI is submitted, what you would then do is take the authorization response from the gateway and submit it to the gateway to complete the transaction (example from Stripe). The gateway will usually allow you to specify a different amount up to the value of the initial authorization.
The authorization flow is optional which means that you could simply attempt to make the payment (without authorization) and handle any failures.
Unfortunately, the authorization callback isn't currently available for mobile applications (I assume it will be available at some point).
