Opaque (i.e., encrypted) payment card sent via client-side push provisioning. It is deliberately named to be similar to the Opaque Payment Card that is already passed through client-side push provisioning to Token Service Providers for the purpose of tokenization.
is encrypted and signed in accordance with the OpenPGP specification defined in RFC 4880, and then a non-URL-safe Base64 encoding is applied to the encrypted bytes, in accordance with RFC 4648, section 4, with the encoded output being represented as a byte array.
Below is sample Java server code for generating a Google OPC, starting from a
String
that contains the underlying JSON representation. Here, the java.util.Base64 class is used to accomplish the Base64 encoding.
String googleOpcJson =
"{"
+ " \"protocolHeader\": {"
+ " \"version\": 1"
+ " },"
+ " \"validationContext\": {"
+ " \"serverSessionId\": \"GoogleSession123\""
+ " },"
+ " \"paymentCard\": {"
+ " \"accountNumber\": \"4321123412341234\","
+ " \"expiryMonth\": \"12\","
+ " \"expiryYear\": \"29\""
+ " }"
+ "}";
byte[] googleOpcSignedAndEncryptedBytes =
openPgpSignAndEncrypt(
googleOpcJson, issuerPrivateSigningKey,
googlePublicEncryptionKey);
// This Base64 encoded byte array is the final representation of the
// Google OPC that should be
// returned to the Android or Web client.
byte[] googleOpcBase64Bytes =
Base64.getEncoder()
.encode(googleOpcSignedAndEncryptedBytes);
REQUIRED: The version of the JSON API spec used to construct this Google Opaque Payment Card object. The current version will be provided by Google and will change at Google's discretion, but generally only for major (i.e., breaking) changes.
ValidationContext
Fields that allow Google to validate the push is valid in the given context, for example the expected destination. This information will be compared to other unsigned information for consistency.
JSON representation
{// Union field intended_destination can be only one of the following:"serverSessionId": string// End of list of possible types for union field intended_destination.}
Fields
Union field intended_destination. REQUIRED: The intended "destination" of the push, for validation purposes. Only one destination should be supplied. intended_destination can be only one of the following:
serverSessionId
string
A push provisioning session ID in the form of a UUID generated by a Google server. The destination user is implied by the session.
PaymentCard
Description of a payment card account (i.e., credit card, debit card, charge card).
REQUIRED: The account number itself (i.e., the FPAN).
expiryMonth
string
REQUIRED: Expiration month, formatted MM.
expiryYear
string
REQUIRED: Expiration year, formatted YY.
All rights reserved. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-05-07 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-05-07 UTC."],[],[],null,["# Google Opaque Payment Card specification\n\n[Return to API documentation](/pay/issuers/apis/push-provisioning/early-access/android/push-provisioning-objects)\n\n[Revision history](/pay/issuers/apis/push-provisioning/early-access/android/push-provisioning-google-opc-revision-history)\nGoogleOpaquePaymentCard\n- [JSON representation](#SCHEMA_REPRESENTATION)\n- [ProtocolHeader](#ProtocolHeader)\n - [JSON representation](#ProtocolHeader.SCHEMA_REPRESENTATION)\n- [ValidationContext](#ValidationContext)\n - [JSON representation](#ValidationContext.SCHEMA_REPRESENTATION)\n- [PaymentCard](#PaymentCard)\n - [JSON representation](#PaymentCard.SCHEMA_REPRESENTATION)\n\nOpaque (i.e., encrypted) payment card sent via client-side push provisioning. It is deliberately named to be similar to the Opaque Payment Card that is already passed through client-side push provisioning to Token Service Providers for the purpose of tokenization.\n\nHere's an example of a clear text JSON request: \n\n\n {\n \"protocolHeader\": {\n \"version\": 1\n },\n \"validationContext\": {\n \"serverSessionId\": \"GoogleSession123\"\n },\n \"paymentCard\": {\n \"accountNumber\": \"4321123412341234\",\n \"expiryMonth\": \"12\",\n \"expiryYear\": \"29\"\n }\n }\n\n\u003cbr /\u003e\n\n| **Important:** The signing and encryption of the Google OPC must be done **on your server** to avoid exposing your PGP keys. We also strongly recommend applying the Base64 encoding on your server, so that the encoding logic can be shared between your Android and Web integrations.\n\nThe underlying JSON representation of the\n\n`GoogleOpaquePaymentCard`\n\nis encrypted and signed in accordance with the OpenPGP specification defined in [RFC 4880](https://datatracker.ietf.org/doc/html/rfc4880), and then a non-URL-safe Base64 encoding is applied to the encrypted bytes, in accordance with [RFC 4648, section 4](https://datatracker.ietf.org/doc/html/rfc4648#section-4), with the encoded output being represented as a byte array.\n\nBelow is sample Java server code for generating a Google OPC, starting from a\n\n`String`\n\nthat contains the underlying JSON representation. Here, the [java.util.Base64](https://docs.oracle.com/javase/9/docs/api/java/util/Base64.html) class is used to accomplish the Base64 encoding.\n\n\u003cbr /\u003e\n\n\n String googleOpcJson =\n \"{\"\n + \" \\\"protocolHeader\\\": {\"\n + \" \\\"version\\\": 1\"\n + \" },\"\n + \" \\\"validationContext\\\": {\"\n + \" \\\"serverSessionId\\\": \\\"GoogleSession123\\\"\"\n + \" },\"\n + \" \\\"paymentCard\\\": {\"\n + \" \\\"accountNumber\\\": \\\"4321123412341234\\\",\"\n + \" \\\"expiryMonth\\\": \\\"12\\\",\"\n + \" \\\"expiryYear\\\": \\\"29\\\"\"\n + \" }\"\n + \"}\";\n byte[] googleOpcSignedAndEncryptedBytes =\n openPgpSignAndEncrypt(\n googleOpcJson, issuerPrivateSigningKey,\n googlePublicEncryptionKey);\n // This Base64 encoded byte array is the final representation of the\n // Google OPC that should be\n // returned to the Android or Web client.\n byte[] googleOpcBase64Bytes =\n Base64.https://docs.oracle.com/javase/9/docs/api/java/util/Base64.html#getEncoder--()\n .https://docs.oracle.com/javase/9/docs/api/java/util/Base64.Encoder.html#encode-byte:A-(googleOpcSignedAndEncryptedBytes);\n\n| JSON representation |\n|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| ``` { \"protocolHeader\": { object (/pay/client-side-push-provisioning-v1/google-client-side-push-provisioning-api/GoogleOpaquePaymentCard#ProtocolHeader) }, \"validationContext\": { object (/pay/client-side-push-provisioning-v1/google-client-side-push-provisioning-api/GoogleOpaquePaymentCard#ValidationContext) }, \"paymentCard\": { object (/pay/client-side-push-provisioning-v1/google-client-side-push-provisioning-api/GoogleOpaquePaymentCard#PaymentCard) } } ``` |\n\n| Fields ||\n|---------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| `protocolHeader` | `object (`[ProtocolHeader](/pay/client-side-push-provisioning-v1/google-client-side-push-provisioning-api/GoogleOpaquePaymentCard#ProtocolHeader)`)` **REQUIRED**: A header for this message. |\n| `validationContext` | `object (`[ValidationContext](/pay/client-side-push-provisioning-v1/google-client-side-push-provisioning-api/GoogleOpaquePaymentCard#ValidationContext)`)` **REQUIRED**: Context for the push that can be verified. |\n| `paymentCard` | `object (`[PaymentCard](/pay/client-side-push-provisioning-v1/google-client-side-push-provisioning-api/GoogleOpaquePaymentCard#PaymentCard)`)` **REQUIRED**: Payment card details. |\n\nProtocolHeader\n--------------\n\nHeader object that includes protocol layer fields.\n\n| JSON representation |\n|-------------------------------|\n| ``` { \"version\": string } ``` |\n\n| Fields ||\n|-----------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| `version` | `string (`[Int64Value](https://developers.google.com/discovery/v1/type-format)` format)` **REQUIRED**: The version of the JSON API spec used to construct this Google Opaque Payment Card object. The current version will be provided by Google and will change at Google's discretion, but generally only for major (i.e., breaking) changes. |\n\nValidationContext\n-----------------\n\nFields that allow Google to validate the push is valid in the given context, for example the expected destination. This information will be compared to other unsigned information for consistency.\n\n| JSON representation |\n|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| ``` { // Union field `intended_destination` can be only one of the following: \"serverSessionId\": string // End of list of possible types for union field `intended_destination`. } ``` |\n\n| Fields ||\n|-------------------|---------------------------------------------------------------------------------------------------------------------------------------------|\n| Union field `intended_destination`. **REQUIRED** : The intended \"destination\" of the push, for validation purposes. Only one destination should be supplied. `intended_destination` can be only one of the following: ||\n| `serverSessionId` | `string` A push provisioning session ID in the form of a UUID generated by a Google server. The destination user is implied by the session. |\n\nPaymentCard\n-----------\n\nDescription of a payment card account (i.e., credit card, debit card, charge card).\n\n| JSON representation |\n|----------------------------------------------------------------------------------|\n| ``` { \"accountNumber\": string, \"expiryMonth\": string, \"expiryYear\": string } ``` |\n\n| Fields ||\n|-----------------|--------------------------------------------------------------------|\n| `accountNumber` | `string` **REQUIRED**: The account number itself (i.e., the FPAN). |\n| `expiryMonth` | `string` **REQUIRED** : Expiration month, formatted `MM`. |\n| `expiryYear` | `string` **REQUIRED** : Expiration year, formatted `YY`. |"]]