Google Wallet is designed to provide the flexibility required for an open platform while protecting cardholders and Issuers.
- Google only leverages user data for the purpose of facilitating issuance between the user and Issuer, and does not retain encrypted evidence data or encrypted identity credentials after an application is completed
- Presentment happens only between users and relying parties
- Users have transparency and control over whom they share data with, and what data they share
- Presentment details (when, where, to whom) are never shared with Issuers or Google
- Credentials are securely stored on the device only
- Credentials are only usable from the original provisioning device
- Credentials can be removed remotely in the event a user loses control of their device
- Credentials are automatically removed if a user disables device lock
Encryption
Sensitive data is encrypted between the user's device and the Issuer. Google's servers never access this sensitive data. Unencrypted identity credentials and identity evidence do not appear in the Google Wallet Identity APIs. Other actions, such as credential updates, and status updates to a credential are also encrypted between the Issuer and the user's device.
For more information on encryption, see End-to-end Encryption.