Google Wallet
Overview
Google Wallet now supports adding government-issued digital IDs in select regions, enabling users to present an official ID from their phone for identity verification in a secure and convenient way
- ID:
google-wallet - Type: eID (app)
- Verification Type: Presentation
- Regions: North America, United States
- Countries: AS, BR, GU, MP, SG, TW, US, VI
- Subdivisions: US-AR, US-AZ, US-CA, US-CO, US-GA, US-IA, US-MD, US-MT, US-ND, US-NM, US-PR
- Adoption: 500,000
- URL: https://developers.google.com/wallet/identity
Integration with Trinsic
- Permission required: Yes, this method requires an entitlement from Google in order to start performing verifications from the wallet.
- Cost: Contact the Trinsic team
User Flow
To see an example: watch this video.
The Google Wallet verification flow works on mobile and desktop. On desktop, users are presented a QR code which they scan in order to open the Google Wallet application. On mobile, the user clicks a button which deep-links them to their Google Wallet application. In both cases, the user is taken to their mobile app where they complete a biometric authentication and consent to share the requested data.
Obtaining a Test Credential
In order to complete a Google Wallet verification in test mode, you must first obtain a test credential. Currently, it is not possible to obtain a test mDL credential; however, a test ID Pass credential is available.
ID Passes are fully compliant with 18013-5 and function the same as mDLs. Google Wallet can store both mDLs and ID Passes; Trinsic supports both document types with a single integration.
Google Wallet only accepts credentials issued by trusted authorities. Creating a test ID pass lets you develop against the API without a real government‑issued ID and without real ID data.
Prerequisites
To create a test ID pass you will need two Android devices: a Holder and an Issuer.
| Role | Requirements | Purpose |
|---|---|---|
| Holder Device (test ID pass) | Install or update Google Wallet from the Play Store and ensure Google Play services v24.38.xx or higher is installed. The device must not be rooted or running a debug build. Switch Wallet to sandbox mode. Note: This Android device must be signed into a Gmail account (@gmail.com) to provision the ID pass. Google accounts on other domains will not be allowlisted. | Holds the test ID pass credential in Google Wallet. |
| Issuer Device (simulated passport) | Install the Utopia ePassport Simulator app. After installation, open the app and create a new passport entry—its Machine Readable Zone (MRZ) data will be scanned later. | Acts as the ePassport during setup, issuing an ID Pass credential to the Holder Device. |
Step 1: Prepare Holder Device
In order to hold and share test credentials, you must configure the Holder Device to use Google Wallet’s Sandbox Environment.
Request Access
The Google account to which your Holder Device is signed in (and which must end in @gmail.com) must first be allowlisted by Google in order to access the Google Wallet Sandbox.
Fill out Google’s Google Pay Sandbox Access Request form to request access.
Note: You will not receive an email or other notification when you have been approved. To know if you have been allowlisted, check if the ability to swap to the sandbox environment (see below) is present on your Holder Device.
Enable the Sandbox Environment
Once approved, you must configure the Holder Device to use the sandbox environment.
Follow Google’s documentation to do this.
To verify that your device is in sandbox mode, open Google Wallet, tap your profile picture → Wallet settings, and look for a SANDBOX message at the bottom.
Step 2: Prepare Issuer Device
Installing a downloaded
.apkfileThe Utopia ePassport Simulator app is provided by Google in the form of a
.apkfile; it is not available on the Play Store.To install the
.apkfile on your Issuer Device, try downloading it on the device and opening it. This is all you need in most cases.If that doesn’t work, you may need to use the debug tool
adbto install the app. See here for instructions.
On the Issuer Device, download the Utopia ePassport Simulator app, and create a new test credential within it.
Once you’ve created the credential, you’re ready to issue it into the Holder Device.
Step 3: Issue credential to Holder Device
Google’s official documentation for this process is found at this link. You can also follow the following instructions:
- On the Holder Device, open Google Wallet and tap Add to Wallet.
- Choose ID → ID pass.
- When Google Wallet prompts for MRZ scan, do the following with the Issuer Device:
- From the Utopia app, tap the entry for the new simulated passport you created.
- Place Issuer Device (with the MRZ screen open) on the back of Holder Device during the NFC scan.
- Provide any additional biometric or selfie verification required by Google Wallet.
- After completion, the ID Pass appears in your Google Wallet.
Step 4: Launch Google Wallet Test mode from Trinsic Dashboard
- Within the Trinsic dashboard, switch to the Test Environment.
- Navigate to the Verification Profiles page.
- Click on one of your test mode Verification profiles, or create a new Verification Profile
- Add Google Wallet to the Verification Profile if not already added
- Make sure Google Wallet is enabled.
- Click the 3-dot icon on the Google Wallet provider in the Verification Profile Providers list, then click Enable.
-

- Launch a Google Wallet verification
- Click the 3-dot icon on the Google Wallet provider in the Verification Profile Providers list, then click Launch Verification
- Complete the flow using the Holder Device.
Going live
After you’ve tested your integration with a test ID pass, you must request production access for each relying party using the service (usually this means you’ll need a separate approval per Live Verification Profile). As a duly authorized aggregator of Google Wallet, Trinsic will facilitate the approval process for you. Reach out to your representative for next steps.
Direct API Requirements
Direct API is not a requirement.You can integrate with this provider using the Hosted UI instead, with no additional integration requirements on your end.
What your integration must support in order to use this provider with the Direct Provider Sessions API.
- Supports Direct Provider Sessions: ✅
- Launch Method:
PerformNativeChallenge— A native API must be invoked on the user's device with a challenge object, returning a response which must be passed back to Trinsic. - Collection Method:
SubmitNativeChallengeResponse— Submit the device's native challenge response back to Trinsic via the Submit Native Challenge Response API.
Additional requirements for Direct mode
Using Google Wallet in Direct mode involves a few extra steps compared to Widget or Hosted UI:
- **Domain name configuration: **Trinsic must know your domain name ahead of time in order to configure your Verification Profile. Additionally, Google will soon require a certificate linked to that domain name to be registered with Google Wallet.
- **Google domain approval: **Your domain name must be explicitly approved by Google before verifications can be performed, including test verifications. Reach out to your Trinsic early in the process to account for this lead time.
Outputs
Normalized AttributesThese attributes form part of our normalized model, a standardized set used across providers. Trinsic normalizes this for you and lets you know when a property is available for each provider.
| Field | Availability | Notes |
|---|---|---|
person.givenName | Always | - |
person.familyName | Always | - |
person.dateOfBirth | Always | - |
person.nationality | Sometimes | If available |
person.sex | Sometimes | If available |
person.address.line1 | Sometimes | If address is available |
person.address.city | Sometimes | If address is available |
person.address.subdivision | Sometimes | If address is available |
person.address.postalCode | Sometimes | If address is available |
person.address.country | Sometimes | If address is available |
document.type | Always | - |
document.number | Always | - |
document.issueDate | Always | - |
document.expirationDate | Always | - |
document.issuingCountry | Always | - |
document.issuingSubdivision | Sometimes | If available |
document.issuingAuthority | Always | - |
attachments.documentPortrait | Always | - |
| Field | Optional | Description | Example Values |
|---|---|---|---|
mobileDriversLicense.standard.givenName | Yes | First name(s), other name(s), or secondary identifier of the individual. | JOHN |
mobileDriversLicense.standard.givenNameNationalCharacter | Yes | The given name of the individual using the full UTF-8 character set. | JOHN |
mobileDriversLicense.standard.familyName | Yes | Last name, surname, or primary identifier of the individual. | DOE |
mobileDriversLicense.standard.familyNameNationalCharacter | Yes | The family name of the individual using the full UTF-8 character set. | DOE |
mobileDriversLicense.standard.dateOfBirth | Yes | The date of birth of the individual. | 1990-01-31 |
mobileDriversLicense.standard.issueDate | Yes | The date when the mDL was issued. This date marks the beginning of the Administrative Validity Period of the mDL, which is usually (but not necessarily always) the same as the issue date of the underlying physical document used to create the mDL, if one exists. | 2020-01-31 |
mobileDriversLicense.standard.expiryDate | Yes | The date when the mDL expires. This date marks the end of the Administrative Validity Period of the mDL, which is usually (but not necessarily always) the same as the expiration date of the underlying physical document used to create the mDL, if one exists. | 2030-01-31 |
mobileDriversLicense.standard.issuingCountry | Yes | Alpha-2 country code of the issuing authority's country or territory. | US |
mobileDriversLicense.standard.issuingAuthority | Yes | Name or identifier of the mDL issuing authority. This field's contents are arbitrary; it has no guaranteed format. | CA,USA |
mobileDriversLicense.standard.issuingJurisdiction | Yes | ISO 3166-2 country-subdivision code for the jurisdiction that issued the mDL. | US-CA |
mobileDriversLicense.standard.nationality | Yes | Nationality of the individual as an ISO 3166-1 alpha-2 country code. | US |
mobileDriversLicense.standard.documentNumber | Yes | The document number assigned to the mDL. This is typically the same as the document number of the underlying physical document used to create the mDL, if one exists. | D1234567 |
mobileDriversLicense.standard.drivingPrivileges | Yes | Driving privileges of the individual, parsed per ISO 18013-5. | [{'{'} "vehicleCategoryCode": "C", "issueDate": "2020-01-31", "expiryDate": "2030-01-31" {'}'}] |
mobileDriversLicense.standard.unDistinguishingSign | Yes | The UN Distinguishing sign of the issuing country according to ISO/IEC 18013-1. | USA |
mobileDriversLicense.standard.administrativeNumber | Yes | Audit control number assigned by the issuing authority. The meaning and semantics of this field are defined by the issuing authority in question. | 123456789 |
mobileDriversLicense.standard.sex | Yes | The individual's sex as an ISO/IEC 5218 code. Possible values: - 0: Unknown - 1: Male - 2: Female - 9: Not Applicable | 1 |
mobileDriversLicense.standard.heightCentimeters | Yes | The individual's height in centimeters. | 180 |
mobileDriversLicense.standard.weightKilograms | Yes | The individual's weight in kilograms. | 75 |
mobileDriversLicense.standard.eyeColor | Yes | The individual's eye color. Possible values: - "black" - "blue" - "brown" - "dichromatic" - "grey" - "green" - "hazel" - "maroon" - "pink" - "unknown" | brown |
mobileDriversLicense.standard.hairColor | Yes | The individual's hair color. Possible values: - "bald" - "black" - "blond" - "brown" - "grey" - "red" - "auburn" - "sandy" - "white" - "unknown" | black |
mobileDriversLicense.standard.birthPlace | Yes | Country and municipality or state/province where the individual was born. | SACRAMENTO, CA |
mobileDriversLicense.standard.residentAddress | Yes | Address where the individual resides. The exact format of this field is variable and depends on the issuer. It may map exactly to a "Line1", or it may include city, state, and/or zip code as well. | 123 MAIN ST |
mobileDriversLicense.standard.residentCity | Yes | City where the individual resides. | SACRAMENTO |
mobileDriversLicense.standard.residentState | Yes | State, province, or district where the individual resides. | CA |
mobileDriversLicense.standard.residentPostalCode | Yes | Postal code where the individual resides. | 95814 |
mobileDriversLicense.standard.residentCountry | Yes | Country where the individual resides as an ISO 3166-1 alpha-2 country code. | US |
mobileDriversLicense.standard.portraitCaptureDate | Yes | Date and time when the portrait image was captured. | 2020-01-31T12:34:56Z |
mobileDriversLicense.standard.ageInYears | Yes | Age of the individual in years. | 35 |
mobileDriversLicense.standard.ageBirthYear | Yes | Year of birth of the individual. | 1990 |
mobileDriversLicense.standard.ageOver | Yes | Processed age-over claims returned by the mDL. | [{'{'} "age": 18, "isOver": true {'}'}, {'{'} "age": 21, "isOver": true {'}'}] |
mobileDriversLicense.standard.biometricTemplateFace.templates | Yes | Individual biometric templates contained in this group. | [] |
mobileDriversLicense.standard.biometricTemplateVoice.templates | Yes | Individual biometric templates contained in this group. | [] |
mobileDriversLicense.standard.biometricTemplateFinger.templates | Yes | Individual biometric templates contained in this group. | [] |
mobileDriversLicense.standard.biometricTemplateIris.templates | Yes | Individual biometric templates contained in this group. | [] |
mobileDriversLicense.standard.biometricTemplateRetina.templates | Yes | Individual biometric templates contained in this group. | [] |
mobileDriversLicense.aamva.domesticDrivingPrivileges | Yes | Domestic categories of vehicles, restrictions, and conditions, parsed per AAMVA Section 7.2.4. | [{'{'} "vehicleClass": {'{'} "code": "C", "description": "Passenger Vehicles" {'}'} {'}'}] |
mobileDriversLicense.aamva.nameSuffix | Yes | Name suffix of the individual that has been issued the credential. | JR |
mobileDriversLicense.aamva.organDonor | Yes | Whether the individual is an organ donor. | true |
mobileDriversLicense.aamva.veteran | Yes | Whether the individual is a veteran. | true |
mobileDriversLicense.aamva.familyNameTruncation | Yes | Indicates whether the family name has been truncated. Possible values: - 'T': Truncated - 'N': Not truncated - 'U': Unknown whether truncated | N |
mobileDriversLicense.aamva.givenNameTruncation | Yes | Indicates whether the given name has been truncated. Possible values: - 'T': Truncated - 'N': Not truncated - 'U': Unknown whether truncated | N |
mobileDriversLicense.aamva.akaFamilyNameV2 | Yes | Other family name by which the individual is known. | SMITH |
mobileDriversLicense.aamva.akaGivenNameV2 | Yes | Other given name by which the individual is known. | JOHN |
mobileDriversLicense.aamva.akaSuffix | Yes | Other suffix by which the individual is known. | JR |
mobileDriversLicense.aamva.weightRange.minKilograms | Yes | Minimum weight in the range, in kilograms. | 71 |
mobileDriversLicense.aamva.weightRange.maxKilograms | Yes | Maximum weight in the range, in kilograms. If null, the maximum weight has no limit. | 86 |
mobileDriversLicense.aamva.raceEthnicity | Yes | AAMVA D20 race or ethnicity code of the individual. | U |
mobileDriversLicense.aamva.sex | Yes | The sex of the individual as an AAMVA-defined sex code. This is distinct from an ISO/IEC 5218 sex code in two ways: there is no "Unknown" value, and "Not Applicable" is replaced with "Not Specified". Possible values: - 1: Male - 2: Female - 9: Not Specified | 1 |
mobileDriversLicense.aamva.firstName | Yes | First name of the individual. | JOHN |
mobileDriversLicense.aamva.middleNames | Yes | Middle name or names of the individual. | ALBERT |
mobileDriversLicense.aamva.firstNameTruncation | Yes | Whether the first name has been truncated. | N |
mobileDriversLicense.aamva.middleNamesTruncation | Yes | Whether the middle name has been truncated. | N |
mobileDriversLicense.aamva.edlCredential | Yes | Deprecated AAMVA EDL (Enhanced Driver's License) credential indicator. If present, indicates the type of the EDL credential. Possible values: 1: Driver's License 2: Identification Card | 1 |
mobileDriversLicense.aamva.edlCredentialV2 | Yes | Whether the credential is an Enhanced Driver's License (EDL). | true |
mobileDriversLicense.aamva.dhsCompliance | Yes | Whether the credential is REAL ID compliant. true for fully compliant ("F"),false for non-compliant ("N"), null when not present. | true |
mobileDriversLicense.aamva.residentCounty | Yes | Deprecated county code for the county where the individual lives. | 067 |
mobileDriversLicense.aamva.residentCountyV2 | Yes | County code for the county where the individual lives. | 067 |
mobileDriversLicense.aamva.hazmatEndorsementExpirationDate | Yes | Date on which the hazardous material endorsement expires. | 2030-01-31 |
mobileDriversLicense.aamva.cdlIndicator | Yes | Whether the credential is a Commercial Driver's License (CDL) per FMCSA. | true |
mobileDriversLicense.aamva.cdlNonDomiciled | Yes | Deprecated. Whether the CDL holder is non-domiciled in the issuing jurisdiction. | true |
mobileDriversLicense.aamva.cdlNonDomiciledV2 | Yes | Whether the CDL holder is non-domiciled in the issuing jurisdiction. | true |
mobileDriversLicense.aamva.dhsComplianceText | Yes | Text agreed on between the issuing authority and DHS for non-compliant credentials. | Federal Limits Apply |
mobileDriversLicense.aamva.dhsTemporaryLawfulStatus | Yes | Whether the individual has DHS temporary lawful status. | true |
idPass.givenName | Yes | First name(s), other name(s), or secondary identifier of the individual. | JOHN |
idPass.familyName | Yes | Last name, surname, or primary identifier of the individual. | DOE |
idPass.dateOfBirth | Yes | The date of birth of the individual. | 1990-01-31 |
idPass.issueDate | Yes | The date when the ID Pass was issued. This is not the same as the issue date of the underlying physical passport used to create the ID Pass. | 2020-01-31 |
idPass.expiryDate | Yes | The date when the ID Pass expires. This is not necessarily the same as the expiration date of the underlying physical passport used to create the ID Pass. | 2030-01-31 |
idPass.issuingCountry | Yes | Alpha-2 country code of the issuing authority's country or territory. | US |
idPass.issuingAuthority | Yes | Name or identifier of the mDL issuing authority. This field's contents are arbitrary; it has no guaranteed format. | US Department of State |
idPass.nationality | Yes | Nationality of the individual as an ISO 3166-1 alpha-2 country code. | US |
idPass.documentNumber | Yes | The number of the underlying passport used to create the ID Pass. | P1234567 |
idPass.sex | Yes | The individual's sex as an ISO/IEC 5218 code. Possible values: - 0: Unknown - 1: Male - 2: Female - 9: Not Applicable | 1 |
idPass.ageOver | Yes | Processed age-over claims returned by the ID Pass. | [{'{'} "age": 18, "isOver": true {'}'}, {'{'} "age": 21, "isOver": true {'}'}] |
idPass.issueDateOfUnderlyingDocument | Yes | Date when the underlying passport backing this digital credential was originally issued. | 2018-06-15 |
rawMdlOutput.iacaRootCertificate.serialNumber | Yes | The serial number of the certificate | 535868140170056787981774412188464491855209169584 |
rawMdlOutput.iacaRootCertificate.commonName | Yes | The common name (CN) of the certificate | California DMV IACA Root |
rawMdlOutput.iacaRootCertificate.stateOrProvinceName | Yes | The stateOrProvinceName field from the signing certificate. Per the ISO 18013-5 (mDL) spec, this is an ISO 3166-2:2020 country subdivision code (e.g., "US-CA" for California, USA). May be an empty string for certificates which are not state-specific (e.g., Google Wallet's ID Pass certificates). | US-CA |
rawMdlOutput.iacaRootCertificate.notBefore | Yes | The date before which this certificate is not valid. | 2023-03-01T17:17:39.000Z |
rawMdlOutput.iacaRootCertificate.notAfter | Yes | The date after which this certificate is not valid. | 2033-01-07T17:17:39.000Z |
rawMdlOutput.documentSignerCertificate.serialNumber | Yes | The serial number of the certificate | 306801082360131207284784033026769989720690200468 |
rawMdlOutput.documentSignerCertificate.commonName | Yes | The common name (CN) of the certificate | California DMV IACA mdoc Signer |
rawMdlOutput.documentSignerCertificate.stateOrProvinceName | Yes | The stateOrProvinceName field from the signing certificate. Per the ISO 18013-5 (mDL) spec, this is an ISO 3166-2:2020 country subdivision code (e.g., "US-CA" for California, USA). May be an empty string for certificates which are not state-specific (e.g., Google Wallet's ID Pass certificates). | US-CA |
rawMdlOutput.documentSignerCertificate.notBefore | Yes | The date before which this certificate is not valid. | 2025-01-13T17:26:32.000Z |
rawMdlOutput.documentSignerCertificate.notAfter | Yes | The date after which this certificate is not valid. | 2026-04-13T17:26:32.000Z |
rawMdlOutput.documentType | Yes | The document type of the mDoc presented by the individual. Common values: - "org.iso.18013.5.1.mDL" for ISO 18013-5 mDLs - "com.google.wallet.idcard.1" for Google Wallet ID Cards | org.iso.18013.5.1.mDL |
rawMdlOutput.nameSpaces | Yes | The namespaces, and fields within those namespaces, which were present in the processed mDL. | {'{'}<br /> "org.iso.18013.5.1": {'{'}<br /> "family_name": {'{'}<br /> "type": "String",<br /> "value": "DOE"<br /> {'}'},<br /> "given_name": {'{'}<br /> "type": "String",<br /> "value": "JOHN"<br /> {'}'},<br /> "birth_date": {'{'}<br /> "type": "String",<br /> "value": "2000-03-27"<br /> {'}'},<br /> "age_over_21": {'{'}<br /> "type": "Boolean",<br /> "value": "true"<br /> {'}'}<br /> {'}'}<br />{'}'} |
Updated 12 days ago
