> For the complete documentation index, see [llms.txt](https://docs.payments.thalescloud.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.payments.thalescloud.io/push-provisioning/get-started/push-provisioning-overview/quick-start-guide/google-pay.md). # Google Pay ### Phase 1: Google Onboarding {% stepper %} {% step %} ### Issuer agreement Issuers are required to have a signed *Google Pay CTA Agreement* in order to request access to the Push Provisioning API. {% endstep %} {% step %} ### Access Google documentation Use a Google Account associated with a corporate email address to access the Google's [Android Push Provisioning API documentation](/push-provisioning/integrate-the-d1-sdk/getting-started/configuration/2.-onboarding/onboard-push-provisioning-for-wallets.md). {% endstep %} {% step %} ### UX / branding review [UX/branding Review](https://developers.google.com/pay/issuers/apis/push-provisioning/android/launch-process?pli=1\&authuser=1): Google requires issuers to adhere to [best practices](https://developers.google.com/pay/issuers/apis/push-provisioning/android/best-practices) and [branding guidelines](https://developers.google.com/pay/issuers/apis/push-provisioning/android/branding-guidelines). The application UX needs to be submitted to Google for review. {% endstep %} {% step %} ### Request API access [Request access to Google's Push Provisioning API](/push-provisioning/integrate-the-d1-sdk/getting-started/configuration/2.-onboarding/onboard-push-provisioning-for-wallets.md) by submitting a form with issuer app's package name and fingerprint(s) for particular environments (Sandbox, Production). {% endstep %} {% step %} ### TSP configuration Configure necessary [settings on the TSP system](/push-provisioning/integrate-the-d1-sdk/getting-started/configuration/2.-onboarding/onboard-push-provisioning-for-wallets.md) according to Google Pay's requirements, paying close attention to especially the application package name. {% endstep %} {% endstepper %} ### Phase 2: Thales D1 Backend Integration {% stepper %} {% step %} ### Onboarding Form **Onboarding Form**: The Thales integrator provides the Thales D1 Onboarding Form to gather all necessary configuration parameters to connect to D1, including Connectivity, Keys, D1 Services Configuration, and Card Products. {% hint style="info" %} The issuers are required to open a project with TSP(s) (Visa/Mastercard) for their push provisioning integration projects. This activity is recommended to be initiated in parallel to the onboarding with Thales. {% endhint %} {% endstep %} {% step %} ### Connectivity [**Connectivity**](/push-provisioning/integrate-the-d1-api/set-up-tls-mutual-authentication.md): The APIs exposed by D1 require TLS mutual authentication for all API calls, necessitating explicit setup for both pre-production and production environments with a client certificate signed by Thales CA. {% endstep %} {% step %} ### Backend authorisation [**Backend authorisation**](/push-provisioning/integrate-the-d1-api/get-oauth-2.0-access-token.md): Incoming D1 APIs are secured by OAuth JWT Bearer Credentials Flow, where your backend sends a signed JWT to obtain a D1 access token for accessing D1 APIs. {% endstep %} {% step %} ### Data encryption [**Data encryption**](/push-provisioning/integrate-the-d1-api/encrypt-sensitive-data.md): Sensitive information exchanged with the D1 backend must be encrypted using the standard JWE format with specific algorithms and the recipient's EC public key. {% endstep %} {% step %} ### Consumer and Card Registration via API [**Consumer**](/push-provisioning/get-started/manage-end-users.md) **and** [**Card**](/push-provisioning/get-started/manage-cards.md) **Registration via API**: As a prerequisite for most D1 services, you must register end users, accounts, and cards in D1 via backend-to-backend APIs using unique identifiers. {% endstep %} {% step %} ### Batch Registration [**Batch Registration**](/push-provisioning/register-cards-via-batch-file/batch-file-overview.md): D1 offers a service to execute certain operations (such as consumer & card registration) in batch mode using batch files uploaded via SFTP. {% endstep %} {% endstepper %} ### Phase 3: Thales D1 SDK Integration {% stepper %} {% step %} ### Binary Integration [**Binary Integration**](/push-provisioning/integrate-the-d1-sdk/getting-started/configuration/1.-binary-integration/android.md): The issuer must integrate the D1 SDK binary into its application project. {% endstep %} {% step %} ### SDK Initialisation [**SDK Initialisation**](/push-provisioning/integrate-the-d1-sdk/getting-started/configuration/3.-initialization/android-initialization.md): The issuer app must initialize the D1 SDK before it could call its APIs. {% endstep %} {% step %} ### User Authentication [**User Authentication**](/push-provisioning/integrate-the-d1-sdk/getting-started/configuration/5.-authentication/sdk-login.md): The issuer application must provide a proof of the end user authentication before it could consume D1 services. {% endstep %} {% step %} ### Check Card State in Google Pay Wallet [**Check Card State in Google Pay Wallet**](/push-provisioning/implement-push-provisioning/implement-push-to-digital-wallets/get-the-card-digitization-state.md): The issuer app must check the card's digitization state in the Google Pay wallet using the `D1PushWallet.getCardDigitizationState()` API to determine the next action. {% endstep %} {% step %} ### Pushing Card to Google Pay Wallet [**Pushing Card to Google Pay Wallet**](/push-provisioning/implement-push-provisioning/implement-push-to-digital-wallets/push-to-the-digital-wallet.md): When the user taps "Add to Google Pay", invoke the `D1PushWallet.addDigitalCardToOEM()` API to tokenize the card, ensuring the onActivityResult method is overridden to pass the result back to the SDK. {% endstep %} {% endstepper %} ### Phase 4: Testing & Troubleshooting {% stepper %} {% step %} ### Google Pay sandbox testing The issuer is required to test their integration using first [Google Pay sandbox mode](/push-provisioning/integrate-the-d1-sdk/getting-started/enviroments/push-provisioning-sandbox-testing.md). {% endstep %} {% step %} ### Error handling and reporting If issuers face [errors](/push-provisioning/integrate-the-d1-sdk/troubleshooting/d1-sdk-error-management.md) in their tests they are required to first consult [common errors](/push-provisioning/integrate-the-d1-sdk/troubleshooting/push-provisioning-troubleshooting/android.md) before [reporting the problem to Thales](/push-provisioning/integrate-the-d1-sdk/troubleshooting/report-issues.md). {% endstep %} {% step %} ### Production testing Once issuers complete testing on Sandbox they should move to production environment and test there as well. {% endstep %} {% endstepper %} ### Phase 5: Certification & Launch {% stepper %} {% step %} ### Self-certification & app review [Google Pay launch process](/push-provisioning/integrate-the-d1-sdk/getting-started/configuration/2.-onboarding/onboard-push-provisioning-for-wallets.md) requires the issuers to pass a [self-certification](https://developers.google.com/pay/issuers/apis/push-provisioning/android/test-cases?authuser=1) of their application and submit video recordings of the tests to Google for an [app review](https://developers.google.com/pay/issuers/apis/push-provisioning/android/launch-process?pli=1\&authuser=1#step_3_app_review). {% endstep %} {% step %} ### Field testing Next, Google requires issuers to run a [field testing](https://developers.google.com/pay/issuers/apis/push-provisioning/android/launch-process?pli=1\&authuser=1#step_4_field_testing) of their app which must meet the exit criteria before the issuers could proceed with the final step. {% endstep %} {% step %} ### Request launch approval After meeting the exit criteria the issuers could request [Google Pay team's launch approval](https://developers.google.com/pay/issuers/apis/push-provisioning/android/launch-process?pli=1\&authuser=1#request_launch_approval) and when that is received the issuers could release the application publicly. {% endstep %} {% endstepper %} --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.payments.thalescloud.io/push-provisioning/get-started/push-provisioning-overview/quick-start-guide/google-pay.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.