Developers using the Google Pay APIs and Google Wallet APIs, (collectively, the “APIs”), in apps, on the web, or through other interfaces must follow the requirements listed in this Acceptable Use Policy (“AUP”), in addition to the applicable API terms of service and Google Wallet API Terms of Service. This AUP covers illegal or inappropriate content, services, activities or products prohibited from using these APIs.
Google reserves the right to expand or edit these policies at any time. Google will also exercise its sole discretion in the interpretation and enforcement of these policies in conjunction with the applicable Terms of Service.
Google also reserves the right to take any corrective action it deems appropriate if it believes or suspects that any partner or transaction violates this AUP or is otherwise illegal or unsuitable, or to disable any transaction or partner account for any reason it deems prudent. Google may also report any illegal activity in accordance with applicable laws.
To use the APIs as a biller or partner, you must comply with our policies on prohibited products and services. These restrictions would apply regardless of whether the prohibited products or services form your entire inventory or only a part of it. Partners who engage or enable any products or services prohibited by applicable local laws are not allowed to use the APIs as billers or partners. A non-exhaustive list of prohibited products and services includes the following:
We do not allow the APIs to be used for pornography and other sexually explicit material. This includes but is not limited to: prostitution, escort or companionship services, or any product or service which promotes underage, non-consensual, or other illegal sexual themes.
We do not allow the APIs to be used for any transactions related to products, services or content that sexualizes minors or appeals to children but contains adult themes.
If we become aware of any transactions related to child sexual abuse imagery, Google will report such transactions to the appropriate authorities.
We do not allow the APIs to be used for transactions of illegal products or services, products produced in violation of a third party's rights, or counterfeit goods. Counterfeit goods contain a trademark or logo that is identical to or substantially indistinguishable from the trademark or logo of another. They mimic the brand features of the product in an attempt to pass themselves off as a genuine product of the brand owner.
We do not allow the illegal sale of products and services using Google Pay and Wallet (e.g., fake currency, tickets, smuggled goods, and goods in violation of export, import or labeling restrictions). Businesses are solely and completely responsible for verifying that all items sold by the business are authentic and legal in all applicable jurisdictions.
We do not allow the APIs to be used for the sale of unauthorized copyrighted material. Examples include: copies of books, music, movies, and other licensed or protected materials, including copies without proper attribution, and unauthorized copies of software, video games and other licensed or protected materials, including OEM or bundled software.
Businesses are solely and completely responsible for ensuring that they have any and all appropriate licenses or authorizations for the sale of copyrighted material.
We do not allow the use of the APIs for any transactions for the sale or purchase of products that may cause damage, harm, or injury (e.g., guns and other weapons, explosives, ammunition).
We do not allow the APIs to be used to sell products or services that are fraudulent, deceptive or designed to enable dishonest behavior. A non-exhaustive list of examples include:
We do not allow the APIs to be used for the provision of any financial products or services, unless the partner holds a relevant license from or is otherwise supervised by a competent national authority such as a financial sector regulatory agency or central bank.
In addition, we also prohibit the provision of the following products or services:
We do not allow the APIs to be used for any gambling services which are aimed or addressed to underage individuals or to individuals that are forbidden from gambling according to local laws.
We currently only allow the Google Pay API to be used for gambling in certain limited geographies and for restricted integration types.
We currently only allow the Google Wallet API to be used for gambling in certain limited geographies and for restricted integration types. Categories of non-monetary gambling-related passes which are allowed to use the Google Wallet API include:
Other gambling-related activities that propose to use the Google Wallet API, including any form of monetary-related transactions, may be subject to additional approval processes during onboarding.
We do not allow the APIs to be used for transactions or solicitation of donations to charities or organizations that are conducting unlawful or illegitimate fundraising activities.
We do not allow the APIs to be used for the provision of healthcare content and services, unless you hold a relevant license from or are otherwise supervised by a competent national authority, or the content and services are provided through individuals or organizations with such certifications.
In addition, we also prohibit the provision of the following products or services:
We do not allow the APIs to be used for any transactions of products and services that promote violence, or incite hatred against individuals or groups based on race or ethnic origin, religion, disability, age, nationality, veteran status, sexual orientation, gender, gender identity, or any other characteristic that is associated with systemic discrimination or marginalization.
We do not allow the APIs to be used for the transaction or sale of cigars, cigarettes, e-cigarettes, and other tobacco products. Vaping or e-liquid products for use in smoking devices are also prohibited, regardless of whether they contain nicotine or not.
We do not allow the APIs to be used for any transactions or provision of products and services by terrorist organizations, or to include any content related to terrorism, such as content that promotes terrorist acts, incites violence, or celebrates terrorist attacks.
You also may not use the APIs in any way that falsely suggests your use of the APIs is endorsed by or associated with Google, or that is likely to damage or reduce Google’s goodwill or reputation.
We do not allow the APIs to be used for processing sensitive data in Google Wallet without explicit permission from Google. Sensitive data covers the following categories:
Passes which process sensitive data (known as Private Passes) may be subject to additional privacy controls during onboarding.
We want to help Google Pay and Wallet developers create offers and share communications that are high quality, engaging, and relevant. Our content guidelines are designed to ensure that users have a safe and trusted experience with the Google Pay and Wallet APIs, covering the categories below:
For certain Passes, issuers can use the Google Wallet API to send a related pass to users who have saved an existing active pass from that issuer, or direct users to recommendations related to the pass. These additions must:
Issuers may issue Passes that show an image representing the user. Passes that contain such images must:
To aid pandemic response, eligible entities may use the Google Wallet API to provide their patients with convenient evidence of vaccination and/or test results (hereafter referred to as “COVID Cards”). Usage of the API for this purpose is subject to the Google Wallet API Terms of Service, all provisions of the Google Wallet API Acceptable Use Policy and the following additional requirements:
Usage of the Google Wallet API for COVID Cards is limited to entities in one or more of the below categories. Your API access request must be accompanied by signed documentation on official letterhead verifying that you represent or are endorsed by an eligible entity.
All entities intending to issue COVID cards must use the COVID Card vertical to do so. If an entity has already used the Google Wallet API for another purpose or vertical, they must still fulfill the below requirements and complete an API access request for the COVID Card vertical. We do not allow entities using the Google Wallet API for another vertical (e.g. loyalty passes, event tickets) to issue COVID cards without being approved for the COVID Card vertical.
For passes that include only uninterpreted vaccine or testing data, eligible entities are:
For passes that include interpreted data (e.g. to determine an individual’s eligibility for travel or entry into public spaces), eligibility is limited to official government agencies or entities that have received permission from an official government agency. Interpreted data types are indicated with an asterisk in the Privacy requirements section below.
Usage of the Google Wallet API for COVID Cards must comply with the following requirements:
Usage of the Google Wallet API for COVID Cards is limited to end users who are above the applicable legal age of consent. You must ensure that you only distribute the “Save to Phone” button to end users who are above the applicable legal age of consent.
Dec 9, 2024 - The Policy was updated with a new section titled “Images on Passes Policy” to outline how developer could use images on the APIs.
Feb 26, 2024 - The Policy was updated with a new section titled “Passes API Usage Offer and Communications Policy” to outline rules on offers and communications by developers using the Google Wallet API.
Aug 15, 2023 - The Policy was updated to highlight new restrictions on gambling services for the Google Pay & Google Wallet APIs. The Policy now explicitly prohibits any gambling services which are aimed or addressed to underage individuals or to individuals that are forbidden from gambling according to local laws. In addition, the Policy outlines categories of non-monetary gambling-related passes which are allowed to use the Google Wallet API.