Frequently asked questions

What are fare caps?

A fare cap is a practice in which users are charged for their rides over a period of time. The combined fares over multiple rides can't be more than if they had purchased the optimal period pass based on their usage. When the user rides and taps on the terminal that has a fare cap, the transit agency backend collects all taps and decides how much to charge dynamically at the end of the day. The aim is to give the user the best fare without the need to explicitly purchase any passes.

For example, suppose users can buy the following fares:

  • Single trip: $1
  • One day unlimited pass: $10
  • One week unlimited pass: $25

With fare caps in place, users always get the best fare possible. The following examples show the fares charged to the user in various circumstances:

  • One trip: $1
  • Three trips: $3
  • Thirteen trips in one day: $10
  • Thirty trips in one week: $25

Many transit agencies have implemented fare caps to discount users' fares on their behalf. To better communicate the results of these transactions to users, Google Wallet allows you to implement receipt rollups. For more details, see Rollups when fare capping.

How does Offline data authentication (ODA) work?
The Android-powered mobile device and the payment terminal use certificates to verify the authenticity of the card issuer and the card network. However, they can't verify whether the card account has an available balance or is under the account's limit. If a card gets declined later when the transaction is processed, then we recommend that you add the account to your denylist so that no further use is allowed.
How do I implement ODA?
Most large payment networks allow the use of ODA for transit purposes. ODA implementation specifications vary by payment network. We recommend that you work with the payment networks to understand their requirements for ODA and implement it by their specifications.
How is data handled on the mobile device?

Google Wallet uses keys and certificates from the payment network and issuing bank. This allows authentication with the payment terminal in offline mode.

The following table describes the keys and certification details used by the Android-powered device:

Secret Shared with terminal during tap

Card Private Key

Network Key ID

Card Certificate (and Public Key)

Issuer Certificate (and Public Key)

The card's private key remains on the device and is used to authenticate that the device is genuine.

Identifies which network the card belongs to.

Issuer-signed card certificate and public key for Google Wallet.

Each card has a certificate, and corresponding public key, that's signed by the issuer's private key, which is signed by the card network.

How does the mobile device communicate with the payment terminal?

The following diagram shows the specific sequence that allows the Android-powered device and the payment terminal to exchange data and authenticate each other.

Figure 1. Data exchanged between the user's device and the terminal.