I am going through Google Android pay page: https://developers.google.com/android-pay/integration/payment-token-cryptography . I have a question:
is there a difference between the public key we generated (e.g. from openSSL) and then submitted to Google in MaskedWalletRequest and the so-called "ephemeral public key" in the payment method token response?
Are they exactly same Base64 string? If not, what is the difference?
Thanks!
The public key your app provides to the Android Pay API is the public key you've generated, and are passing to Android Pay API for it to encrypt the payment credential bundle. https://developers.google.com/android-pay/integration/payment-token-cryptography#setting-a-public-key
The ephemeral public key is returned from the Android Pay API along with the encrypted message, and is generated as part of the encryption process. You will use the ephemeral public key to decrypt the encrypted message. For more information on Eliptic Curve, please see https://en.wikipedia.org/wiki/Elliptic_curve_Diffie%E2%80%93Hellman