Digital wallets
How digital wallets on PayMongo — the token flow, security model, and how they differ from e-wallets.
Overview
Digital wallets let customers pay using cards stored in a wallet app — typically on their phone or browser. Unlike Philippine e-wallets (GCash, Maya, GrabPay), which are standalone payment accounts, digital wallets are a layer on top of existing cards. The customer pays with a card from their wallet, but the actual card number is never exposed — only a cryptographic token.
Supported digital wallets
| Wallet | Guide |
|---|---|
| Google Pay | Google Pay |
Digital wallets vs e-wallets
| Digital wallets | E-wallets | |
|---|---|---|
| Examples | Google Pay | GCash, Maya, GrabPay, ShopeePay |
| Underlying payment | Credit or debit card | Standalone wallet balance |
| Token type | Network token (EMV) | Provider-specific |
| Customer flow | One-tap, in-browser or in-app | Redirect to provider app |
Security model
Digital wallet payments use network tokenization. The merchant's server receives an encrypted token — not a raw card number — which PayMongo decrypts and charges. This means:
- Raw card data never reaches your server
- Even if intercepted, the token is useless without PayMongo's decryption key
- Complies with EMVCo standards
See Best Practices for the full PCI DSS scope breakdown.
Updated about 4 hours ago