Except you lose your rewards points because your bank isn't involved, it uses a virtual MasterCard credit card.
That's only at the merchant side. The virtual card still ultimately charges a real card, for which we get reward points for the amount.
Some card banks do not get the merchant name, though, which means we might miss out on any extra merchant specific rewards.
OTOH, sometimes that can help, as it can avoid carve-outs where certain merchants do not get awards. E.g. Citibank does not usually give awards for purchases at Walmart / Target, but with Google Wallet being the proxy merchant, they would not know to hold the award back.
The two systems are not equivalent in security. Would you want your full card information stored on a Google server?
There's no magic involved. Our real card info is stored in a token vault somewhere in both cases, whether it's run by Google or the CC bank.
Since neither the banks nor Google have been hacked, it's not a worry to me. Heck, they're probably both using a third party token service... maybe even the same one... such as First Data.
If I was to worry about something, it'd be that Mint and Paypal have far more important account info stored away!