diff --git a/pom.xml b/pom.xml
index 34ebcb4612fd90090094fe89baa183e9d0443617..83def8ea53003a25e9175ddd4763d877e1bb6bc6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -240,6 +240,11 @@
 			<artifactId>pac4j-oauth</artifactId>
 			<version>3.5.0</version>
 		</dependency>
+		<dependency>
+			<groupId>org.pac4j</groupId>
+			<artifactId>pac4j-oidc</artifactId>
+			<version>3.5.0</version>
+		</dependency>
 		<dependency>
 			<groupId>com.corundumstudio.socketio</groupId>
 			<artifactId>netty-socketio</artifactId>
diff --git a/src/main/java/de/thm/arsnova/config/SecurityConfig.java b/src/main/java/de/thm/arsnova/config/SecurityConfig.java
index f551a72195bfd5d189cf7beb5d663c4878d95dc9..b040e5efc64ac4872c7229aa850797c0c27ee00b 100644
--- a/src/main/java/de/thm/arsnova/config/SecurityConfig.java
+++ b/src/main/java/de/thm/arsnova/config/SecurityConfig.java
@@ -28,8 +28,9 @@ import org.jasig.cas.client.validation.Cas20ProxyTicketValidator;
 import org.pac4j.core.client.Client;
 import org.pac4j.core.config.Config;
 import org.pac4j.oauth.client.FacebookClient;
-import org.pac4j.oauth.client.Google2Client;
 import org.pac4j.oauth.client.TwitterClient;
+import org.pac4j.oidc.client.GoogleOidcClient;
+import org.pac4j.oidc.config.OidcConfiguration;
 import org.pac4j.springframework.security.web.CallbackFilter;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -405,9 +406,13 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 	}
 
 	@Bean
-	public Google2Client googleClient() {
-		final Google2Client client = new Google2Client(googleKey, googleSecret);
-		client.setCallbackUrl(rootUrl + apiPath + OAUTH_CALLBACK_PATH_SUFFIX + "?client_name=Google2Client");
+	public GoogleOidcClient googleClient() {
+		OidcConfiguration config = new OidcConfiguration();
+		config.setClientId(googleKey);
+		config.setSecret(googleSecret);
+		config.setScope("openid email");
+		final GoogleOidcClient client = new GoogleOidcClient(config);
+		client.setCallbackUrl(rootUrl + apiPath + OAUTH_CALLBACK_PATH_SUFFIX + "?client_name=GoogleOidcClient");
 
 		return client;
 	}
diff --git a/src/main/java/de/thm/arsnova/controller/LoginController.java b/src/main/java/de/thm/arsnova/controller/LoginController.java
index 3d8d84332ae1dc19d27b586e10a35c1727a9744d..a2c4f09027a68e7060bd052b23a0180dfbbdb99a 100644
--- a/src/main/java/de/thm/arsnova/controller/LoginController.java
+++ b/src/main/java/de/thm/arsnova/controller/LoginController.java
@@ -18,16 +18,14 @@
 package de.thm.arsnova.controller;
 
 import de.thm.arsnova.entities.ServiceDescription;
-import de.thm.arsnova.entities.Session;
 import de.thm.arsnova.entities.User;
-import de.thm.arsnova.exceptions.UnauthorizedException;
 import de.thm.arsnova.services.IUserService;
 import de.thm.arsnova.services.UserSessionService;
 import org.pac4j.core.context.J2EContext;
 import org.pac4j.core.exception.HttpAction;
 import org.pac4j.oauth.client.FacebookClient;
-import org.pac4j.oauth.client.Google2Client;
 import org.pac4j.oauth.client.TwitterClient;
+import org.pac4j.oidc.client.GoogleOidcClient;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -130,7 +128,7 @@ public class LoginController extends AbstractController {
 	private TwitterClient twitterClient;
 
 	@Autowired(required = false)
-	private Google2Client google2Client;
+	private GoogleOidcClient googleOidcClient;
 
 	@Autowired(required = false)
 	private FacebookClient facebookClient;
@@ -287,9 +285,8 @@ public class LoginController extends AbstractController {
 			result = new RedirectView(
 					facebookClient.getRedirectAction(new J2EContext(request, response)).getLocation());
 		} else if (googleEnabled && "google".equals(type)) {
-			google2Client.setScope(Google2Client.Google2Scope.EMAIL);
 			result = new RedirectView(
-					google2Client.getRedirectAction(new J2EContext(request, response)).getLocation());
+					googleOidcClient.getRedirectAction(new J2EContext(request, response)).getLocation());
 		} else {
 			response.setStatus(HttpStatus.BAD_REQUEST.value());
 		}
diff --git a/src/main/java/de/thm/arsnova/entities/User.java b/src/main/java/de/thm/arsnova/entities/User.java
index 18632930d3c8aa7f14551226f963a98f1679c897..26bb8331740a932d326288e90cc536f83736344f 100644
--- a/src/main/java/de/thm/arsnova/entities/User.java
+++ b/src/main/java/de/thm/arsnova/entities/User.java
@@ -20,8 +20,8 @@ package de.thm.arsnova.entities;
 import de.thm.arsnova.services.UserSessionService;
 import org.jasig.cas.client.authentication.AttributePrincipal;
 import org.pac4j.oauth.profile.facebook.FacebookProfile;
-import org.pac4j.oauth.profile.google2.Google2Profile;
 import org.pac4j.oauth.profile.twitter.TwitterProfile;
+import org.pac4j.oidc.profile.google.GoogleOidcProfile;
 import org.springframework.security.authentication.AnonymousAuthenticationToken;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 
@@ -48,7 +48,10 @@ public class User implements Serializable {
 	private UserSessionService.Role role;
 	private boolean isAdmin;
 
-	public User(Google2Profile profile) {
+	public User(GoogleOidcProfile profile) {
+		if (!profile.getEmailVerified()) {
+			throw new IllegalArgumentException("Email is not verified.");
+		}
 		setUsername(profile.getEmail());
 		setType(User.GOOGLE);
 	}
diff --git a/src/main/java/de/thm/arsnova/security/ApplicationPermissionEvaluator.java b/src/main/java/de/thm/arsnova/security/ApplicationPermissionEvaluator.java
index 44ac82d1a88d19f524bdf2d15e40984cf2309a80..65d0a84c9adc0984c70c9915f0e14f950029316f 100644
--- a/src/main/java/de/thm/arsnova/security/ApplicationPermissionEvaluator.java
+++ b/src/main/java/de/thm/arsnova/security/ApplicationPermissionEvaluator.java
@@ -24,8 +24,8 @@ import de.thm.arsnova.entities.Session;
 import de.thm.arsnova.entities.User;
 import de.thm.arsnova.exceptions.UnauthorizedException;
 import org.pac4j.oauth.profile.facebook.FacebookProfile;
-import org.pac4j.oauth.profile.google2.Google2Profile;
 import org.pac4j.oauth.profile.twitter.TwitterProfile;
+import org.pac4j.oidc.profile.google.GoogleOidcProfile;
 import org.pac4j.springframework.security.authentication.Pac4jAuthenticationToken;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
@@ -157,8 +157,8 @@ public class ApplicationPermissionEvaluator implements PermissionEvaluator {
 			User user = null;
 
 			final Pac4jAuthenticationToken token = (Pac4jAuthenticationToken) authentication;
-			if (token.getProfile() instanceof Google2Profile) {
-				final Google2Profile profile = (Google2Profile) token.getProfile();
+			if (token.getProfile() instanceof GoogleOidcProfile) {
+				final GoogleOidcProfile profile = (GoogleOidcProfile) token.getProfile();
 				user = new User(profile);
 			} else if (token.getProfile() instanceof TwitterProfile) {
 				final TwitterProfile profile = (TwitterProfile) token.getProfile();
diff --git a/src/main/java/de/thm/arsnova/services/UserService.java b/src/main/java/de/thm/arsnova/services/UserService.java
index 3b3b5f07240c3a784d6379cd9ee6313ed5ee5bc0..f690cb4343d6f6a82626f8ddd262f4f439ac0334 100644
--- a/src/main/java/de/thm/arsnova/services/UserService.java
+++ b/src/main/java/de/thm/arsnova/services/UserService.java
@@ -31,8 +31,8 @@ import de.thm.arsnova.exceptions.UnauthorizedException;
 import org.apache.commons.lang.RandomStringUtils;
 import org.apache.commons.lang.StringUtils;
 import org.pac4j.oauth.profile.facebook.FacebookProfile;
-import org.pac4j.oauth.profile.google2.Google2Profile;
 import org.pac4j.oauth.profile.twitter.TwitterProfile;
+import org.pac4j.oidc.profile.google.GoogleOidcProfile;
 import org.pac4j.springframework.security.authentication.Pac4jAuthenticationToken;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -257,8 +257,8 @@ public class UserService implements IUserService {
 	private User getOAuthUser(final Authentication authentication) {
 		User user = null;
 		final Pac4jAuthenticationToken token = (Pac4jAuthenticationToken) authentication;
-		if (token.getProfile() instanceof Google2Profile) {
-			final Google2Profile profile = (Google2Profile) token.getProfile();
+		if (token.getProfile() instanceof GoogleOidcProfile) {
+			final GoogleOidcProfile profile = (GoogleOidcProfile) token.getProfile();
 			user = new User(profile);
 		} else if (token.getProfile() instanceof TwitterProfile) {
 			final TwitterProfile profile = (TwitterProfile) token.getProfile();
diff --git a/src/test/java/de/thm/arsnova/config/TestSecurityConfig.java b/src/test/java/de/thm/arsnova/config/TestSecurityConfig.java
index 434b5daa13607302a1d114d8bc7c36eecbf55bb1..f6521c2cf21b2eeba80000e7a2b99887afb4bb84 100644
--- a/src/test/java/de/thm/arsnova/config/TestSecurityConfig.java
+++ b/src/test/java/de/thm/arsnova/config/TestSecurityConfig.java
@@ -20,8 +20,8 @@ package de.thm.arsnova.config;
 import de.thm.arsnova.CasUserDetailsService;
 import org.jasig.cas.client.validation.Cas20ProxyTicketValidator;
 import org.pac4j.oauth.client.FacebookClient;
-import org.pac4j.oauth.client.Google2Client;
 import org.pac4j.oauth.client.TwitterClient;
+import org.pac4j.oidc.client.GoogleOidcClient;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
@@ -105,7 +105,7 @@ public class TestSecurityConfig extends SecurityConfig {
 	}
 
 	@Override
-	public Google2Client googleClient() {
+	public GoogleOidcClient googleClient() {
 		return null;
 	}
 
diff --git a/src/test/java/de/thm/arsnova/services/UserServiceTest.java b/src/test/java/de/thm/arsnova/services/UserServiceTest.java
index 9c0233b7654cd7aa2e180ada4dbd79cd19bf2522..25e095c7759ea57e2284d236ba0ae1392ed34c8d 100644
--- a/src/test/java/de/thm/arsnova/services/UserServiceTest.java
+++ b/src/test/java/de/thm/arsnova/services/UserServiceTest.java
@@ -22,10 +22,8 @@ import org.jasig.cas.client.authentication.AttributePrincipalImpl;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.junit.runners.BlockJUnit4ClassRunner;
-import org.pac4j.oauth.profile.JsonHelper;
-import org.pac4j.oauth.profile.google2.Google2Email;
-import org.pac4j.oauth.profile.google2.Google2Profile;
-import org.pac4j.oauth.profile.google2.Google2ProfileDefinition;
+import org.pac4j.core.profile.definition.CommonProfileDefinition;
+import org.pac4j.oidc.profile.google.GoogleOidcProfile;
 import org.springframework.security.authentication.AnonymousAuthenticationToken;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.GrantedAuthority;
@@ -57,13 +55,10 @@ public class UserServiceTest {
 		socketid2user.put(UUID.randomUUID(), new User(new UsernamePasswordAuthenticationToken("ptsr00", UUID.randomUUID())));
 		socketid2user.put(UUID.randomUUID(), new User(new AttributePrincipalImpl("ptstr0")));
 
-		Google2Email email = new Google2Email();
-		email.setEmail("mail@host.com");
-		ArrayList<Google2Email> emails = new ArrayList<>();
-		emails.add(email);
-		Google2Profile profile = new Google2Profile();
-		profile.addAttribute(Google2ProfileDefinition.DISPLAY_NAME, "ptsr00");
-		profile.addAttribute(Google2ProfileDefinition.EMAILS, emails);
+		GoogleOidcProfile profile = new GoogleOidcProfile();
+		profile.addAttribute(CommonProfileDefinition.DISPLAY_NAME, "ptsr00");
+		profile.addAttribute(CommonProfileDefinition.EMAIL, "mail@host.com");
+		profile.addAttribute("email_verified", true);
 
 		socketid2user.put(UUID.randomUUID(), new User(profile));
 		List<GrantedAuthority> authorities = new ArrayList<>();