diff --git a/Makefile b/Makefile
index b99682b..6b1ab7a 100644
--- a/Makefile
+++ b/Makefile
@@ -1,4 +1,4 @@
-PROTO_VERSION=v0.7.4
+PROTO_VERSION=v0.7.5
 PROTO_URL=https://github.com/nspcc-dev/neofs-api/archive/$(PROTO_VERSION).tar.gz
 
 B=\033[0;1m
diff --git a/docs/service.md b/docs/service.md
index 9ed548e..0765f04 100644
--- a/docs/service.md
+++ b/docs/service.md
@@ -132,6 +132,7 @@ User token granting rights for object manipulation
 | Address | [refs.Address](#refs.Address) |  | Address is an object address for which token is issued |
 | Lifetime | [TokenLifetime](#service.TokenLifetime) |  | Lifetime is a lifetime of the session |
 | SessionKey | [bytes](#bytes) |  | SessionKey is a public key of session key |
+| OwnerKey | [bytes](#bytes) |  | OwnerKey is a public key of the token owner |
 
 
 <a name="service.TokenLifetime"></a>
diff --git a/service/token.go b/service/token.go
index cce1059..a5dd5da 100644
--- a/service/token.go
+++ b/service/token.go
@@ -103,6 +103,11 @@ func (m *Token_Info) SetSessionKey(key []byte) {
 	m.SessionKey = key
 }
 
+// SetOwnerKey is an OwnerKey field setter.
+func (m *Token_Info) SetOwnerKey(key []byte) {
+	m.OwnerKey = key
+}
+
 // SetSignature is a Signature field setter.
 func (m *Token) SetSignature(sig []byte) {
 	m.Signature = sig
@@ -169,11 +174,11 @@ func NewVerifiedSessionToken(token SessionToken) DataWithSignature {
 	}
 }
 
-func tokenInfoSize(v SessionKeySource) int {
+func tokenInfoSize(v SessionTokenInfo) int {
 	if v == nil {
 		return 0
 	}
-	return fixedTokenDataSize + len(v.GetSessionKey())
+	return fixedTokenDataSize + len(v.GetSessionKey()) + len(v.GetOwnerKey())
 }
 
 // Fills passed buffer with signing token information bytes.
@@ -203,7 +208,9 @@ func copyTokenSignedData(buf []byte, token SessionTokenInfo) {
 	tokenEndianness.PutUint64(buf[off:], token.ExpirationEpoch())
 	off += 8
 
-	copy(buf[off:], token.GetSessionKey())
+	off += copy(buf[off:], token.GetSessionKey())
+
+	copy(buf[off:], token.GetOwnerKey())
 }
 
 // SignedData concatenates signed data with session token information. Returns concatenation result.
diff --git a/service/token_test.go b/service/token_test.go
index e8599e7..43e380d 100644
--- a/service/token_test.go
+++ b/service/token_test.go
@@ -77,6 +77,16 @@ func TestTokenGettersSetters(t *testing.T) {
 		require.Equal(t, key, tok.GetSessionKey())
 	}
 
+	{
+		key := make([]byte, 10)
+		_, err := rand.Read(key)
+		require.NoError(t, err)
+
+		tok.SetOwnerKey(key)
+
+		require.Equal(t, key, tok.GetOwnerKey())
+	}
+
 	{ // Signature
 		sig := make([]byte, 10)
 		_, err := rand.Read(sig)
@@ -126,6 +136,11 @@ func TestSignToken(t *testing.T) {
 	require.NoError(t, err)
 	token.SetSessionKey(sessionKey)
 
+	ownerKey := make([]byte, 10)
+	_, err = rand.Read(ownerKey[:])
+	require.NoError(t, err)
+	token.SetOwnerKey(ownerKey)
+
 	signedToken := NewSignedSessionToken(token)
 	verifiedToken := NewVerifiedSessionToken(token)
 
@@ -211,6 +226,18 @@ func TestSignToken(t *testing.T) {
 				token.SetSessionKey(sessionKey)
 			},
 		},
+		{ // Owner key
+			corrupt: func() {
+				ownerKey := token.GetOwnerKey()
+				ownerKey[0]++
+				token.SetOwnerKey(ownerKey)
+			},
+			restore: func() {
+				ownerKey := token.GetOwnerKey()
+				ownerKey[0]--
+				token.SetOwnerKey(ownerKey)
+			},
+		},
 	}
 
 	for _, v := range items {
diff --git a/service/types.go b/service/types.go
index 31f4507..66582f5 100644
--- a/service/types.go
+++ b/service/types.go
@@ -158,6 +158,17 @@ type SignatureContainer interface {
 	SetSignature([]byte)
 }
 
+// OwnerKeySource is an interface of the container of owner key bytes with read access.
+type OwnerKeySource interface {
+	GetOwnerKey() []byte
+}
+
+// OwnerKeyContainer is an interface of the container of owner key bytes.
+type OwnerKeyContainer interface {
+	OwnerKeySource
+	SetOwnerKey([]byte)
+}
+
 // SessionTokenSource is an interface of the container of a SessionToken with read access.
 type SessionTokenSource interface {
 	GetSessionToken() SessionToken
@@ -170,7 +181,8 @@ type SessionTokenSource interface {
 // - verb of the session;
 // - address of the session object;
 // - token lifetime;
-// - public session key bytes.
+// - public session key bytes;
+// - owner's public key bytes.
 type SessionTokenInfo interface {
 	TokenIDContainer
 	OwnerIDContainer
@@ -178,6 +190,7 @@ type SessionTokenInfo interface {
 	AddressContainer
 	LifetimeContainer
 	SessionKeyContainer
+	OwnerKeyContainer
 }
 
 // SessionToken is an interface of token information and signature pair.
diff --git a/service/verify.pb.go b/service/verify.pb.go
index 3dadf0b..d198302 100644
Binary files a/service/verify.pb.go and b/service/verify.pb.go differ
diff --git a/service/verify.proto b/service/verify.proto
index ed360be..a6619a6 100644
--- a/service/verify.proto
+++ b/service/verify.proto
@@ -63,6 +63,9 @@ message Token {
 
         // SessionKey is a public key of session key
         bytes SessionKey = 6;
+
+        // OwnerKey is a public key of the token owner
+        bytes OwnerKey = 7;
     }
 
     // TokenInfo is a grouped information about token