Out-of-band (OOB) authentication is a form of Strong Customer Authentication (SCA) that requires a secondary verification through a separate communication channel. With OOB authentication, you can direct the transaction authentication requests to your application on an eligible cardholder's device, such as a mobile phone.
To use the out-of-band authentication flow with your Adyen-issued cards in the European Economic Area (EEA), you need to register the cardholder's device and subsequently authenticate the transactions on this device.
During the authentication the user is required to provide two out of three factors:
- Knowledge: something that only the user knows, such as a password.
- Possession: something that only the user possesses, such as a personal mobile device.
- Inherence: something that is unique to the user, such as biological and behavioral biometrics.
To help you implement OOB authentication, we provide a client-side Authentication SDK that uses the possession factor through device binding, and either knowledge or the inherence factor, depending on the cardholder's device access configuration.
How to use the Authentication SDK
To use Adyen's Authentication SDK:
- Install the Authentication SDK and add it to your iOS and Android project.
- Use the Authentication SDK to register your cardholder's Android or iOS mobile device for SCA.
- Use the Authentication SDK to authenticate your cardholders each time they want to make a payment with their Adyen-issued card.