--- title: "Register a device for SCA" description: "Learn how to use our Authentication SDK to register an iOS or Android device for SCA purposes." url: "https://docs.adyen.com/business-accounts/register-sca-devices" source_url: "https://docs.adyen.com/business-accounts/register-sca-devices.md" canonical: "https://docs.adyen.com/business-accounts/register-sca-devices" last_modified: "2022-11-30T17:52:00+01:00" language: "en" --- # Register a device for SCA Learn how to use our Authentication SDK to register an iOS or Android device for SCA purposes. [View source](/business-accounts/register-sca-devices.md) To enable Strong Customer Authentication (SCA) for your users, you must register their device as an SCA device. The registration associates your user's device with their business account. You can register devices for SCA using Adyen's Authentication SDK. To do so: 1. [Check SCA eligibility](#check-sca). 2. [Initiate the device registration](#initiate-registration) from your server. 3. [Register the device](#register-device). 4. [Finalize the registration](#finalize-registration) from your server. The following sections explain how to perform all the steps to register a user's device for SCA. ## Requirements * Make sure that the operating system or web browser on your user's device supports SCA. * Make sure that you have [installed the Authentication SDK](/business-accounts/install-auth-sdk). * Make sure that your [API credential](/business-accounts/manage-access#manage-api-credentials) has the following role: * **Bank SCA Webservice Role** ## Check SCA eligibility This functionality requires additional configuration from Adyen. To enable it, contact our [Support Team](https://ca-test.adyen.com/ca/ca/contactUs/support.shtml?form=other). ### Tab: Android (Kotlin) To check if the Android device is eligible for SCA: 1. Initiate the `AdyenAuthentication` class in your Activity or Fragment. **Initiate authentication** ```kotlin private lateinit var adyenAuthentication: AdyenAuthentication override fun onCreate(savedInstanceState: Bundle?) { super.onCreate(savedInstanceState) adyenAuthentication = AdyenAuthentication(this) } ``` 2. Check if SCA is available on the device. **Check SCA eligibility** ```kotlin lifecycleScope.launch { val availabilityResult: AvailabilityResult = adyenAuthentication.checkAvailability() if (availabilityResult is AvailabilityResult.Available) { availabilityResult.sdkOutput } } ``` The function returns an `sdkOutput`. 3. Pass the `sdkOutput` to your server. ### Tab: iOS (Swift) To check if the iOS device is eligible for SCA: 1. Initialize the `AuthenticationService` class. **Initialize authentication service** ```swift let configuration = AuthenticationService.Configuration( localizedRegistrationReason: registrationReason, localizedAuthenticationReason: authenticationReason, appleTeamIdendtifier: appleTeamIdentifier ) let authenticationService = AuthenticationService(configuration: configuration) ``` 2. Check if SCA is available on the device. **Check SCA eligibility** ```swift let sdkOutput = try authenticationService.checkSupport() /// send the sdkOutput to your backend ``` The function returns an `sdkOutput`. 3. Pass the `sdkOutput` to your server. ### Tab: Web (JavaScript) To check if the web browser on your web-enabled device is eligible for SCA: 1. Import the node package in your application. `RelyingPartyName` is the name the user will be presented with when creating or validating a `WebAuthn` operation. We recommend that the value of the `RelyingPartyName` be the merchant name or the URL domain. **Import web sdk and initiate authentication** ```javascript import ScaWebauthn from '@adyen/bpscaweb'; const scaWebauthn = ScaWebauthn.create({ relyingPartyName: 'merchant', }); const sdkOutput = await scaWebauthn.checkAvailability().catch((error) => /* SCA_UNAVAILABLE error*/); ``` If the user's browser supports SCA, the function returns `sdkOutput` to exchange in requests to the server. If SCA is not supported, the method throws an `SCA_UNAVAILABLE` error. 2. Pass the `sdkOutput` to your server. You will use the `sdkOutput` when [initiating the registration](#initiate-registration). ## Initiate device registration Registering the device is a one-off procedure for each device. If your user has multiple devices, you need to register each of their devices separately. After a device is registered, you can associate more payment instruments with it. To learn how to associate multiple payment instruments with a registered device, go to [Manage registered devices](/business-accounts/manage-sca-devices/). To start the device registration, make a POST [/registeredDevices](https://docs.adyen.com/api-explorer/balanceplatform/latest/post/registeredDevices) request from your server. In the request, specify the following: | Request parameter | Required | Description | | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | [paymentInstrumentId](https://docs.adyen.com/api-explorer/balanceplatform/latest/post/registeredDevices#request-paymentInstrumentId) | yes | The unique identifier of the business account you want to register the device for. | | [name](https://docs.adyen.com/api-explorer/balanceplatform/latest/post/registeredDevices#request-name) | no | The name of the SCA device that you are registering. You can use it to help your users identify the device. If you do not specify a `name`, Adyen automatically generates one. | | [strongCustomerAuthentication.sdkOutput](https://docs.adyen.com/api-explorer/balanceplatform/latest/post/registeredDevices#request-strongCustomerAuthentication-sdkOutput) | yes | Base64-encoded blob of data created in the [previous step](#check-sca). | **Initiate device registration** #### curl ```bash curl https://balanceplatform-api-test.adyen.com/bcl/v2/registeredDevices \ -H 'x-api-key: ADYEN_BALANCE_PLATFORM_API_KEY' \ -H 'content-type: application/json' \ -X POST \ -d '{ "paymentInstrumentId": "PI00000000000000000000001", "strongCustomerAuthentication" : { "sdkOutput": "eyJjaGFubmVsIjoiYXBwIiwib3BlcmF0aW5nU3lzdGV..." } }' ``` #### Java ```java // Adyen Java API Library v33.0.0 import com.adyen.Client; import com.adyen.enums.Environment; import com.adyen.model.balanceplatform.*; import java.time.OffsetDateTime; import java.util.*; import com.adyen.service.balancePlatform.*; Client client = new Client("ADYEN_BALANCE_PLATFORM_API_KEY", Environment.TEST); // Create the request object(s) DelegatedAuthenticationData delegatedAuthenticationData = new DelegatedAuthenticationData() .sdkOutput("eyJjaGFubmVsIjoiYXBwIiwib3BlcmF0aW5nU3lzdGV..."); RegisterSCARequest registerSCARequest = new RegisterSCARequest() .strongCustomerAuthentication(delegatedAuthenticationData) .paymentInstrumentId("PI00000000000000000000001"); // Send the request ManageScaDevicesApi service = new ManageScaDevicesApi(client); RegisterSCAResponse response = service.initiateRegistrationOfScaDevice(registerSCARequest, null); ``` #### PHP ```php setXApiKey("ADYEN_BALANCE_PLATFORM_API_KEY"); $client->setEnvironment(Environment::TEST); // Create the request object(s) $delegatedAuthenticationData = new DelegatedAuthenticationData(); $delegatedAuthenticationData ->setSdkOutput("eyJjaGFubmVsIjoiYXBwIiwib3BlcmF0aW5nU3lzdGV..."); $registerSCARequest = new RegisterSCARequest(); $registerSCARequest ->setStrongCustomerAuthentication($delegatedAuthenticationData) ->setPaymentInstrumentId("PI00000000000000000000001"); // Send the request $service = new ManageScaDevicesApi($client); $response = $service->initiateRegistrationOfScaDevice($registerSCARequest); ``` #### C\# ```cs // Adyen .net API Library v28.0.0 using Adyen; using Environment = Adyen.Model.Environment; using Adyen.Model; using Adyen.Model.BalancePlatform; using Adyen.Service.BalancePlatform; var config = new Config() { XApiKey = "ADYEN_BALANCE_PLATFORM_API_KEY", Environment = Environment.Test }; var client = new Client(config); // Create the request object(s) DelegatedAuthenticationData delegatedAuthenticationData = new DelegatedAuthenticationData { SdkOutput = "eyJjaGFubmVsIjoiYXBwIiwib3BlcmF0aW5nU3lzdGV..." }; RegisterSCARequest registerSCARequest = new RegisterSCARequest { StrongCustomerAuthentication = delegatedAuthenticationData, PaymentInstrumentId = "PI00000000000000000000001" }; // Send the request var service = new ManageScaDevicesService(client); var response = service.InitiateRegistrationOfScaDevice(registerSCARequest); ``` #### NodeJS (JavaScript) ```js // Adyen Node API Library v23.3.0 const { Client, BalancePlatformAPI } = require('@adyen/api-library'); const client = new Client({ apiKey: "ADYEN_BALANCE_PLATFORM_API_KEY", environment: "TEST" }); // Create the request object(s) const registerSCARequest = { paymentInstrumentId: "PI00000000000000000000001", strongCustomerAuthentication: { sdkOutput: "eyJjaGFubmVsIjoiYXBwIiwib3BlcmF0aW5nU3lzdGV..." } } // Send the request const balancePlatformAPI = new BalancePlatformAPI(client); const response = balancePlatformAPI.ManageScaDevicesApi.initiateRegistrationOfScaDevice(registerSCARequest); ``` #### Go ```go // Adyen Go API Library v17.0.0 import ( "context" "github.com/adyen/adyen-go-api-library/v17/src/common" "github.com/adyen/adyen-go-api-library/v17/src/adyen" "github.com/adyen/adyen-go-api-library/v17/src/balancePlatform" ) client := adyen.NewClient(&common.Config{ ApiKey: "ADYEN_BALANCE_PLATFORM_API_KEY", Environment: common.TestEnv, }) // Create the request object(s) delegatedAuthenticationData := balancePlatform.DelegatedAuthenticationData{ SdkOutput: "eyJjaGFubmVsIjoiYXBwIiwib3BlcmF0aW5nU3lzdGV...", } registerSCARequest := balancePlatform.RegisterSCARequest{ StrongCustomerAuthentication: delegatedAuthenticationData, PaymentInstrumentId: "PI00000000000000000000001", } // Send the request service := client.BalancePlatform() req := service.ManageScaDevicesApi.InitiateRegistrationOfScaDeviceInput().RegisterSCARequest(registerSCARequest) res, httpRes, err := service.ManageScaDevicesApi.InitiateRegistrationOfScaDevice(context.Background(), req) ``` #### Python ```py # Adyen Python API Library v13.3.0 import Adyen adyen = Adyen.Adyen() adyen.client.xapikey = "ADYEN_BALANCE_PLATFORM_API_KEY" adyen.client.platform = "test" # The environment to use library in. # Create the request object(s) json_request = { "paymentInstrumentId": "PI00000000000000000000001", "strongCustomerAuthentication": { "sdkOutput": "eyJjaGFubmVsIjoiYXBwIiwib3BlcmF0aW5nU3lzdGV..." } } # Send the request result = adyen.balancePlatform.manage_sca_devices_api.initiate_registration_of_sca_device(request=json_request) ``` #### Ruby ```rb # Adyen Ruby API Library v10.1.1 require "adyen-ruby-api-library" adyen = Adyen::Client.new adyen.api_key = 'ADYEN_BALANCE_PLATFORM_API_KEY' adyen.env = :test # Set to "live" for live environment # Create the request object(s) request_body = { :paymentInstrumentId => 'PI00000000000000000000001', :strongCustomerAuthentication => { :sdkOutput => 'eyJjaGFubmVsIjoiYXBwIiwib3BlcmF0aW5nU3lzdGV...' } } # Send the request result = adyen.balancePlatform.manage_sca_devices_api.initiate_registration_of_sca_device(request_body) ``` #### NodeJS (TypeScript) ```ts // Adyen Node API Library v23.3.0 import { Client, BalancePlatformAPI, Types } from "@adyen/api-library"; const client = new Client({ apiKey: "ADYEN_BALANCE_PLATFORM_API_KEY", environment: "TEST" }); // Create the request object(s) const delegatedAuthenticationData: Types.balancePlatform.DelegatedAuthenticationData = { sdkOutput: "eyJjaGFubmVsIjoiYXBwIiwib3BlcmF0aW5nU3lzdGV..." }; const registerSCARequest: Types.balancePlatform.RegisterSCARequest = { strongCustomerAuthentication: delegatedAuthenticationData, paymentInstrumentId: "PI00000000000000000000001" }; // Send the request const balancePlatformAPI = new BalancePlatformAPI(client); const response = balancePlatformAPI.ManageScaDevicesApi.initiateRegistrationOfScaDevice(registerSCARequest); ``` The response returns: * [sdkInput](https://docs.adyen.com/api-explorer/balanceplatform/latest/post/registeredDevices#responses-200-sdkInput): pass the value to the SDK when [registering the device](#register-device). * [id](https://docs.adyen.com/api-explorer/balanceplatform/latest/post/registeredDevices#responses-200-id): the device ID needed when [finalizing the registration](#finalize-registration). This ID begins either with `BSDR` or `RD`. We suggest that you create and store a mapping between the registered device `id` and the human-readable account holder name. For example, **BSDR00000000000000000000001** is "Cardholder's iPhone". You can use this pair later to show the details, for example, when [deregistering the device](/business-accounts/manage-sca-devices#deregister-device) if the user doesn't specify a device name during registration. **Initiate device registration response** ```json { "id": "BSDR00000000000000000000001", "paymentInstrumentId": "PI00000000000000000000001", "sdkInput": "eyJjaGFsbGVuZ2UiOiJiVlV6ZW5wek0waFNlQzFvVjBGSGRVaDNaVXc1UVE9PSJ9", "success": true } ``` ## Register the device To register the device with the Authentication SDK: 1. Authenticate the user by performing [two-factor authentication](https://en.wikipedia.org/wiki/Multi-factor_authentication) (2FA). 2. Trigger the SDK to start the device registration and pass `sdkInput` from [step 2](#initiate-registration). ### Tab: Android (Kotlin) **Register device with SCA SDK** ```kotlin lifecycleScope.launch { val registrationResult: AuthenticationResult = adyenAuthentication.register("sdkInput") when (registrationResult) { is AuthenticationResult.RegistrationSuccessful -> { registrationResult.sdkOutput } is AuthenticationResult.Canceled -> { // cardholder canceled the flow } is AuthenticationResult.Error -> { // Unexpected error registrationResult.errorMessage } is AuthenticationResult.AuthenticationError -> { // FIDO API Error registrationResult.authenticationError } } } ``` After the successful registration, the SDK generates a Base64-encoded `sdkOutput` data blob. ### Tab: iOS (Swift) **Register device with SCA SDK** ```swift let sdkOutput = try await authenticationService.register(withBase64URLString: sdkInput) /// send the sdkOutput to the backend ``` The SDK uses the [Apple DeviceCheck framework](https://developer.apple.com/documentation/devicecheck) to generate a Base64-encoded `sdkOutput` data blob. To do this, the SDK authenticates the user using Touch ID, Face ID, or the device passcode. To enable Face ID support, add `NSFaceIDUsageDescription` to `Info.plist`. ### Tab: Web (JavaScript) **Register device with SCA SDK** ```javascript const sdkOutput = await scaWebauthn.register(sdkInput); ``` After the successful registration, the SDK generates a Base64-encoded `sdkOutput` data blob. 3. Pass `sdkOutput` to your server. ## Finalize registration To finalize the device registration: 1. Make a PATCH [/registeredDevices/{id}](https://docs.adyen.com/api-explorer/balanceplatform/latest/patch/registeredDevices/\(id\)) request from your server. Specify the following parameters: | Parameter | Parameter type | Description | | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------- | | [id](https://docs.adyen.com/api-explorer/balanceplatform/latest/patch/registeredDevices/\(id\)#path-id) | Path | The unique identifier of the SCA device. You obtain this `id` after you [initiate the device registration](#initiate-registration). | | [paymentInstrumentId](https://docs.adyen.com/api-explorer/balanceplatform/latest/patch/registeredDevices/\(id\)#request-paymentInstrumentId) | Body | The unique identifier of the business account you want to register the device for. | | [strongCustomerAuthentication.sdkOutput](https://docs.adyen.com/api-explorer/balanceplatform/latest/patch/registeredDevices/\(id\)#request-strongCustomerAuthentication-sdkOutput) | Body | Base64-encoded blob of data created in the previous step. | **Finalize device registration** #### curl ```bash curl https://balanceplatform-api-test.adyen.com/bcl/v2/registeredDevices/{id} \ -H 'x-api-key: ADYEN_BALANCE_PLATFORM_API_KEY' \ -H 'content-type: application/json' \ -X PATCH \ -d '{ "paymentInstrumentId": "PI00000000000000000000001", "strongCustomerAuthentication" : { "sdkOutput": "eyJhdHRlc3RhdGlvbk9iamVjdCI6Im8yTm1iWF..." } }' ``` #### Java ```java // Adyen Java API Library v33.0.0 import com.adyen.Client; import com.adyen.enums.Environment; import com.adyen.model.balanceplatform.*; import java.time.OffsetDateTime; import java.util.*; import com.adyen.service.balancePlatform.*; Client client = new Client("ADYEN_BALANCE_PLATFORM_API_KEY", Environment.TEST); // Create the request object(s) DelegatedAuthenticationData delegatedAuthenticationData = new DelegatedAuthenticationData() .sdkOutput("eyJhdHRlc3RhdGlvbk9iamVjdCI6Im8yTm1iWF..."); RegisterSCARequest registerSCARequest = new RegisterSCARequest() .strongCustomerAuthentication(delegatedAuthenticationData) .paymentInstrumentId("PI00000000000000000000001"); // Send the request ManageScaDevicesApi service = new ManageScaDevicesApi(client); RegisterSCAFinalResponse response = service.completeRegistrationOfScaDevice("id", registerSCARequest, null); ``` #### PHP ```php setXApiKey("ADYEN_BALANCE_PLATFORM_API_KEY"); $client->setEnvironment(Environment::TEST); // Create the request object(s) $delegatedAuthenticationData = new DelegatedAuthenticationData(); $delegatedAuthenticationData ->setSdkOutput("eyJhdHRlc3RhdGlvbk9iamVjdCI6Im8yTm1iWF..."); $registerSCARequest = new RegisterSCARequest(); $registerSCARequest ->setStrongCustomerAuthentication($delegatedAuthenticationData) ->setPaymentInstrumentId("PI00000000000000000000001"); // Send the request $service = new ManageScaDevicesApi($client); $response = $service->completeRegistrationOfScaDevice('id', $registerSCARequest); ``` #### C\# ```cs // Adyen .net API Library v28.0.0 using Adyen; using Environment = Adyen.Model.Environment; using Adyen.Model; using Adyen.Model.BalancePlatform; using Adyen.Service.BalancePlatform; var config = new Config() { XApiKey = "ADYEN_BALANCE_PLATFORM_API_KEY", Environment = Environment.Test }; var client = new Client(config); // Create the request object(s) DelegatedAuthenticationData delegatedAuthenticationData = new DelegatedAuthenticationData { SdkOutput = "eyJhdHRlc3RhdGlvbk9iamVjdCI6Im8yTm1iWF..." }; RegisterSCARequest registerSCARequest = new RegisterSCARequest { StrongCustomerAuthentication = delegatedAuthenticationData, PaymentInstrumentId = "PI00000000000000000000001" }; // Send the request var service = new ManageScaDevicesService(client); var response = service.CompleteRegistrationOfScaDevice("id", registerSCARequest); ``` #### NodeJS (JavaScript) ```js // Adyen Node API Library v23.3.0 const { Client, BalancePlatformAPI } = require('@adyen/api-library'); const client = new Client({ apiKey: "ADYEN_BALANCE_PLATFORM_API_KEY", environment: "TEST" }); // Create the request object(s) const registerSCARequest = { paymentInstrumentId: "PI00000000000000000000001", strongCustomerAuthentication: { sdkOutput: "eyJhdHRlc3RhdGlvbk9iamVjdCI6Im8yTm1iWF..." } } // Send the request const balancePlatformAPI = new BalancePlatformAPI(client); const response = balancePlatformAPI.ManageScaDevicesApi.completeRegistrationOfScaDevice("id", registerSCARequest); ``` #### Go ```go // Adyen Go API Library v17.0.0 import ( "context" "github.com/adyen/adyen-go-api-library/v17/src/common" "github.com/adyen/adyen-go-api-library/v17/src/adyen" "github.com/adyen/adyen-go-api-library/v17/src/balancePlatform" ) client := adyen.NewClient(&common.Config{ ApiKey: "ADYEN_BALANCE_PLATFORM_API_KEY", Environment: common.TestEnv, }) // Create the request object(s) delegatedAuthenticationData := balancePlatform.DelegatedAuthenticationData{ SdkOutput: "eyJhdHRlc3RhdGlvbk9iamVjdCI6Im8yTm1iWF...", } registerSCARequest := balancePlatform.RegisterSCARequest{ StrongCustomerAuthentication: delegatedAuthenticationData, PaymentInstrumentId: "PI00000000000000000000001", } // Send the request service := client.BalancePlatform() req := service.ManageScaDevicesApi.CompleteRegistrationOfScaDeviceInput("id").RegisterSCARequest(registerSCARequest) res, httpRes, err := service.ManageScaDevicesApi.CompleteRegistrationOfScaDevice(context.Background(), req) ``` #### Python ```py # Adyen Python API Library v13.3.0 import Adyen adyen = Adyen.Adyen() adyen.client.xapikey = "ADYEN_BALANCE_PLATFORM_API_KEY" adyen.client.platform = "test" # The environment to use library in. # Create the request object(s) json_request = { "paymentInstrumentId": "PI00000000000000000000001", "strongCustomerAuthentication": { "sdkOutput": "eyJhdHRlc3RhdGlvbk9iamVjdCI6Im8yTm1iWF..." } } # Send the request result = adyen.balancePlatform.manage_sca_devices_api.complete_registration_of_sca_device(request=json_request, id="id") ``` #### Ruby ```rb # Adyen Ruby API Library v10.1.1 require "adyen-ruby-api-library" adyen = Adyen::Client.new adyen.api_key = 'ADYEN_BALANCE_PLATFORM_API_KEY' adyen.env = :test # Set to "live" for live environment # Create the request object(s) request_body = { :paymentInstrumentId => 'PI00000000000000000000001', :strongCustomerAuthentication => { :sdkOutput => 'eyJhdHRlc3RhdGlvbk9iamVjdCI6Im8yTm1iWF...' } } # Send the request result = adyen.balancePlatform.manage_sca_devices_api.complete_registration_of_sca_device(request_body, 'id') ``` #### NodeJS (TypeScript) ```ts // Adyen Node API Library v23.3.0 import { Client, BalancePlatformAPI, Types } from "@adyen/api-library"; const client = new Client({ apiKey: "ADYEN_BALANCE_PLATFORM_API_KEY", environment: "TEST" }); // Create the request object(s) const delegatedAuthenticationData: Types.balancePlatform.DelegatedAuthenticationData = { sdkOutput: "eyJhdHRlc3RhdGlvbk9iamVjdCI6Im8yTm1iWF..." }; const registerSCARequest: Types.balancePlatform.RegisterSCARequest = { strongCustomerAuthentication: delegatedAuthenticationData, paymentInstrumentId: "PI00000000000000000000001" }; // Send the request const balancePlatformAPI = new BalancePlatformAPI(client); const response = balancePlatformAPI.ManageScaDevicesApi.completeRegistrationOfScaDevice("id", registerSCARequest); ``` 2. Verify that the response contains `success` **true**. The registration is now complete and the device ID is connected to the payment instrument. An element for the device ID is added to the `data` array of GET [/registeredDevices](https://docs.adyen.com/api-explorer/balanceplatform/latest/get/registeredDevices). The user can start authenticating themselves for future operations related to the payment instrument ID used during registration. You cannot register a device more than once. However, now that the device is registered, you can connect more payment instruments to the device [using the device association API](/business-accounts/manage-sca-devices/#associate-business-accounts-to-a-registered-device). ## Next steps Authenticate your users before authorizing operations. [required](/business-accounts/manage-sca-devices) [Manage devices](/business-accounts/manage-sca-devices) [Use our APIs to get registration details, connect payment instruments to devices, and delete registrations.](/business-accounts/manage-sca-devices) [required](/business-accounts/sca-for-funds-transfers) [Authenticate users when making a transfer](/business-accounts/sca-for-funds-transfers) [Use our Authentication SDK to authenticate your users before they transfer funds.](/business-accounts/sca-for-funds-transfers) [required](/business-accounts/sca-for-transaction-history) [Authenticate users when getting their transaction history](/business-accounts/sca-for-transaction-history) [Use our Authentication SDK to authenticate your users before showing them their transaction history.](/business-accounts/sca-for-transaction-history)