--- title: "Register a mobile SCA device" description: "Use our Authentication SDK to register an iOS or Android device for out-of-band authentication of payments." url: "https://docs.adyen.com/issuing/3d-secure/oob-auth-sdk/register-devices" source_url: "https://docs.adyen.com/issuing/3d-secure/oob-auth-sdk/register-devices.md" canonical: "https://docs.adyen.com/issuing/3d-secure/oob-auth-sdk/register-devices" last_modified: "2023-07-12T13:49:00+02:00" language: "en" --- # Register a mobile SCA device Use our Authentication SDK to register an iOS or Android device for out-of-band authentication of payments. [View source](/issuing/3d-secure/oob-auth-sdk/register-devices.md) To enable out-of-band (OOB) authentication for your users, you must register their device as an SCA device. The registration associates your user's device with their card. You can register devices for SCA using Adyen's Authentication SDK. To do so: 1. [Check SCA eligibility](#check-sca). 2. [Initiate the device registration](#initiate-registration) from your server. 3. [Register the device](#register-device). 4. [Finalize the registration](#finalize-registration) from your server. The following sections explain how to perform all the steps to register a user's device for SCA. ## Requirements * Make sure that the operating system on your user's device supports SCA. * Make sure that you have [installed the Authentication SDK](/issuing/3d-secure/oob-auth-sdk/install-sdk-mobile). * Make sure that your [API credential](/issuing/manage-access#manage-api-credentials) has the following role: * **Bank SCA Webservice Role** ## Check SCA eligibility This functionality requires additional configuration from Adyen. To enable it, contact our [Support Team](https://ca-test.adyen.com/ca/ca/contactUs/support.shtml?form=other). ### Tab: Android (Kotlin) To check if the Android device is eligible for SCA: 1. Initiate the `AdyenAuthentication` class in your Activity or Fragment. **Initiate authentication** ```kotlin private lateinit var adyenAuthentication: AdyenAuthentication override fun onCreate(savedInstanceState: Bundle?) { super.onCreate(savedInstanceState) adyenAuthentication = AdyenAuthentication(this) } ``` 2. Check if SCA is available on the device. **Check SCA eligibility** ```kotlin lifecycleScope.launch { val availabilityResult: AvailabilityResult = adyenAuthentication.checkAvailability() if (availabilityResult is AvailabilityResult.Available) { availabilityResult.sdkOutput } } ``` The function returns an `sdkOutput`. 3. Pass the `sdkOutput` to your server. ### Tab: iOS (Swift) To check if the iOS device is eligible for SCA: 1. Initialize the `AuthenticationService` class. **Initialize authentication service** ```swift let configuration = AuthenticationService.Configuration( localizedRegistrationReason: registrationReason, localizedAuthenticationReason: authenticationReason, appleTeamIdendtifier: appleTeamIdentifier ) let authenticationService = AuthenticationService(configuration: configuration) ``` 2. Check if SCA is available on the device. **Check SCA eligibility** ```swift let sdkOutput = try authenticationService.checkSupport() /// send the sdkOutput to your backend ``` The function returns an `sdkOutput`. 3. Pass the `sdkOutput` to your server. ## Initiate device registration Registering the device is a one-off procedure. You can only register **one device per payment instrument**. If you register a new device for a card that already has a registered device, the previous device will be deregistered. After a device is registered, you can associate multiple payment instruments to the registered device. To learn how to associate multiple payment instruments to a registered device, go to [Manage registered devices](/issuing/3d-secure/oob-auth-sdk/manage-devices/). To start the device registration, make a POST [/registeredDevices](https://docs.adyen.com/api-explorer/balanceplatform/latest/post/registeredDevices) request from your server. In the request, specify the following: | Request parameter | Required | Description | | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | [paymentInstrumentId](https://docs.adyen.com/api-explorer/balanceplatform/latest/post/registeredDevices#request-paymentInstrumentId) | yes | The unique identifier of the card you want to register the device for. | | [name](https://docs.adyen.com/api-explorer/balanceplatform/latest/post/registeredDevices#request-name) | no | The name of the SCA device that you are registering. You can use it to help your users identify the device. If you do not specify a `name`, Adyen automatically generates one. | | [strongCustomerAuthentication.sdkOutput](https://docs.adyen.com/api-explorer/balanceplatform/latest/post/registeredDevices#request-strongCustomerAuthentication-sdkOutput) | yes | Base64-encoded blob of data created in the [previous step](#check-sca). | **Initiate device registration** #### curl ```bash curl https://balanceplatform-api-test.adyen.com/bcl/v2/registeredDevices \ -H 'x-api-key: ADYEN_BALANCE_PLATFORM_API_KEY' \ -H 'content-type: application/json' \ -X POST \ -d '{ "paymentInstrumentId": "PI00000000000000000000001", "strongCustomerAuthentication" : { "sdkOutput": "eyJjaGFubmVsIjoiYXBwIiwib3BlcmF0aW5nU3lzdGV..." } }' ``` #### Java ```java // Adyen Java API Library v33.0.0 import com.adyen.Client; import com.adyen.enums.Environment; import com.adyen.model.balanceplatform.*; import java.time.OffsetDateTime; import java.util.*; import com.adyen.service.balancePlatform.*; Client client = new Client("ADYEN_BALANCE_PLATFORM_API_KEY", Environment.TEST); // Create the request object(s) DelegatedAuthenticationData delegatedAuthenticationData = new DelegatedAuthenticationData() .sdkOutput("eyJjaGFubmVsIjoiYXBwIiwib3BlcmF0aW5nU3lzdGV..."); RegisterSCARequest registerSCARequest = new RegisterSCARequest() .strongCustomerAuthentication(delegatedAuthenticationData) .paymentInstrumentId("PI00000000000000000000001"); // Send the request ManageScaDevicesApi service = new ManageScaDevicesApi(client); RegisterSCAResponse response = service.initiateRegistrationOfScaDevice(registerSCARequest, null); ``` #### PHP ```php setXApiKey("ADYEN_BALANCE_PLATFORM_API_KEY"); $client->setEnvironment(Environment::TEST); // Create the request object(s) $delegatedAuthenticationData = new DelegatedAuthenticationData(); $delegatedAuthenticationData ->setSdkOutput("eyJjaGFubmVsIjoiYXBwIiwib3BlcmF0aW5nU3lzdGV..."); $registerSCARequest = new RegisterSCARequest(); $registerSCARequest ->setStrongCustomerAuthentication($delegatedAuthenticationData) ->setPaymentInstrumentId("PI00000000000000000000001"); // Send the request $service = new ManageScaDevicesApi($client); $response = $service->initiateRegistrationOfScaDevice($registerSCARequest); ``` #### C\# ```cs // Adyen .net API Library v28.0.0 using Adyen; using Environment = Adyen.Model.Environment; using Adyen.Model; using Adyen.Model.BalancePlatform; using Adyen.Service.BalancePlatform; var config = new Config() { XApiKey = "ADYEN_BALANCE_PLATFORM_API_KEY", Environment = Environment.Test }; var client = new Client(config); // Create the request object(s) DelegatedAuthenticationData delegatedAuthenticationData = new DelegatedAuthenticationData { SdkOutput = "eyJjaGFubmVsIjoiYXBwIiwib3BlcmF0aW5nU3lzdGV..." }; RegisterSCARequest registerSCARequest = new RegisterSCARequest { StrongCustomerAuthentication = delegatedAuthenticationData, PaymentInstrumentId = "PI00000000000000000000001" }; // Send the request var service = new ManageScaDevicesService(client); var response = service.InitiateRegistrationOfScaDevice(registerSCARequest); ``` #### NodeJS (JavaScript) ```js // Adyen Node API Library v23.3.0 const { Client, BalancePlatformAPI } = require('@adyen/api-library'); const client = new Client({ apiKey: "ADYEN_BALANCE_PLATFORM_API_KEY", environment: "TEST" }); // Create the request object(s) const registerSCARequest = { paymentInstrumentId: "PI00000000000000000000001", strongCustomerAuthentication: { sdkOutput: "eyJjaGFubmVsIjoiYXBwIiwib3BlcmF0aW5nU3lzdGV..." } } // Send the request const balancePlatformAPI = new BalancePlatformAPI(client); const response = balancePlatformAPI.ManageScaDevicesApi.initiateRegistrationOfScaDevice(registerSCARequest); ``` #### Go ```go // Adyen Go API Library v17.0.0 import ( "context" "github.com/adyen/adyen-go-api-library/v17/src/common" "github.com/adyen/adyen-go-api-library/v17/src/adyen" "github.com/adyen/adyen-go-api-library/v17/src/balancePlatform" ) client := adyen.NewClient(&common.Config{ ApiKey: "ADYEN_BALANCE_PLATFORM_API_KEY", Environment: common.TestEnv, }) // Create the request object(s) delegatedAuthenticationData := balancePlatform.DelegatedAuthenticationData{ SdkOutput: "eyJjaGFubmVsIjoiYXBwIiwib3BlcmF0aW5nU3lzdGV...", } registerSCARequest := balancePlatform.RegisterSCARequest{ StrongCustomerAuthentication: delegatedAuthenticationData, PaymentInstrumentId: "PI00000000000000000000001", } // Send the request service := client.BalancePlatform() req := service.ManageScaDevicesApi.InitiateRegistrationOfScaDeviceInput().RegisterSCARequest(registerSCARequest) res, httpRes, err := service.ManageScaDevicesApi.InitiateRegistrationOfScaDevice(context.Background(), req) ``` #### Python ```py # Adyen Python API Library v13.3.0 import Adyen adyen = Adyen.Adyen() adyen.client.xapikey = "ADYEN_BALANCE_PLATFORM_API_KEY" adyen.client.platform = "test" # The environment to use library in. # Create the request object(s) json_request = { "paymentInstrumentId": "PI00000000000000000000001", "strongCustomerAuthentication": { "sdkOutput": "eyJjaGFubmVsIjoiYXBwIiwib3BlcmF0aW5nU3lzdGV..." } } # Send the request result = adyen.balancePlatform.manage_sca_devices_api.initiate_registration_of_sca_device(request=json_request) ``` #### Ruby ```rb # Adyen Ruby API Library v10.1.1 require "adyen-ruby-api-library" adyen = Adyen::Client.new adyen.api_key = 'ADYEN_BALANCE_PLATFORM_API_KEY' adyen.env = :test # Set to "live" for live environment # Create the request object(s) request_body = { :paymentInstrumentId => 'PI00000000000000000000001', :strongCustomerAuthentication => { :sdkOutput => 'eyJjaGFubmVsIjoiYXBwIiwib3BlcmF0aW5nU3lzdGV...' } } # Send the request result = adyen.balancePlatform.manage_sca_devices_api.initiate_registration_of_sca_device(request_body) ``` #### NodeJS (TypeScript) ```ts // Adyen Node API Library v23.3.0 import { Client, BalancePlatformAPI, Types } from "@adyen/api-library"; const client = new Client({ apiKey: "ADYEN_BALANCE_PLATFORM_API_KEY", environment: "TEST" }); // Create the request object(s) const delegatedAuthenticationData: Types.balancePlatform.DelegatedAuthenticationData = { sdkOutput: "eyJjaGFubmVsIjoiYXBwIiwib3BlcmF0aW5nU3lzdGV..." }; const registerSCARequest: Types.balancePlatform.RegisterSCARequest = { strongCustomerAuthentication: delegatedAuthenticationData, paymentInstrumentId: "PI00000000000000000000001" }; // Send the request const balancePlatformAPI = new BalancePlatformAPI(client); const response = balancePlatformAPI.ManageScaDevicesApi.initiateRegistrationOfScaDevice(registerSCARequest); ``` The response returns: * [sdkInput](https://docs.adyen.com/api-explorer/balanceplatform/latest/post/registeredDevices#responses-200-sdkInput): pass the value to the SDK when [registering the device](#register-device). * [id](https://docs.adyen.com/api-explorer/balanceplatform/latest/post/registeredDevices#responses-200-id): the device ID needed when [finalizing the registration](#finalize-registration). This ID begins either with `BSDR` or `RD`. We suggest that you create and store a mapping between the registered device `id` and the human-readable account holder name. For example, **BSDR00000000000000000000001** is "Cardholder's iPhone". You can use this pair later to show the details, for example, when [deregistering the device](/issuing/3d-secure/oob-auth-sdk/manage-devices#deregister-device) if the user doesn't specify a device name during registration. **Initiate device registration response** ```json { "id": "BSDR00000000000000000000001", "paymentInstrumentId": "PI00000000000000000000001", "sdkInput": "eyJjaGFsbGVuZ2UiOiJiVlV6ZW5wek0waFNlQzFvVjBGSGRVaDNaVXc1UVE9PSJ9", "success": true } ``` ## Authenticate cardholder In your client app, perform authentication. PSD2 requires you to perform [two-factor authentication](https://en.wikipedia.org/wiki/Multi-factor_authentication) (2FA) as an extra security step during the login process. ## Register the device To register the device with the Authentication SDK: 1. Authenticate the user by performing [two-factor authentication](https://en.wikipedia.org/wiki/Multi-factor_authentication) (2FA). 2. Trigger the SDK to start the device registration and pass `sdkInput` from [step 2](#initiate-registration). ### Tab: Android (Kotlin) **Register device with SCA SDK** ```kotlin lifecycleScope.launch { val registrationResult: AuthenticationResult = adyenAuthentication.register("sdkInput") when (registrationResult) { is AuthenticationResult.RegistrationSuccessful -> { registrationResult.sdkOutput } is AuthenticationResult.Canceled -> { // cardholder canceled the flow } is AuthenticationResult.Error -> { // Unexpected error registrationResult.errorMessage } is AuthenticationResult.AuthenticationError -> { // FIDO API Error registrationResult.authenticationError } } } ``` After the successful registration, the SDK generates a Base64-encoded `sdkOutput` data blob. ### Tab: iOS (Swift) **Register device with SCA SDK** ```swift let sdkOutput = try await authenticationService.register(withBase64URLString: sdkInput) /// send the sdkOutput to the backend ``` The SDK uses the [Apple DeviceCheck framework](https://developer.apple.com/documentation/devicecheck) to generate a Base64-encoded `sdkOutput` data blob. To do this, the SDK authenticates the user using Touch ID, Face ID, or the device passcode. To enable Face ID support, add `NSFaceIDUsageDescription` to `Info.plist`. 3. Pass `sdkOutput` to your server. ## Finalize registration To finalize the device registration: 1. Make a PATCH [/registeredDevices/{id}](https://docs.adyen.com/api-explorer/balanceplatform/latest/patch/registeredDevices/\(id\)) request from your server. Specify the following parameters: | Parameter | Parameter type | Description | | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------- | | [id](https://docs.adyen.com/api-explorer/balanceplatform/latest/patch/registeredDevices/\(id\)#path-id) | Path | The unique identifier of the SCA device. You obtain this `id` after you [initiate the device registration](#initiate-registration). | | [paymentInstrumentId](https://docs.adyen.com/api-explorer/balanceplatform/latest/patch/registeredDevices/\(id\)#request-paymentInstrumentId) | Body | The unique identifier of the card you want to register the device for. | | [strongCustomerAuthentication.sdkOutput](https://docs.adyen.com/api-explorer/balanceplatform/latest/patch/registeredDevices/\(id\)#request-strongCustomerAuthentication-sdkOutput) | Body | Base64-encoded blob of data created in the previous step. | **Finalize device registration** #### curl ```bash curl https://balanceplatform-api-test.adyen.com/bcl/v2/registeredDevices/{id} \ -H 'x-api-key: ADYEN_BALANCE_PLATFORM_API_KEY' \ -H 'content-type: application/json' \ -X PATCH \ -d '{ "paymentInstrumentId": "PI00000000000000000000001", "strongCustomerAuthentication" : { "sdkOutput": "eyJhdHRlc3RhdGlvbk9iamVjdCI6Im8yTm1iWF..." } }' ``` #### Java ```java // Adyen Java API Library v33.0.0 import com.adyen.Client; import com.adyen.enums.Environment; import com.adyen.model.balanceplatform.*; import java.time.OffsetDateTime; import java.util.*; import com.adyen.service.balancePlatform.*; Client client = new Client("ADYEN_BALANCE_PLATFORM_API_KEY", Environment.TEST); // Create the request object(s) DelegatedAuthenticationData delegatedAuthenticationData = new DelegatedAuthenticationData() .sdkOutput("eyJhdHRlc3RhdGlvbk9iamVjdCI6Im8yTm1iWF..."); RegisterSCARequest registerSCARequest = new RegisterSCARequest() .strongCustomerAuthentication(delegatedAuthenticationData) .paymentInstrumentId("PI00000000000000000000001"); // Send the request ManageScaDevicesApi service = new ManageScaDevicesApi(client); RegisterSCAFinalResponse response = service.completeRegistrationOfScaDevice("id", registerSCARequest, null); ``` #### PHP ```php setXApiKey("ADYEN_BALANCE_PLATFORM_API_KEY"); $client->setEnvironment(Environment::TEST); // Create the request object(s) $delegatedAuthenticationData = new DelegatedAuthenticationData(); $delegatedAuthenticationData ->setSdkOutput("eyJhdHRlc3RhdGlvbk9iamVjdCI6Im8yTm1iWF..."); $registerSCARequest = new RegisterSCARequest(); $registerSCARequest ->setStrongCustomerAuthentication($delegatedAuthenticationData) ->setPaymentInstrumentId("PI00000000000000000000001"); // Send the request $service = new ManageScaDevicesApi($client); $response = $service->completeRegistrationOfScaDevice('id', $registerSCARequest); ``` #### C\# ```cs // Adyen .net API Library v28.0.0 using Adyen; using Environment = Adyen.Model.Environment; using Adyen.Model; using Adyen.Model.BalancePlatform; using Adyen.Service.BalancePlatform; var config = new Config() { XApiKey = "ADYEN_BALANCE_PLATFORM_API_KEY", Environment = Environment.Test }; var client = new Client(config); // Create the request object(s) DelegatedAuthenticationData delegatedAuthenticationData = new DelegatedAuthenticationData { SdkOutput = "eyJhdHRlc3RhdGlvbk9iamVjdCI6Im8yTm1iWF..." }; RegisterSCARequest registerSCARequest = new RegisterSCARequest { StrongCustomerAuthentication = delegatedAuthenticationData, PaymentInstrumentId = "PI00000000000000000000001" }; // Send the request var service = new ManageScaDevicesService(client); var response = service.CompleteRegistrationOfScaDevice("id", registerSCARequest); ``` #### NodeJS (JavaScript) ```js // Adyen Node API Library v23.3.0 const { Client, BalancePlatformAPI } = require('@adyen/api-library'); const client = new Client({ apiKey: "ADYEN_BALANCE_PLATFORM_API_KEY", environment: "TEST" }); // Create the request object(s) const registerSCARequest = { paymentInstrumentId: "PI00000000000000000000001", strongCustomerAuthentication: { sdkOutput: "eyJhdHRlc3RhdGlvbk9iamVjdCI6Im8yTm1iWF..." } } // Send the request const balancePlatformAPI = new BalancePlatformAPI(client); const response = balancePlatformAPI.ManageScaDevicesApi.completeRegistrationOfScaDevice("id", registerSCARequest); ``` #### Go ```go // Adyen Go API Library v17.0.0 import ( "context" "github.com/adyen/adyen-go-api-library/v17/src/common" "github.com/adyen/adyen-go-api-library/v17/src/adyen" "github.com/adyen/adyen-go-api-library/v17/src/balancePlatform" ) client := adyen.NewClient(&common.Config{ ApiKey: "ADYEN_BALANCE_PLATFORM_API_KEY", Environment: common.TestEnv, }) // Create the request object(s) delegatedAuthenticationData := balancePlatform.DelegatedAuthenticationData{ SdkOutput: "eyJhdHRlc3RhdGlvbk9iamVjdCI6Im8yTm1iWF...", } registerSCARequest := balancePlatform.RegisterSCARequest{ StrongCustomerAuthentication: delegatedAuthenticationData, PaymentInstrumentId: "PI00000000000000000000001", } // Send the request service := client.BalancePlatform() req := service.ManageScaDevicesApi.CompleteRegistrationOfScaDeviceInput("id").RegisterSCARequest(registerSCARequest) res, httpRes, err := service.ManageScaDevicesApi.CompleteRegistrationOfScaDevice(context.Background(), req) ``` #### Python ```py # Adyen Python API Library v13.3.0 import Adyen adyen = Adyen.Adyen() adyen.client.xapikey = "ADYEN_BALANCE_PLATFORM_API_KEY" adyen.client.platform = "test" # The environment to use library in. # Create the request object(s) json_request = { "paymentInstrumentId": "PI00000000000000000000001", "strongCustomerAuthentication": { "sdkOutput": "eyJhdHRlc3RhdGlvbk9iamVjdCI6Im8yTm1iWF..." } } # Send the request result = adyen.balancePlatform.manage_sca_devices_api.complete_registration_of_sca_device(request=json_request, id="id") ``` #### Ruby ```rb # Adyen Ruby API Library v10.1.1 require "adyen-ruby-api-library" adyen = Adyen::Client.new adyen.api_key = 'ADYEN_BALANCE_PLATFORM_API_KEY' adyen.env = :test # Set to "live" for live environment # Create the request object(s) request_body = { :paymentInstrumentId => 'PI00000000000000000000001', :strongCustomerAuthentication => { :sdkOutput => 'eyJhdHRlc3RhdGlvbk9iamVjdCI6Im8yTm1iWF...' } } # Send the request result = adyen.balancePlatform.manage_sca_devices_api.complete_registration_of_sca_device(request_body, 'id') ``` #### NodeJS (TypeScript) ```ts // Adyen Node API Library v23.3.0 import { Client, BalancePlatformAPI, Types } from "@adyen/api-library"; const client = new Client({ apiKey: "ADYEN_BALANCE_PLATFORM_API_KEY", environment: "TEST" }); // Create the request object(s) const delegatedAuthenticationData: Types.balancePlatform.DelegatedAuthenticationData = { sdkOutput: "eyJhdHRlc3RhdGlvbk9iamVjdCI6Im8yTm1iWF..." }; const registerSCARequest: Types.balancePlatform.RegisterSCARequest = { strongCustomerAuthentication: delegatedAuthenticationData, paymentInstrumentId: "PI00000000000000000000001" }; // Send the request const balancePlatformAPI = new BalancePlatformAPI(client); const response = balancePlatformAPI.ManageScaDevicesApi.completeRegistrationOfScaDevice("id", registerSCARequest); ``` 2. Verify that the response contains `success` **true**. The registration is now complete and the device ID is connected to the payment instrument. An element for the device ID is added to the `data` array of GET [/registeredDevices](https://docs.adyen.com/api-explorer/balanceplatform/latest/get/registeredDevices). The user can start authenticating themselves for future operations related to the payment instrument ID used during registration. You cannot register a device more than once. However, now that the device is registered, you can connect more payment instruments to the device [using the device association API](/issuing/3d-secure/oob-auth-sdk/manage-devices#associate-cards-to-a-registered-device). ## Next steps Authenticate your users before authorizing operations. [required](/issuing/3d-secure/oob-auth-sdk/manage-devices) [Manage devices](/issuing/3d-secure/oob-auth-sdk/manage-devices) [Use our APIs to get registration details, connect payment instruments to devices, and delete registrations.](/issuing/3d-secure/oob-auth-sdk/manage-devices) [required](/issuing/3d-secure/oob-auth-sdk/authenticate-cardholders/) [Authenticate cardholders](/issuing/3d-secure/oob-auth-sdk/authenticate-cardholders/) [Use our Authentication SDK to authenticate your users when they pay with an Adyen-issued card.](/issuing/3d-secure/oob-auth-sdk/authenticate-cardholders/)