Are you looking for test card numbers?

Would you like to contact support?

Default icon

3D Secure 2 Component

Add native 3D Secure 2 authentication to your integration.

Our 3D Secure 2 Component handles the 3D Secure 2 device fingerprinting and challenge flows, including the data exchange between your front end and the issuer's Access Control Server (ACS).

When adding native 3D Secure 2 authentication to your integration:

  1. Collect the cardholder name in your payment form.
  2. Provide additional parameters when making a payment request.
  3. Use the 3D Secure 2 Component to perform the authentication flow.
  4. If the payment was routed to 3D Secure 2 redirect flow, use the 3D Secure 2 Component to handle the redirect.

This page describes the integration steps for Android Drop-in v4.0.0 or later.

Before you begin

Before starting your integration, make sure that you have integrated our Card Component, or built your own UI for collecting shopper's card details.

Collect additional parameters in your payment form

For higher authentication rates, we strongly recommend that you collect the cardholder name, the shopper billing address and email address in advance in your payment form. Deliver these parameters to your backend when making a payment as they are required by the card schemes.

Configure the Card Component

If you are using our Card Component, set holderNameRequired to true when creating a CardConfiguration object:

val cardConfiguration = CardConfiguration.Builder(context, "YOUR_CLIENT_KEY")
    .setHolderNameRequired(true)
    // When you're ready to accept live payments, change the value to one of our live environments.
    .setEnvironment(Environment.TEST)
    .build()

Make a payment

From your server, make a /payments request, specifying:

Parameter name Required Description
paymentMethod -white_check_mark- If using the Card Component, pass the paymentComponentState.data.paymentMethod object from your client app. If submitting raw card data, refer to Raw card data for the fields that you need to pass.
Make sure to include threeDS2SdkVersion.
channel -white_check_mark- Set to Android.
authenticationData.threeDSRequestData.nativeThreeDS -white_check_mark- Set to preferred. Indicates that your payment page can handle 3D Secure 2 transactions natively.
browserInfo -white_check_mark- Contains the userAgent and acceptHeader fields. Indicates that your integration can handle 3D Secure 2 redirect authentication. If your integration is unable to generate this information, you can send the same data as in the request below.
returnUrl -white_check_mark- In case the transaction is routed to 3D Secure 1, this is the URL where the shopper will be redirected back to after completing 3D Secure 1 authentication. Get this URL from Drop-in in the RedirectComponent.getReturnUrl(context). This URL can have a maximum of 1024 characters.
billingAddress The cardholder's billing address.
shopperEmail The cardholder's email address.

To increase the likelihood of achieving a frictionless flow and higher authorisation rates, we recommend that you send additional parameters.

For channel Android, we recommend including these additional parameters: billingAddress and shopperEmail.

curl https://checkout-test.adyen.com/v69/payments \
-H "X-API-key: [Your API Key here]" \
-H "Content-Type: application/json" \
-d '{
   "amount":{
      "currency":"EUR",
      "value":1000
   },
   "reference":"YOUR_ORDER_NUMBER",
   "shopperReference":"YOUR_UNIQUE_SHOPPER_ID",
   "paymentMethod": {hint:paymentMethod field of an object passed from the client app}STATE_DATA{/hint},
   "authenticationData": {
      "threeDSRequestData": {
        "nativeThreeDS": "preferred"
      }
   },
   "{hint:state.data.billingAddress from onSubmit}billingAddress{/hint}": {
      "street": "Infinite Loop",
      "houseNumberOrName": "1",
      "postalCode": "1011DJ",
      "city": "Amsterdam",
      "country": "NL"
   },
   "{hint:Required for 3D Secure 1}browserInfo{/hint}: {
      "userAgent":"Mozilla/5.0 (Linux; Android 6.0.1; Nexus 6P Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.83 Mobile Safari/537.36",
      "acceptHeader":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8"
   },
   "shopperEmail":"s.hopper@example.com"
   "channel":"Android",
   "returnUrl":"adyencheckout://your.package.name",
   "merchantAccount":"YOUR_MERCHANT_ACCOUNT"
}'
require 'adyen-ruby-api-library'

# Set your X-API-KEY with the API key from the Customer Area.
adyen = Adyen::Client.new
adyen.env = :test
adyen.api_key = "YOUR_X-API-KEY"

# STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
paymentMethod = STATE_DATA

response = adyen.checkout.payments({
    :authenticationData => {
        :threeDSRequestData => {
            :nativeThreeDS => "preferred"
        }
    },
    :paymentMethod => paymentMethod,
    :billingAddress => {
        :city => "Amsterdam",
        :country => "NL",
        :houseNumberOrName => "1",
        :postalCode => "1011DJ",
        :street => "Infinite Loop"
    },
    :browserInfo => {        # Data object passed from the onSubmit event, parsed from JSON to a Hash.
        :userAgent =>  "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 6P Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.83 Mobile Safari/537.36",
        :acceptHeader => "text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8",
    },
    :amount => {
        :currency => 'EUR',
        :value => 1000
    },
    :channel => 'Android',
    :reference => 'YOUR_ORDER_NUMBER',
    :shopperEmail => "s.hopper@example.com",
    :returnUrl => 'adyencheckout://your.package.name',
    :merchantAccount => 'YOUR_MERCHANT_ACCOUNT'
})
// Set your X-API-KEY with the API key from the Customer Area.
String xApiKey = "YOUR_X-API-KEY";
Client client = new Client(xApiKey,Environment.TEST);
Checkout checkout = new Checkout(client);
PaymentsRequest paymentsRequest = new PaymentsRequest();
paymentsRequest.setMerchantAccount("YOUR_MERCHANT_ACCOUNT");
// STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.

AuthenticationData authenticationData = new AuthenticationData();
ThreeDSRequestData threeDSRequestData = new ThreeDSRequestData();
threeDSRequestData.setNativeThreeDS("preferred");
authenticationData.setThreeDSRequestData(threeDSRequestData);
paymentsRequest.setAuthenticationData(authenticationData);

paymentsRequest.setPaymentMethod(STATE_DATA)

Amount amount = new Amount();
amount.setCurrency("EUR");
amount.setValue(1000L);
paymentsRequest.setAmount(amount);

Address billingAddress = new Address();
billingAddress.setCity("Amsterdam");
billingAddress.setCountry("NL");
billingAddress.setHouseNumberOrName("1");
billingAddress.setPostalCode("1011DJ");
billingAddress.setStreet("Infinite Loop");

paymentsRequest.setBillingAddress(billingAddress);
BrowserInfo browserInfo = new BrowserInfo();
browserInfo.setUserAgent("Mozilla/5.0 (Linux; Android 6.0.1; Nexus 6P Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.83 Mobile Safari/537.36");
browserInfo.setAcceptHeader("text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8");

{ % REQUEST_INSTANCE % }.setChannel({ % REQUEST_CLASS % }.ChannelEnum.Android);
paymentsRequest.setReference("YOUR_ORDER_NUMBER");
paymentsRequest.setShopperEmail("s.hopper@example.com");
paymentsRequest.setReturnUrl("adyencheckout://your.package.name");
PaymentsResponse paymentsResponse = checkout.payments(paymentsRequest);
// Set your X-API-KEY with the API key from the Customer Area.
$client = new \Adyen\Client();
$client->setEnvironment(\Adyen\Environment::TEST);
$client->setXApiKey("YOUR_X-API-KEY");
$service = new \Adyen\Service\Checkout($client);

// STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
$paymentMethod = STATE_DATA;;

$params = array(
    "authenticationData" => array(
         "threeDSRequestData" => [
            "nativeThreeDS" => "preferred"
         ]

    ),
    "paymentMethod" => $paymentMethod,
    "billingAddress" => array(
        "city" => "Amsterdam",
        "country" => "NL",
        "houseNumberOrName" => "1",
        "postalCode" => "1011DJ",
        "street" => "Infinite Loop"
    ),
    "browserInfo" => array(
        "userAgent" => "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 6P Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.83 Mobile Safari/537.36",
        "acceptHeader" => "text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8",
    ),
    "amount" => array(
        "currency" => "EUR",
        "value" => 1000
    ),
    "channel" => "Android",
    "reference" => "YOUR_ORDER_NUMBER",
    "shopperEmail" = "s.hopper@example.com",
    "returnUrl" => "adyencheckout://your.package.name",
    "merchantAccount" => "YOUR_MERCHANT_ACCOUNT"
);
$result = $service->payments($params);
# Set your X-API-KEY with the API key from the Customer Area.
adyen = Adyen.Adyen()
adyen.payment.client.platform = "test"
adyen.client.xapikey = 'YOUR_X-API-KEY'

# STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
paymentMethod = STATE_DATA

result = adyen.checkout.payments({
    'authenticationData': {
        'threeDSRequestData': {
            'nativeThreeDS': 'preferred'
        }
    },
    'paymentMethod': paymentMethod,
    'billingAddress': {
        'street': 'Infinite Loop',
        'houseNumberOrName': '1',
        'postalCode': '1011DJ',
        'city': 'Amsterdam',
        'country': 'NL'
    },
    'browserInfo': {
        'userAgent':  'Mozilla/5.0 (Linux; Android 6.0.1; Nexus 6P Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.83 Mobile Safari/537.36',
        'acceptHeader': 'text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8',

    },
    'amount': {
        'value': 1000,
        'currency': 'EUR'
    },
    'channel': 'Android',
    'reference': 'YOUR_ORDER_NUMBER',
    'shopperEmail': 's.hopper@example.com',
    'returnUrl': 'adyencheckout://your.package.name',
    'merchantAccount': 'YOUR_MERCHANT_ACCOUNT'
})
// Set your X-API-KEY with the API key from the Customer Area.
string apiKey = "YOUR_X-API-KEY";
var client = new Client (apiKey, Environment.Test);
var checkout = new Checkout(client);
var amount = new Adyen.Model.Checkout.Amount("EUR", 1000);
var threeDSRequestData = new Adyen.Model.Checkout.ThreeDSRequestData
{
    NativeThreeDS = Adyen.Model.Checkout.ThreeDSRequestData.NativeThreeDSEnum.Preferred
};
var paymentsRequest = new Adyen.Model.Checkout.PaymentRequest
{
// STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
    AuthenticationData = new Adyen.Model.Checkout.AuthenticationData
    {
        ThreeDSRequestData = threeDSRequestData
    },
    PaymentMethod = STATE_DATA,
    BillingAddress = new Adyen.Model.Checkout.Address
    {
        City = "Amsterdam",
        Country = "NL",
        HouseNumberOrName = "1",
        PostalCode = "1011DJ",
        Street = "Infinite Loop"
    },
    BrowserInfo = new Adyen.Model.Checkout.BrowserInfo
    (
        userAgent: @"Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0",
        acceptHeader: @"text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8"
    ),
    Amount = amount,
    Channel = Adyen.Model.Checkout.PaymentRequest.ChannelEnum.Android,
    Reference = "YOUR_ORDER_NUMBER",
    ShopperEmail = "s.hopper@example.com",
    ReturnUrl = @"adyencheckout://your.package.name",
};
var paymentResponse = checkout.Payments(paymentsRequest);
const {Client, Config, CheckoutAPI} = require('@adyen/api-library');
const config = new Config();
// Set your X-API-KEY with the API key from the Customer Area.
config.apiKey = '[YOUR_X-API-KEY]';
config.merchantAccount = '[YOUR_MERCHANT_ACCOUNT]';
const client = new Client({ config });
client.setEnvironment("TEST");
const checkout = new CheckoutAPI(client);
checkout.payments({
    merchantAccount: config.merchantAccount,
// STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
    paymentMethod: STATE_DATA,
    authenticationData: {
        threeDSRequestData: { nativeThreeDS: "preferred"}
    },
    browserInfo:{
        userAgent: "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 6P Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.83 Mobile Safari/537.36",
        acceptHeader: "text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8",
    },
    billingAddress: {
        city: "Amsterdam",
        country: "NL",
        houseNumberOrName: "1",
        postalCode: "1011DJ",
        street: "Infinite Loop"
    },
    amount: { currency: "EUR", value: 1000, },
    channel: "Android",
    reference: "YOUR_ORDER_NUMBER",
    shopperEmail: "s.hopper@example.com",
    returnUrl: "adyencheckout://your.package.name",
}).then(res => res);

Your next steps depend on whether the /payments response contains an action object, and on the action.type.

action.type Description Next steps
No action object The transaction was either exempted or out-of-scope for 3D Secure 2 authentication. Use the resultCode to present the payment result to your shopper.
threeDS2 The payment qualifies for 3D Secure 2, and will go through the authentication flow. 1. Pass the action object to your client app.
2. Use the 3D Secure 2 Component to perform the authentication flow.
redirect The payment is routed to the 3D Secure 2 redirect flow.
1. Pass the action object to your client app.
2. Use the 3D Secure 2 Component to handle the redirect.

The following example shows a /payments response with action.type: threeDS2

/payments response with action
{
    "action":{
        "type":"threeDS2",
        "subtype": "fingerprint",
        "paymentData":"Ab02b4c0!BQABAgCuZFJrQOjSsl\/zt+...",
        "paymentMethodType":"scheme",
        "authorisationToken" : "Ab02b4c0!BQABAgAvrX03p...",
        "token":"eyJ0aHJlZURTTWV0aG9kTm90aWZpY..."
    },
    "resultCode":"IdentifyShopper",
    ...
}

Use the 3D Secure 2 Component

If the /payments response contains an action object with action.type: threeDS2, use the 3D Secure 2 Component to perform the required authentication flow.

  1. Import the 3D Secure 2 Component to your build.gradle file.

    implementation "com.adyen.checkout:3ds2:<latest-version>"

    Check the latest version on GitHub.

  2. Create a configuration object for the Adyen3DS2Component, passing your client key:

    val adyen3DS2Configuration = Adyen3DS2Configuration.Builder(context, "YOUR_CLIENT_KEY")
    .setEnvironment(Environment.TEST)
    .build()
  3. Initialize the 3D Secure 2 Component, passing the configuration object created in the previous step:

    val threedsComponent = Adyen3DS2Component.PROVIDER.get(this@YourActivity, application, adyen3DS2Configuration)
  4. Provide the action object from the /payments response.

    threedsComponent.handleAction(this@YourActivity, action)
  5. The Component notifies the observer with the actionComponentData.details. Pass this to your server.

    threedsComponent.observe(this) { actionComponentData ->
        // Send a /payments/details/ call containing the `actionComponentData`
        sendPaymentDetails(actionComponentData)
    }
  6. From your server, make a /payments/details request, specifying:

    • details: The actionComponentData.details from your client app.
    curl https://checkout-test.adyen.com/v69/payments/details \
    -H "x-API-key: YOUR_X-API-KEY" \
    -H "content-type: application/json" \
    -d '{hint:object passed from the front end or client app}STATE_DATA{/hint}'
    require 'adyen-ruby-api-library'
    
    # Set your X-API-KEY with the API key from the Customer Area.
    adyen = Adyen::Client.new
    adyen.env = :test
    adyen.api_key = "YOUR_X-API-KEY"
    
    # STATE_DATA is an object passed from the front end or client app, deserialized from JSON to a data structure.
    request = STATE_DATA 
    response = adyen.checkout.payments.details(request)  
    
    # Check if further action is needed.
    if response.body.has_key(:action)
       # Pass the action object to your frontend
       puts response.body[:action]
    else
       # No further action needed, pass the resultCode to your frontend
       puts response.body[:resultCode]
    end
    // Set your X-API-KEY with the API key from the Customer Area.
    String xApiKey = "YOUR_X-API-KEY";
    Client client = new Client(xApiKey,Environment.TEST);
    Checkout checkout = new Checkout(client);
    // STATE_DATA is an object passed from the front end or client app, deserialized from JSON to a data structure.
    PaymentsDetailsRequest paymentsDetailsRequest = STATE_DATA;
    PaymentsResponse paymentsDetailsResponse = checkout.paymentsDetails(paymentsDetailsRequest);
    // Set your X-API-KEY with the API key from the Customer Area.
    $client = new \Adyen\Client();
    $client->setEnvironment(\Adyen\Environment::TEST);
    $client->setXApiKey("YOUR_X-API-KEY");
    $service = new \Adyen\Service\Checkout($client);
    
    // STATE_DATA is an object passed from the front end or client app, deserialized from JSON to a data structure.
    $params = STATE_DATA;
    $result = $service->paymentsDetails($params);
    
    // Check if further action is needed
    if (array_key_exists("action", $result)){
       // Pass the action object to your frontend.
       // $result["action"]
    }
    else {
       // No further action needed, pass the resultCode to your front end
       // $result['resultCode']
    }
    # Set your X-API-KEY with the API key from the Customer Area.
    adyen = Adyen.Adyen()
    adyen.payment.client.platform = "test"
    adyen.client.xapikey = 'YOUR_X-API-KEY'
    
    # STATE_DATA is an object passed from the front end or client app, deserialized from JSON to a data structure.
    request = STATE_DATA
    result = adyen.checkout.payments_details(request)
    
    # Check if further action is needed.
    if 'action' in result.message:
       # Pass the action object to your front end
       # result.message['action']
    else:
       # No further action needed, pass the resultCode to your front end
       # result.message['resultCode']
    // Set your X-API-KEY with the API key from the Customer Area.
    string apiKey = "YOUR_X-API-KEY";
    var client = new Client (apiKey, Environment.Test);
    var checkout = new Checkout(client);
    // STATE_DATA is an object passed from the front end or client app, deserialized from JSON to a data structure.
    var paymentsDetailsRequest = STATE_DATA;
    var paymentsDetailsResponse = checkout.PaymentDetails(paymentsDetailsRequest);
    const {Client, Config, CheckoutAPI} = require('@adyen/api-library');
    const config = new Config();
    // Set your X-API-KEY with the API key from the Customer Area.
    config.apiKey = '[YOUR_X-API-KEY]';
    const client = new Client({ config });
    client.setEnvironment("TEST");
    const checkout = new CheckoutAPI(client);
    // STATE_DATA is an object passed from the front end or client app, deserialized from JSON to a data structure.
    checkout.paymentsDetails(STATE_DATA).then(res => res);
  7. Use the resultCode from the /payments response to present the payment result to your shopper.

Handle the redirect

If the payment was routed to 3D Secure 2 redirect flow, use the 3D Secure 2 Component to handle the redirect:

  1. Add an IntentFilter to the Activity that will handle the returnUrl specified in your /payments request.

    <activity
      android:name=".YourActivity">
        <intent-filter>
           <action android:name="android.intent.action.VIEW"/>
           <category android:name="android.intent.category.DEFAULT"/>
           <category android:name="android.intent.category.BROWSABLE"/>
           <data android:host="${applicationId}" android:scheme="adyencheckout"/>
        </intent-filter>
    </activity>

    The ${applicationId} will be replaced with your.package.name at build time.

  2. Get the result of the redirect from the Activity. Pass the intent back to the Component. Depending on your activity's launchMode, you can get this intent in either onCreate or onNewIntent.

    private fun handleIntent(intent: Intent?) {
      val data = intent?.data
      if (data != null && data.toString().startsWith(RedirectUtil.REDIRECT_RESULT_SCHEME)) {
        threedsComponent.handleIntent(intent)
      }
    }
  3. The Component notifies the observer with the actionComponentData object from the data in intent.data. Pass this to your server.

    threedsComponent.observe(this) { actionComponentData ->
      // Send a /payments/details/ call containing the `actionComponentData`
      sendPaymentDetails(actionComponentData)
    }

Present the payment result

Use the  resultCode from the /payments or /payments/details response to present the payment result to your shopper. You will also receive the outcome of the payment asynchronously in a webhook.

For card payments, you can receive the following resultCode values:

resultCode Description Action to take
Authorised The payment was successful. Inform the shopper that the payment has been successful.
If you are using manual capture, you also need to capture the payment.
Cancelled The shopper cancelled the payment. Ask the shopper if they want to continue with the order, or ask them to select a different payment method.
Error There was an error when the payment was being processed. For more information, check the refusalReason field. Inform the shopper that there was an error processing their payment.
Refused The payment was refused. For more information, check the refusalReason field. Ask the shopper to try the payment again using a different payment method.

Customizing the UI for 3D Secure 2

The 3D Secure 2 Component inherits your app's theme to ensure the UI of the challenge flow fits your app's look and feel. You can override the default theme to inherit from one of AppCompat's theme variants. To do this, add the following XML snippet to your styles.xml file.

<style name="ThreeDS2Theme" parent="Theme.MaterialComponents.Light.Bridge">
    <!-- Customize the SDK theme here. -->
    <item name="colorPrimary">@color/colorPrimary</item>
    <item name="colorPrimaryDark">@color/colorPrimaryDark</item>
    <item name="colorAccent">@color/colorAccent</item>
</style>

Test and go live

Use our test card numbers to test how your integration handles different 3D Secure 2 authentication scenarios.

See also