Our 3D Secure 2 Component handles the 3D Secure 2 device fingerprinting and challenge flows, including the data exchange between your front end and the issuer's Access Control Server (ACS).
When adding native 3D Secure 2 authentication to your integration:
- Collect the card holder name in your payment form.
- Provide additional parameters when making a payment request.
- Use the 3D Secure 2 Component to perform the authentication flow.
- Use the Redirect Component to handle the redirect if the payment was routed to the 3D Secure 1 flow.
This page describes the integration steps for v3.0.0 or later of Android Components. If you are using an earlier version, refer to an earlier version of this integration guide.
Before you begin
Before starting your integration:
- Contact our Support Team to make sure that 3D Secure is triggered in your app.
- Make sure that you have integrated our Card Component, or built you own UI for collecting shopper's card details.
Collect additional parameters in your payment form
For higher authentication rates, we strongly recommend that you collect the card holder name, the shopper billing address and email address in advance in your payment form. Deliver these parameters to your backend when making a payment as they are required by the card schemes.
Configure the Card Component
If you are using our Card Component, set holderNameRequire
to true when creating a cardConfiguration
object:
val cardConfiguration = CardConfiguration.Builder(context, "<publicKey>")
setHolderNameRequire(true)
.build()
Collect additional parameters in your payment form
We also recommend that you collect the shopper billing address and email in advance in your payment form. Deliver these parameters to your backend when making a payment as they are required by the card schemes.
Make a payment
From your server, make a /payments request, specifying:
Parameter name | Required | Description |
---|---|---|
paymentMethod |
![]() |
If using the Card Component, pass the paymentComponentState.data.paymentMethod object from your client app. If submitting raw card data, refer to Raw card data for the fields that you need to pass. |
additionalData.allow3DS2 |
![]() |
Set to true. |
channel |
![]() |
Set to Android. |
returnUrl |
![]() |
In case of a 3D Secure 1 flow, this is the URL where the shopper will be redirected back to after completing 3D Secure 1 authentication. Get this URL from Drop-in in the RedirectComponent.getReturnUrl(context) . This URL can have a maximum of 1024 characters. |
billingAddress |
The cardholder's billing address. | |
shopperEmail |
The cardholder's email address. |
To increase the likelihood of achieving a frictionless flow and higher authorisation rates, we recommend that you send additional parameters.
For channel
Android, we recommend including these additional parameters: billingAddress
and shopperEmail
.
curl https://checkout-test.adyen.com/v66/payments \
-H "X-API-key: [Your API Key here]" \
-H "Content-Type: application/json" \
-d '{
"amount":{
"currency":"EUR",
"value":1000
},
"reference":"YOUR_ORDER_NUMBER",
"shopperReference":"YOUR_UNIQUE_SHOPPER_ID",
"{hint:paymentComponentState.data.paymentMethod from app}paymentMethod{/hint}":{
"type":"scheme",
"encryptedCardNumber":"adyenjs_0_1_18$k7s65M5V0KdPxTErhBIPoMPI8HlC..",
"encryptedExpiryMonth":"adyenjs_0_1_18$p2OZxW2XmwAA8C1Avxm3G9UB6e4..",
"encryptedExpiryYear":"adyenjs_0_1_18$CkCOLYZsdqpxGjrALWHj3QoGHqe+..",
"encryptedSecurityCode":"adyenjs_0_1_24$XUyMJyHebrra/TpSda9fha978+..",
"holderName":"S. Hopper"
},
"additionalData":{
"allow3DS2":true
},
"{hint:state.data.billingAddress from onSubmit}billingAddress{/hint}": {
"street": "Infinite Loop",
"houseNumberOrName": "1",
"postalCode": "1011DJ",
"city": "Amsterdam",
"country": "NL"
},
"shopperEmail":"s.hopper@example.com"
"channel":"Android",
"returnUrl":"adyencheckout://your.package.name",
"merchantAccount":"YOUR_MERCHANT_ACCOUNT"
}'
# Set your X-API-KEY with the API key from the Customer Area.
adyen = Adyen::Client.new
adyen.env = :test
adyen.api_key = "YOUR_X-API-KEY"
response = adyen.checkout.payments({
:amount => {
:currency => "EUR",
:value => 1000
},
:reference => "YOUR_ORDER_NUMBER",
:shopperReference => "YOUR_UNIQUE_SHOPPER_ID",
:paymentMethod => { # Data object from paymentComponentState from the client app, parsed from JSON to a Hash.
:type => "scheme",
:encryptedCardNumber => "adyenjs_0_1_18$k7s65M5V0KdPxTErhBIPoMPI8HlC..",
:encryptedExpiryMonth => "adyenjs_0_1_18$p2OZxW2XmwAA8C1Avxm3G9UB6e4..",
:encryptedExpiryYear => "adyenjs_0_1_18$CkCOLYZsdqpxGjrALWHj3QoGHqe+..",
:encryptedSecurityCode => "adyenjs_0_1_24$XUyMJyHebrra/TpSda9fha978+..",
:holderName => "S. Hopper"
},
:additionalData => {
:allow3DS2 => true
},
:billingAddress => {
:city => "Amsterdam",
:country => "NL",
:houseNumberOrName => "1",
:postalCode => "1011DJ",
:street => "Infinite Loop"
},
:shopperEmail => "s.hopper@example.com",
:channel => "Android",
:returnUrl => "my-app://",
:merchantAccount => "YOUR_MERCHANT_ACCOUNT"
})
# Check if further action is needed.
if response.body.has_key(:action)
# Pass the action object to your front end
# response.body[:action]
else
# No further action needed, pass the resultCode object to your front end
# response.body[:resultCode]
Client client = new Client("YOUR_API_KEY", Environment.TEST);
Checkout checkout = new Checkout(client);
PaymentsRequest paymentsRequest = new PaymentsRequest();
paymentsRequest.setMerchantAccount("YOUR_MERCHANT_ACCOUNT");
paymentsRequest.setReference("YOUR_ORDER_REFERENCE");
DefaultPaymentMethodDetails paymentMethodDetails = new DefaultPaymentMethodDetails();
paymentMethodDetails.setType("scheme");
paymentMethodDetails.setEncryptedCardNumber("adyenjs_0_1_18$k7s65M5V0KdPxTErhBIPoMPI8HlC..");
paymentMethodDetails.setEncryptedExpiryMonth("adyenjs_0_1_18$p2OZxW2XmwAA8C1Avxm3G9UB6e4..");
paymentMethodDetails.setEncryptedExpiryYear("adyenjs_0_1_18$CkCOLYZsdqpxGjrALWHj3QoGHqe+..");
paymentMethodDetails.setEncryptedSecurityCode("adyenjs_0_1_24$XUyMJyHebrra/TpSda9fha978+..");
paymentMethodDetails.setHolderName("S. Hopper");
paymentsRequest.setPaymentMethod(paymentMethodDetails);
Amount amount = new Amount();
amount.setCurrency("EUR");
amount.setValue(1000L);
paymentsRequest.setAmount(amount);
Map<String, String> additionalData = new HashMap<>();
additionalData.put("allow3DS2", "true");
paymentsRequest.setAdditionalData(additionalData);
Address billingAddress = new Address();
billingAddress.setCity("Amsterdam");
billingAddress.setCountry("NL");
billingAddress.setHouseNumberOrName("1");
billingAddress.setPostalCode("1011DJ");
billingAddress.setStreet("Infinite Loop");
paymentsRequest.setBillingAddress(billingAddress);
paymentsRequest.setShopperEmail("s.hopper@example.com");
paymentsRequest.setReturnUrl("adyencheckout://your.package.name");
PaymentsResponse paymentsResponse = checkout.payments(paymentsRequest);
// Set your X-API-KEY with the API key from the Customer Area.
$client = new \Adyen\Client();
$client->setXApiKey("YOUR_X-API-KEY");
$service = new \Adyen\Service\Checkout($client);
$params = [
"amount" => [
"currency" => "EUR",
"value" => 1000
],
"reference" => "YOUR_ORDER_NUMBER",
"paymentMethod" => [
"type" => "scheme",
"encryptedCardNumber" => "adyenjs_0_1_18$k7s65M5V0KdPxTErhBIPoMPI8HlC..",
"encryptedExpiryMonth" => "adyenjs_0_1_18$p2OZxW2XmwAA8C1Avxm3G9UB6e4..",
"encryptedExpiryYear" => "adyenjs_0_1_18$CkCOLYZsdqpxGjrALWHj3QoGHqe+..",
"encryptedSecurityCode" => "adyenjs_0_1_24$XUyMJyHebrra/TpSda9fha978+..",
"holderName" => "S. Hopper"
],
"additionalData" => [
"allow3DS2" => true
],
"billingAddress" => [
"city" => "Amsterdam",
"country" => "NL",
"houseNumberOrName" => "1",
"postalCode" => "1011DJ",
"street" => "Infinite Loop"
],
"shopperEmail" => "s.hopper@example.com",
"channel" => "Android",
"returnUrl" => "adyencheckout://your.package.name",
"merchantAccount" => "YOUR_MERCHANT_ACCOUNT"
];
$result = $service->payments($params);
// Check if further action is needed
if (array_key_exists("action", $result){
// Pass the action object to your client app.
// $result["action"]
}
else {
// No further action needed, pass the resultCode to your client app.
// $result['resultCode']
}
# Set your X-API-KEY with the API key from the Customer Area.
adyen = Adyen.Adyen()
adyen.client.xapikey = 'YOUR_X-API-KEY'
result = adyen.checkout.payments({
"amount": {
"currency": "EUR",
"value": 1000
},
"reference":"YOUR_ORDER_NUMBER",
"paymentMethod": {
"type": "scheme",
"encryptedCardNumber": "adyenjs_0_1_18$k7s65M5V0KdPxTErhBIPoMPI8HlC..",
"encryptedExpiryMonth": "adyenjs_0_1_18$p2OZxW2XmwAA8C1Avxm3G9UB6e4..",
"encryptedExpiryYear": "adyenjs_0_1_18$CkCOLYZsdqpxGjrALWHj3QoGHqe+..",
"encryptedSecurityCode": "adyenjs_0_1_24$XUyMJyHebrra/TpSda9fha978+..",
"holderName": "S. Hopper"
},
"additionalData": {
"allow3DS2": "true"
},
"billingAddress": {
"street": "Infinite Loop",
"houseNumberOrName": "1",
"postalCode": "1011DJ",
"city": "Amsterdam",
"country": "NL"
},
"shopperEmail": "s.hopper@example.com",
"channel": "Android",
"returnUrl": "adyencheckout://your.package.name",
"merchantAccount": "YOUR_MERCHANT_ACCOUNT"
})
// Set your X-API-KEY with the API key from the Customer Area.
var client = new Client ("YOUR-X-API-KEY", Environment.Test);
var checkout = new Checkout(client);
var paymentRequest = new Adyen.Model.Checkout.PaymentRequest
{
Amount = new Model.Checkout.Amount(Currency: "EUR", Value: 1000),
Reference = "YOUR_ORDER_REFERENCE",
PaymentMethod = new DefaultPaymentMethodDetails
{
EncryptedCardNumber = "adyenjs_0_1_18$k7s65M5V0KdPxTErhBIPoMPI8HlC..",
EncryptedExpiryMonth = "adyenjs_0_1_18$p2OZxW2XmwAA8C1Avxm3G9UB6e4..",
EncryptedExpiryYear = "adyenjs_0_1_18$CkCOLYZsdqpxGjrALWHj3QoGHqe+..",
EncryptedSecurityCode = "adyenjs_0_1_24$XUyMJyHebrra/TpSda9fha978+..",
HolderName = "S. Hopper",
Type = "scheme"
},
AdditionalData = new Dictionary<string, string> { { "allow3DS2", "true" } },
BillingAddress = new Model.Checkout.Address
{
City = "Amsterdam",
Country = "NL",
HouseNumberOrName = "1",
PostalCode = "1011DJ",
Street = "Infinite Loop"
},
ShopperEmail = "s.hopper@example.com",
ReturnUrl = "adyencheckout://your.package.name",
MerchantAccount = "YOUR_MERCHANT_ACCOUNT"
};
// Set your X-API-KEY with the API key from the Customer Area.
const {Client, Config, CheckoutAPI} = require('@adyen/api-library');
const config = new Config();
// Set your X-API-KEY with the API key from the Customer Area.
config.apiKey = '[API_KEY]';
config.merchantAccount = '[MERCHANT_ACCOUNT]';
const client = new Client({ config });
client.setEnvironment("TEST");
const checkout = new CheckoutAPI(client);
checkout.payments({
amount:{
currency: "EUR",
value: 1000
},
reference: "YOUR_ORDER_NUMBER",
paymentMethod: {
type: "scheme",
encryptedCardNumber: "adyenjs_0_1_18$k7s65M5V0KdPxTErhBIPoMPI8HlC..",
encryptedExpiryMonth: "adyenjs_0_1_18$p2OZxW2XmwAA8C1Avxm3G9UB6e4..",
encryptedExpiryYear: "adyenjs_0_1_18$CkCOLYZsdqpxGjrALWHj3QoGHqe+..",
encryptedSecurityCode: "adyenjs_0_1_24$XUyMJyHebrra/TpSda9fha978+..",
holderName: "S. Hopper"
},
additionalData : {
allow3DS2:true
},
billingAddress: {
city: "Amsterdam",
country: "NL",
houseNumberOrName: "1",
postalCode: "1011DJ",
street: "Infinite Loop"
},
shopperEmail: "s.hopper@example.com",
channel: "Android",
returnUrl: "adyencheckout://your.package.name",
merchantAccount: "YOUR_MERCHANT_ACCOUNT"
}).then(res => res);
Your next steps depend on whether the /payments response contains an action
object, and on the action.type
.
If you receive an action
object, store the action.paymentData
on your server - you'll need this when making a /payments/details request later.
action.type |
Description | Next steps |
---|---|---|
No action object |
The transaction was either exempted or out-of-scope for 3D Secure 2 authentication. | Use the resultCode to present the payment result to your shopper. |
threeDS2Fingerprint | The payment qualifies for 3D Secure 2, and will go through either the frictionless or the challenge flow. | 1. Pass the action object to your client app. 2. Use the 3D Secure 2 Component to perform the authentication flow. |
redirect | The payment is routed to the 3D Secure 1 flow, based on issuer performance. |
1. Pass the action object to your client app. 2. Use the Redirect Component to handle the redirect. |
The following example shows a /payments response with action.type
: threeDS2Fingerprint
{
"resultCode":"IdentifyShopper",
"action":{
"{hint: Store this on your server.}paymentData{/hint}":"Ab02b4c0!BQABAgCuZFJrQOjSsl\/zt+...",
"paymentMethodType":"scheme",
"token":"eyJ0aHJlZURTTWV0aG9kTm90aWZpY...",
"type":"threeDS2Fingerprint"
},
"authentication":{
"threeds2.fingerprintToken":"eyJ0aHJlZURTTWV0aG9kTm90aWZpY..."
},
...
}
Use the 3D Secure 2 Component
If the /payments response contains an action
object with action.type
: threeDS2Fingerprint, or if the /payments/details response contains an action
object with action.type
: threeDS2Challenge, use the 3D Secure 2 Component to perform the required authentication flow.
-
Import the 3D Secure 2 Component to your
build.gradle
file.implementation "com.adyen.checkout:3ds2:<latest-version>"
Check the latest version on GitHub.
-
Initialize the 3D Secure 2 Component.
val threedsComponent = Adyen3DS2Component.PROVIDER.get(this@YourActivity)
-
Provide the
action
object from the /payments (or /payments/details) response.threedsComponent.handleAction(this@YourActivity, action)
-
The Component notifies the
observer
with theactionComponentData.details
. Pass this to your server.threedsComponentComponent.observe(this, Observer { // Send a /payments/details/ call containing the `actionComponentData.details` })
-
From your server, make a /payments/details request, specifying:
paymentData
: ThepaymentData
from the response to your last API request (to either the /payments or the /payments/details endpoint) .details
: TheactionComponentData.details
from your client app.
curl https://checkout-test.adyen.com/v66/payments/details \ -H "x-API-key: YOUR_X-API-KEY" \ -H "content-type: application/json" \ -d '{ "{hint:value that you stored on your server}paymentData{/hint}":"Ab02b4c0!BQABAgCuZFJrQOjSsl\/zt+...", "{hint:actionComponentData.details from app}details{/hint}":{ "threeds2.fingerprint": "eyJ0aHJlZURTQ29tcEluZCI6ICJZIn0=" } }'
# Set your X-API-KEY with the API key from the Customer Area. adyen = Adyen::Client.new adyen.env = :test adyen.api_key = "YOUR_X-API-KEY" request = DROPIN_ACTION_COMPONENT_DATA # Data object passed from actionComponentData from the client app, parsed from JSON to a Hash. response = adyen.checkout.payments.details(request) # Check if further action is needed. if response.body.has_key(:action) # Pass the action object to your frontend puts response.body[:action] else # No further action needed, pass the resultCode to your frontend puts response.body[:resultCode] end
// Set your X-API-KEY with the API key from the Customer Area. String apiKey = "YOUR_X-API-KEY"; String paymentData = "Ab02b4c0!BQABAgAKspbjN8+5..."; String fingerPrint = "eyJ0aHJlZURTQ29tcEluZCI6IlkifQ=="; Client client = new Client(apiKey,Environment.TEST); Checkout checkout = new Checkout(client); PaymentsDetailsRequest paymentsDetailsRequest = new PaymentsDetailsRequest(); paymentDetailsRequest.setFingerPrint(); PaymentsResponse paymentsResponse = checkout.paymentsDetails(paymentsDetailsRequest);
// Set your X-API-KEY with the API key from the Customer Area. $client = new \Adyen\Client(); $client->setXApiKey("YOUR_X-API-KEY"); $service = new \Adyen\Service\Checkout($client); $params = DROPIN_ACTION_COMPONENT_DATA; // Data object passed from actionComponentData from the client app, parsed from JSON to an array $result = $service->paymentsDetails($params); // Check if further action is needed if (array_key_exists("action", $result){ // Pass the action object to your frontend. // $result["action"] } else { // No further action needed, pass the resultCode to your front end // $result['resultCode'] }
#Set your X-API-KEY with the API key from the Customer Area. adyen = Adyen.Adyen() adyen.client.xapikey = 'YOUR_X-API-KEY' request = DROPIN_ACTION_COMPONENT_DATA # Data object passed from actionComponentData from the client app, parsed from JSON to a dictionary result = adyen.checkout.payments_details(request) # Check if further action is needed. if 'action' in result.message: # Pass the action object to your front end # result.message['action'] else: # No further action needed, pass the resultCode to your front end # result.message['resultCode']
// Set your X-API-KEY with the API key from the Customer Area. var client = new Client ("YOUR_X-API-KEY", Environment.Test); var checkout = new Checkout(client); string paymentData = "Ab02b4c0!BQABAgCuZFJrQOjSsl\/zt+..."; string fingerPrint = "eyJ0aHJlZURTQ29tcEluZCI6IlkifQ=="; var details = new Dictionary<string, string> { { "threeds2.fingerprint": fingerPrint } }; var paymentsDetailsRequest = new Model.Checkout.PaymentsDetailsRequest(Details: details); var paymentResponse = checkout.PaymentDetails(paymentsDetailsRequest);
// Set your X-API-KEY with the API key from the Customer Area. const {Client, Config, CheckoutAPI} = require('@adyen/api-library'); const config = new Config(); // Set your X-API-KEY with the API key from the Customer Area. config.apiKey = '[API_KEY]'; config.merchantAccount = '[YOUR_MERCHANT_ACCOUNT]'; const client = new Client({ config }); client.setEnvironment("TEST"); const checkout = new CheckoutAPI(client); checkout.paymentsDetails({ details: {DROPIN_ACTION_COMPONENT_DATA} // Data object passed from the client app. }).then(res => res);
Your next steps depend on whether the /payments/details response contains an action
object.
If you receive an action
object, store the action.paymentData
on your server - you'll need this when making a /payments/details request later.
action.type |
Description | Next steps |
---|---|---|
No action object |
The 3D Secure 2 authentication process has been completed. | Use the resultCode from the /payments response to present the payment result to your shopper. |
threeDS2Challenge | The issuer requires further shopper interaction and is initiating a challenge flow. | 1. Pass the action object to your client app. 2. Go back to step 3 to submit the authentication results. |
Customizing the UI for 3D Secure 2
The Component inherits your app's theme to ensure the UI of the challenge flow fits your app's look and feel. You can override the default theme to inherit from one of AppCompat's theme variants. To do this, add the following XML snippet to your styles.xml
file.
<style name="ThreeDS2Theme" parent="Theme.AppCompat.Light.DarkActionBar">
<!-- Customize the SDK theme here. -->
<item name="colorPrimary">@color/colorPrimary</item>
<item name="colorPrimaryDark">@color/colorPrimaryDark</item>
<item name="colorAccent">@color/colorAccent</item>
</style>
Present the payment result
Use the resultCode from the /payments or /payments/details response to present the payment result to your shopper. You will also receive the outcome of the payment asynchronously in a notification webhook.
For card payments, you can receive the following resultCode
values:
resultCode | Description | Action to take |
---|---|---|
Authorised | The payment was successful. | Inform the shopper that the payment has been successful. If you are using manual capture, you also need to capture the payment. |
Cancelled | The shopper cancelled the payment. | Ask the shopper whether they want to continue with the order, or ask them to select a different payment method. |
Error | There was an error when the payment was being processed. For more information, check the
refusalReason
field. |
Inform the shopper that there was an error processing their payment. |
Refused | The payment was refused. For more information, check the
refusalReason
field. |
Ask the shopper to try the payment again using a different payment method. |
Test and go live
Use our test card numbers to test how your integration handles different 3D Secure 2 authentication scenarios.