SDK on mobile

Our mobile solutions let you accept in-person payments on a mobile device, or on a card reader that is paired with a mobile device through Bluetooth.

• With the Tap to Pay solution, you start transactions from a POS app that runs on your mobile device and use the mobile device as the payment interface. Customers tap your mobile device with their payment card, or with their phone (or other device) that has a digital wallet like Apple Pay.

• With the card reader solution, you start transactions from a POS app that runs on your mobile device and use the card reader as the payment interface. Customers tap, insert, or swipe their card on the card reader, or use a digital wallet like Apple Pay.

If your POS app allows selecting the payment interface, you can use both solutions alongside each other.

Supported mobile devices

Solution	POS app OS	Mobile device
Tap to Pay	iOS	iPhone
	Android	Android smartphone or tablet
Card reader	iOS	iPhone or iPad
	Android	Android smartphone or tablet

Adyen POS Mobile SDK

The starting point for mobile in-person payments is your iOS or Android POS app. This app must be integrated with our Terminal API. When you have such an app, you can build a mobile in-person payments solution by adding an iOS or Android Adyen POS Mobile SDK to the POS app. The Tap to Pay solution and the card reader solution use the same iOS SDK or Android SDK. For the card reader solution, the SDKs include functionality to manage the device pairing between your mobile device and the card reader.

Security of the SDK

Payments using the Adyen POS Mobile SDK are fully secure:

• Payment details that are read from the customer's payment method (card or digital wallet) are not kept locally on the phone or other mobile device.
• When using an iPhone as the payment interface for Tap to Pay on iPhone, transactions are encrypted and handled using Apple's Secure Element.
• The card reader is a PCI PTS-approved Secure Card Reader (SCR). When using the card reader as the payment interface, the payment details are encrypted immediately.
• The Adyen POS Mobile SDK sends and receives only encrypted payment messages.

Follow security best practices

To keep the solution secure, you must:

• Keep your API key secret and save it securely in your server.
• Never make requests to Adyen APIs directly from the POS app that is installed on the mobile device.

In addition, you should adhere to the following best practices:

• Follow the guidelines in our Integration security guide.
• Establish secure communications between your server and your POS app, using mutual authentication like mTLS.
  It is vital to prevent bad actors from modifying Terminal API transaction requests sent from your server to your app.
• Implement user authentication in your POS app, such as a login feature, to ensure only trusted users can operate the app.
• Keep the Adyen POS Mobile SDK updated to the latest version. After a short grace period, we don't accept transaction requests made using an older SDK version.
• Keep the Adyen POS Mobile SDK files secure: only get SDK files directly from trusted Adyen sources; when possible, validate the integrity of the SDK files; don't share SDK files with third parties.
• Keep the operating system on your mobile device updated to the latest version and the latest security patch.

Requirements for iOS

To integrate the SDK into your iOS POS app you need:

• A POS app that is integrated with our Terminal API.
• An API credential with an API key, a client key, and the Checkout webservice role.
• Xcode version 14.3 or later.
• SDK version 2.0.1 or later.
• For Tap to Pay on iPhone: an entitlement on your Apple Developer account to use Tap to Pay on iPhone.

End users, like store staff, need:

• An iOS mobile device. For Tap to Pay on iPhone, the mobile device must be an iPhone Xs or later with a device passcode set up on the iPhone to unlock it.

• The POS app, with the SDK integrated into it, installed on their mobile device.

• iOS version on their mobile device:

  iOS version on device with POS app	SDK integrated in the POS app
  iOS 16.4 or later	The device can use all functionality from the POS app, including the SDK functionality.
  iOS 13 - 16.3.1	The device can use the POS app, but not the SDK functionality.
  iOS 12 or earlier	The device can't run the POS app if the SDK is integrated into it.

• For the card reader solution, end users also need to have an NYC1 card reader from Adyen.

Requirements for Android

To integrate the SDK into your Android POS app you need:

• A POS app that is integrated with our Terminal API.

End users, like store staff, need:

• An Android mobile device that can be updated easily to the latest Android version and security patch.
• The POS app, with the SDK integrated into it, installed on their mobile device.
• An API credential with an API key, a client key, and the Checkout webservice role.
• Android version on their mobile device: Android 11 updated to the latest security patch. The minimum required security patch is the one for March 5th 2022.

  Whenever Android stops supporting security patches for an OS version, the Android Adyen POS Mobile SDK no longer supports that OS version. Therefore, it is important to ensure your Android devices are easy to update, for example using Mobile Device Management (MDM) software.

• For the card reader solution, end users also need to have an NYC1 card reader from Adyen.

Current limitations

Integrations with the Adyen POS Mobile SDK have some limitations regarding payment features, payment methods, entry methods, and Cardholder Verification Methods (CVM).

Feature	Tap to Pay	Card reader
Payments
Offline payments
Refunds, referenced
Refunds, unreferenced
Payment methods	American Express Diners Discover eftpos (only on iOS) Mastercard Visa	American Express Mastercard Visa
Contactless
EMV
Magstripe
PIN
Signature

Build a solution

What solution do you want to build?