Our iOS Drop-in renders the available cards in your payment form, and securely collects any sensitive card information, so it doesn't touch your server. Drop-in also handles the 3D Secure 2 device fingerprinting and challenge flows, including the data exchange between your front end and the issuer's Access Control Server (ACS).
When making a card payment with native 3D Secure 2 authentication, you need to:
- Configure Drop-in to collect the cardholder name.
- Provide additional parameters when making a payment request.
- Submit authentication results if you receive an
actionobject in response to your /payments or /payments/details request. - If the payment was routed to 3D Secure 2 redirect flow, handle the redirect result.
This page describes the integration steps for v3.0.0 or later of iOS Drop-in. If you are using an earlier version, refer to an earlier version of this integration guide.
Before you begin
This page explains how to add cards with native 3D Secure 2 authentication to your existing iOS Drop-in integration. The iOS Drop-in integration works the same way for all payment methods. If you haven't done this integration yet, refer to our Drop-in integration guide.
Before starting your integration:
- Make sure that you have set up your back end implementation, and added Drop-in to your payment form.
- Add the cards that you want to accept in your test Customer Area.
Collect additional parameters in your payment form
For higher authentication rates, we strongly recommend that you collect the shopper cardholder name and billing address in advance in your payment form. Deliver these parameters to your backend when making a payment, because they are required by the card schemes.
Show the available cards in your payment form
For information about the supported countries and currencies for each card, refer to Payment methods.
To show cards in your payment form:
-
Specify in your /paymentMethods request a combination of countryCode and amount.currency. Drop-in uses this information to show the available cards to your shopper.
-
When initializing the Drop-in, create a configuration object, and specify:
configuration.card.showsHolderNameField: true. This shows the input field for the cardholder name.
let configuration = DropInComponent.Configuration(apiContext: apiContext) configuration.card.showsHolderNameField = true // Displays the field for entering the holder name.
When the shopper is entering their card details, Drop-in tries to recognize the card brand. When successful, Drop-in renders the brand icon.
Make a payment
When the shopper proceeds to pay, Drop-in invokes the didSubmit method which contains data.paymentMethod.
- Pass
data.paymentMethodto your server. -
From your server, make a /payments request, specifying:
Parameter name Required Description paymentMethod 
The data.paymentMethodobject from thedidSubmitevent from your client app.
Make sure to include threeDS2SdkVersion.channel Set to iOS. authenticationData.threeDSRequestData.nativeThreeDSSet to preferred. Indicates that your payment page can handle 3D Secure 2 transactions natively. browserInfo Contains the userAgentandacceptHeaderfields. Indicates that your integration can handle 3D Secure 2 redirect authentication in case the transaction is routed to 3D Secure 2 redirect flow. If your integration is unable to generate this information, you can send the same data as in the request below.returnUrl In case of a 3D Secure 2 redirect flow, this is the URL where the shopper will be redirected back to after completing authentication. Use the custom URL for your app, for example, my-app://adyen. For more information on setting custom URL schemes, refer to the Apple Developer documentation.billingAddress The cardholder's billing address. shopperEmail The cardholder's email address.
To increase the likelihood of achieving a frictionless flow and higher authorisation rates, we recommend that you send additional parameters.
For channel iOS, we recommend including these additional parameters: billingAddress and shopperEmail.
curl https://checkout-test.adyen.com/v69/payments \
-H "X-API-key: [Your API Key here]" \
-H "Content-Type: application/json" \
-d '{
"amount":{
"currency":"EUR",
"value":1000
},
"reference":"YOUR_ORDER_NUMBER",
"shopperReference":"YOUR_UNIQUE_SHOPPER_ID",
"paymentMethod": {hint:paymentMethod field of an object passed from the client app}STATE_DATA{/hint},
"authenticationData": {
"threeDSRequestData": {
"nativeThreeDS": "preferred"
}
},
"{hint:state.data.billingAddress from onSubmit}billingAddress{/hint}": {
"street": "Infinite Loop",
"houseNumberOrName": "1",
"postalCode": "1011DJ",
"city": "Amsterdam",
"country": "NL"
},
"{hint:Required for 3D Secure 1}browserInfo{/hint}: {
"userAgent":"Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A5370a Safari/604.1",
"acceptHeader":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8"
},
"shopperEmail":"s.hopper@example.com"
"channel":"iOS",
"returnUrl":"my-app://adyen",
"merchantAccount":"YOUR_MERCHANT_ACCOUNT"
}'require 'adyen-ruby-api-library'
# Set your X-API-KEY with the API key from the Customer Area.
adyen = Adyen::Client.new
adyen.env = :test
adyen.api_key = "YOUR_X-API-KEY"
# STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
paymentMethod = STATE_DATA
response = adyen.checkout.payments({
:authenticationData => {
:threeDSRequestData => {
:nativeThreeDS => "preferred"
}
},
:paymentMethod => paymentMethod,
:billingAddress => {
:city => "Amsterdam",
:country => "NL",
:houseNumberOrName => "1",
:postalCode => "1011DJ",
:street => "Infinite Loop"
},
:browserInfo => { # Data object passed from the onSubmit event, parsed from JSON to a Hash.
:userAgent => "Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A5370a Safari/604.1",
:acceptHeader => "text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8",
},
:amount => {
:currency => 'EUR',
:value => 1000
},
:channel => 'iOS',
:reference => 'YOUR_ORDER_NUMBER',
:shopperEmail => "s.hopper@example.com",
:returnUrl => 'my-app://adyen',
:merchantAccount => 'YOUR_MERCHANT_ACCOUNT'
})// Set your X-API-KEY with the API key from the Customer Area.
String xApiKey = "YOUR_X-API-KEY";
Client client = new Client(xApiKey,Environment.TEST);
Checkout checkout = new Checkout(client);
PaymentsRequest paymentsRequest = new PaymentsRequest();
paymentsRequest.setMerchantAccount("YOUR_MERCHANT_ACCOUNT");
// STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
AuthenticationData authenticationData = new AuthenticationData();
ThreeDSRequestData threeDSRequestData = new ThreeDSRequestData();
threeDSRequestData.setNativeThreeDS("preferred");
authenticationData.setThreeDSRequestData(threeDSRequestData);
paymentsRequest.setAuthenticationData(authenticationData);
paymentsRequest.setPaymentMethod(STATE_DATA)
Amount amount = new Amount();
amount.setCurrency("EUR");
amount.setValue(1000L);
paymentsRequest.setAmount(amount);
Address billingAddress = new Address();
billingAddress.setCity("Amsterdam");
billingAddress.setCountry("NL");
billingAddress.setHouseNumberOrName("1");
billingAddress.setPostalCode("1011DJ");
billingAddress.setStreet("Infinite Loop");
paymentsRequest.setBillingAddress(billingAddress);
BrowserInfo browserInfo = new BrowserInfo();
browserInfo.setUserAgent("Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A5370a Safari/604.1");
browserInfo.setAcceptHeader("text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8");
{ % REQUEST_INSTANCE % }.setChannel({ % REQUEST_CLASS % }.ChannelEnum.iOS);
paymentsRequest.setReference("YOUR_ORDER_NUMBER");
paymentsRequest.setShopperEmail("s.hopper@example.com");
paymentsRequest.setReturnUrl("my-app://adyen");
PaymentsResponse paymentsResponse = checkout.payments(paymentsRequest);// Set your X-API-KEY with the API key from the Customer Area.
$client = new \Adyen\Client();
$client->setEnvironment(\Adyen\Environment::TEST);
$client->setXApiKey("YOUR_X-API-KEY");
$service = new \Adyen\Service\Checkout($client);
// STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
$paymentMethod = STATE_DATA;;
$params = array(
"authenticationData" => array(
"threeDSRequestData" => [
"nativeThreeDS" => "preferred"
]
),
"paymentMethod" => $paymentMethod,
"billingAddress" => array(
"city" => "Amsterdam",
"country" => "NL",
"houseNumberOrName" => "1",
"postalCode" => "1011DJ",
"street" => "Infinite Loop"
),
"browserInfo" => array(
"userAgent" => "Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A5370a Safari/604.1",
"acceptHeader" => "text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8",
),
"amount" => array(
"currency" => "EUR",
"value" => 1000
),
"channel" => "iOS",
"reference" => "YOUR_ORDER_NUMBER",
"shopperEmail" = "s.hopper@example.com",
"returnUrl" => "my-app://adyen",
"merchantAccount" => "YOUR_MERCHANT_ACCOUNT"
);
$result = $service->payments($params);# Set your X-API-KEY with the API key from the Customer Area.
adyen = Adyen.Adyen()
adyen.payment.client.platform = "test"
adyen.client.xapikey = 'YOUR_X-API-KEY'
# STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
paymentMethod = STATE_DATA
result = adyen.checkout.payments({
'authenticationData': {
'threeDSRequestData': {
'nativeThreeDS': 'preferred'
}
},
'paymentMethod': paymentMethod,
'billingAddress': {
'street': 'Infinite Loop',
'houseNumberOrName': '1',
'postalCode': '1011DJ',
'city': 'Amsterdam',
'country': 'NL'
},
'browserInfo': {
'userAgent': 'Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A5370a Safari/604.1',
'acceptHeader': 'text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8',
},
'amount': {
'value': 1000,
'currency': 'EUR'
},
'channel': 'iOS',
'reference': 'YOUR_ORDER_NUMBER',
'shopperEmail': 's.hopper@example.com',
'returnUrl': 'my-app://adyen',
'merchantAccount': 'YOUR_MERCHANT_ACCOUNT'
})// Set your X-API-KEY with the API key from the Customer Area.
string apiKey = "YOUR_X-API-KEY";
var client = new Client (apiKey, Environment.Test);
var checkout = new Checkout(client);
var amount = new Adyen.Model.Checkout.Amount("EUR", 1000);
var threeDSRequestData = new Adyen.Model.Checkout.ThreeDSRequestData
{
NativeThreeDS = Adyen.Model.Checkout.ThreeDSRequestData.NativeThreeDSEnum.Preferred
};
var paymentsRequest = new Adyen.Model.Checkout.PaymentRequest
{
// STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
AuthenticationData = new Adyen.Model.Checkout.AuthenticationData
{
ThreeDSRequestData = threeDSRequestData
},
PaymentMethod = STATE_DATA,
BillingAddress = new Adyen.Model.Checkout.Address
{
City = "Amsterdam",
Country = "NL",
HouseNumberOrName = "1",
PostalCode = "1011DJ",
Street = "Infinite Loop"
},
BrowserInfo = new Adyen.Model.Checkout.BrowserInfo
(
userAgent: @"Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0",
acceptHeader: @"text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8"
),
Amount = amount,
Channel = Adyen.Model.Checkout.PaymentRequest.ChannelEnum.iOS,
Reference = "YOUR_ORDER_NUMBER",
ShopperEmail = "s.hopper@example.com",
ReturnUrl = @"my-app://adyen",
};
var paymentResponse = checkout.Payments(paymentsRequest);const {Client, Config, CheckoutAPI} = require('@adyen/api-library');
const config = new Config();
// Set your X-API-KEY with the API key from the Customer Area.
config.apiKey = '[YOUR_X-API-KEY]';
config.merchantAccount = '[YOUR_MERCHANT_ACCOUNT]';
const client = new Client({ config });
client.setEnvironment("TEST");
const checkout = new CheckoutAPI(client);
checkout.payments({
merchantAccount: config.merchantAccount,
// STATE_DATA is the paymentMethod field of an object passed from the front end or client app, deserialized from JSON to a data structure.
paymentMethod: STATE_DATA,
authenticationData: {
threeDSRequestData: { nativeThreeDS: "preferred"}
},
browserInfo:{
userAgent: "Mozilla/5.0 (iPhone; CPU iPhone OS 11_0 like Mac OS X) AppleWebKit/604.1.38 (KHTML, like Gecko) Version/11.0 Mobile/15A5370a Safari/604.1",
acceptHeader: "text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8",
},
billingAddress: {
city: "Amsterdam",
country: "NL",
houseNumberOrName: "1",
postalCode: "1011DJ",
street: "Infinite Loop"
},
amount: { currency: "EUR", value: 1000, },
channel: "iOS",
reference: "YOUR_ORDER_NUMBER",
shopperEmail: "s.hopper@example.com",
returnUrl: "my-app://adyen",
}).then(res => res);Your next steps depend on whether the /payments response contains an action object, and on the action.type. Choose your API version:
action.type |
Description | Next steps |
|---|---|---|
No action object |
The transaction was either exempted or out-of-scope for 3D Secure 2 authentication. | Use the resultCode to present the payment result to your shopper. |
| threeDS2 | The payment qualifies for 3D Secure 2, and will go through the authentication flow. | 1. Pass the action object to your client app to perform the authentication flow. 2. Submit the challenge result. |
| redirect | The payment is routed to the 3D Secure 2 redirect flow. |
1. Pass the action object to your client app 2. Handle the redirect result. |
The following example shows a /payments response with action.type: threeDS2
{
"action":{
"type":"threeDS2",
"subtype": "fingerprint",
"paymentData":"Ab02b4c0!BQABAgCuZFJrQOjSsl\/zt+...",
"paymentMethodType":"scheme",
"authorisationToken" : "Ab02b4c0!BQABAgAvrX03p...",
"token":"eyJ0aHJlZURTTWV0aG9kTm90aWZpY..."
},
"resultCode":"IdentifyShopper",
...
}Submit authentication results
Drop-in uses dropInComponent.handle(action) to perform the required authentication flow. After completing the action, Drop-in invokes the didProvide method which contains data.details.
- Get the contents of
data.detailsand pass this to your server. -
From your server, make a POST /payments/details request specifying:
Use the
resultCodefrom the response to present the payment result.
Present the payment result
Use the resultCode from the /payments or /payments/details response to present the payment result to your shopper. You will also receive the outcome of the payment asynchronously in a webhook.
For card payments, you can receive the following resultCode values:
| resultCode | Description | Action to take |
|---|---|---|
| Authorised | The payment was successful. | Inform the shopper that the payment has been successful. If you are using manual capture, you also need to capture the payment. |
| Cancelled | The shopper cancelled the payment. | Ask the shopper if they want to continue with the order, or ask them to select a different payment method. |
| Error | There was an error when the payment was being processed. For more information, check the
refusalReason
field. |
Inform the shopper that there was an error processing their payment. |
| Refused | The payment was refused. For more information, check the
refusalReason
field. |
Ask the shopper to try the payment again using a different payment method. |
Test and go live
Use our test card numbers to test how your integration handles different 3D Secure 2 authentication scenarios.