Android 3D Secure 2 SDK

The Adyen 3DS2 Android SDK gets the device fingerprint and presents the challenge to your shopper. From your server, you need to send a payment request, the encrypted device fingerprint, and the challenge result to Adyen.

In a full 3D Secure 2 implementation, a payment can go through either a frictionless or a challenge authentication flow before it can be authorised.

If you only want to perform a 3D Secure 2 authentication and then authorise the payment later, refer to the Authentication-only documentation.

How it works

Here's how a 3D Secure 2 challenge authentication flow works:

1. Submit a payment request with the required 3D Secure 2 objects to start the authentication process. Build your implementation depending on the resultCode returned in the response. If the transaction is exempted from 3D Secure, you might get an Authorised result code.
2. If you receive an IdentifyShopper resultCode, get the 3D Secure 2 device fingerprint and send the encrypted device fingerprint information to Adyen. After you send the device fingerprint, it's possible that you receive an AuthorisedresultCode in the response. This means that the 3D Secure 2 authentication was frictionless, and the payment was authorised.
3. If you receive ChallengeShopperresultCode, this means that the issuer requires further shopper interaction and you need to present a challenge to the shopper.

The payment might also be routed to 3D Secure 1, based on issuer performance. This is indicated by a RedirectShopper resultCode. If you don't want to automatically fall back to 3D Secure 1, contact our Support Team.

To test your integration, see Testing 3D Secure 2.

Before you begin

Before you begin to integrate, make sure you have followed the Get started with Adyen guide to:

• Get an overview of the steps needed to accept live payments.
• Create your test account.

After you have created your test account:

1. Get your API Key. Save a copy, because you'll need it for API calls you make to the Adyen payments platform.

2. Install one of our Libraries to connect with the Adyen APIs.

3. Install the SDK either through Maven Central or our GitHub repository.

   Maven Central GitHub

   Maven Central GitHub

   Install the SDK through Maven Central.

   Add this line to your build.gradle file.

           implementation "com.adyen.threeds:adyen-3ds2:<latestSDKVersion>"

   Install the SDK through our GitHub repository.

   Copy the SDK package adyen-3ds2.aar to the /libs folder in your module and add this line to your module's build.gradle file.

           implementation "com.adyen.threeds:adyen-3ds2:<latestSDKVersion>@aar"

Step 1: Submit a payment request

Collect your shopper's card details then make a payment with a POST /authorise request, and include the following:

Parameter name	Required	Description
card		Object that contains the shopper's card details.
threeDS2RequestData.deviceChannel		Set to app.
browserInfo		Object that contains the userAgent and acceptHeader fields. Indicates that your integration can handle 3D Secure 1 redirect authentication in case the transaction is routed to 3D Secure 1. If your integration is unable to generate this information, you can send the same data as in the request below.
threeDS2RequestData.messageVersion		Include this in the request if you want to use a specific version of 3D Secure 2, for example, 2.1.0. If you don't specify a version, we determine the version automatically. The API response will return the version used.

Here is an example of how you would make a request for a 150 EUR purchase:

curl https://pal-test.adyen.com/pal/servlet/Payment/v68/authorise \
-H "X-API-key: [Your API Key here]" \
-H "Content-Type: application/json" \
-d '{
     "amount":{
       "currency":"EUR",
       "value":1500
     },
     "merchantAccount":"YOUR_MERCHANT_ACCOUNT",
     "reference":"YOUR_ORDER_NUMBER",
     "threeDS2RequestData":{
       "deviceChannel":"app"
     },
     "card":{
       "cvc":"737",
       "expiryMonth":"03",
       "expiryYear":"2030",
       "holderName":"Simon Hopper",
       "number":"4917610000000000"
     },
     "{hint:Required for 3D Secure 1}browserInfo{/hint}: {
       "userAgent":"Mozilla/5.0 (Linux; Android 6.0.1; Nexus 6P Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.83 Mobile Safari/537.36",
       "acceptHeader":"text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8"
     }
   }'

# Set your X-API-KEY with the API key from the Customer Area.
adyen = Adyen::Client.new
adyen.api_key = "YOUR X-API-KEY"

response = adyen.authorise({
  :amount => {
    :currency => "EUR",
    :value => 15000
  },
  :merchantAccount => "YOUR_MERCHANT_ACCOUNT"
  :reference => "YOUR_ORDER_NUMBER",
  :threeDS2RequestData => {
    :deviceChannel => "app"
  },
  :card => {
    :cvc => "737",
    :expiryMonth => "03",
    :expiryYear => "2030",
    :holderName => "Simon Hopper",
    :number => "4917610000000000"
  },
  :browserInfo => {
    :userAgent => "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 6P Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.83 Mobile Safari/537.36",
    :acceptHeader => "text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8"
  }
})

// Set your X-API-KEY with the API key from the Customer Area.
Config config = new Config();
config.setApiKey("Your X-API-KEY"));
Client client = new Client(config);

Checkout checkout = new Checkout(client);
AuthoriseRequest authoriseRequest = new AuthoriseRequest();
Amount amount = new Amount();
amount.setCurrency("EUR");
amount.setValue(15000L);
authoriseRequest.setAmount(amount);
authoriseRequest.setReference("YOUR_ORDER_NUMBER");
authoriseRequest.setThreeDS2RequestData(new HashMap<String, String>());
authoriseRequest.putThreeDS2RequestData("deviceChannel", "app");
authoriseRequest.setCard(new HashMap<String, String>());
authoriseRequest.putCardItem("cvc", "737");
authoriseRequest.putCardItem("expiryMonth", "03");
authoriseRequest.putCardItem("expiryYear", "2030");
authoriseRequest.putCardItem("holderName", "Simon Hopper");
authoriseRequest.putCardItem("number", "4917610000000000");
authoriseRequest.setMerchantAccount("YOUR_MERCHANT_ACCOUNT");
BrowserInfo browserInfo = new BrowserInfo();
browserInfo.setUserAgent("Mozilla/5.0 (Linux; Android 6.0.1; Nexus 6P Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.83 Mobile Safari/537.36");
browserInfo.setAcceptHeader("text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8");
authoriseRequest.setBrowserInfo(browserInfo);
authoriseResponse response = checkout.authorise(authoriseRequest);

// Set your X-API-KEY with the API key from the Customer Area.
$client = new \Adyen\Client();
$client->setXApiKey("YOUR X-API-KEY");
$service = new \Adyen\Service\Authorise($client);

$params = array(
  "amount" => array(
    "currency" => "EUR",
    "value" => 15000
  ),
  "reference" => "YOUR_ORDER_NUMBER",
  "threeDS2RequestData" => array(
    "deviceChannel" => "app"
  ),
  "card" => array(
    "cvc" => "737",
    "expiryMonth" => "03",
    "expiryYear" => "2030",
    "holderName" => "Simon Hopper",
    "number" => "4917610000000000"
  ),
  "browserInfo" => [
    "userAgent" => "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 6P Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.83 Mobile Safari/537.36",
    "acceptHeader" => "text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8"
  ],
  "merchantAccount" => "YOUR_MERCHANT_ACCOUNT"
);
$result = $service->authorise($params);

#Set your X-API-KEY with the API key from the Customer Area.
ady = Adyen.Adyen()
client = ady.client
client.xapikey = "YOUR X-API-KEY"

request = {}
request['amount'] = {
  "value": 15000,
  "currency": "EUR"
}
request['threeDS2RequestData'] = {
  "deviceChannel" = "app"
}
request['reference'] = "YOUR_ORDER_NUMBER"
request['card'] = {
  "cvc": "737",
  "expiryMonth": "03",
  "expiryYear": "2030",
  "holderName": "Simon Hopper",
  "number": "4917610000000000"
}
request['browserInfo'] = {
  "userAgent": "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 6P Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.83 Mobile Safari/537.36",
  "acceptHeader": "text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8"
}
request['merchantAccount'] = "YOUR_MERCHANT_ACCOUNT"
result = self.ady.checkout.authorise(request)

// Set your X-API-KEY with the API key from the Customer Area.
var client = new Client ("YOUR-X-API-KEY", Environment.Test);
var checkout = new Checkout(client);

var amount = new Model.Checkout.Amount("EUR", 15000);
var details = new Model.Checkout.DefaultCardDetails{
  Cvc = "737",
  ExpiryMonth = "03",
  ExpiryYear = "2030",
  HolderName= "Simon Hopper",
  Number = "4917610000000000"
};
var threeds2requestdata = new Model.Checkout.threeDS2RequestData{
  deviceChannel = "app"
};
var authoriseRequest = new Model.Checkout.AuthoriseRequest
{
  Reference = "YOUR_ORDER_NUMBER",
  Amount = amount,
  MerchantAccount = "YOUR_MERCHANT_ACCOUNT",
  Card = details,
  BrowserInfo = new Model.Checkout.BrowserInfo
  {
      UserAgent = @"Mozilla/5.0 (Linux; Android 6.0.1; Nexus 6P Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.83 Mobile Safari/537.36",
      AcceptHeader = @"text\/html,application\/xhtml+xml,application\/xml;q=0.9,image\/webp,image\/apng,*\/*;q=0.8"
  },
  ThreeDS2RequestData = threeds2requestdata

};

var paymentResponse = checkout.Authorise(authoriseRequest); 

You receive a response containing a resultCode of:

•  IdentifyShopper. This means that you need to perform the Identify the shopper flow. You also get the following parameters from the response, which you'll need to create a transaction in the SDK:
  • additionalData.threeds2.threeDS2DirectoryServerInformation.directoryServerId
  • additionalData.threeds2.threeDS2DirectoryServerInformation.publicKey
  • additionalData.threeds2.threeDS2ResponseData.messageVersion
    Alternatively, you can choose to prefetch the device fingerprinting keys.

Here's an example of a response showing an IdentifyShopper result code:

{
    "additionalData": {
        "threeds2.threeDSServerTransID": "055fadfb-9fe4-4e70-99f0-9b8935bf1eb2",
        "threeds2.threeDS2DirectoryServerInformation.algorithm": "RSA",
        "threeds2.threeDS2ResponseData.messageVersion" : "2.1.0",
        "threeds2.threeDS2Token": "BQABAQC2LEWucYNwQRzhH9c1/hup5ZZa9HUehFbwdC86PAfhpGJ/+...",
        "threeds2.threeDS2DirectoryServerInformation.directoryServerId": "A000000003",
        "threeds2.threeDS2DirectoryServerInformation.publicKey": "eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiI4VFBxZkFQ==..."
    },
    "pspReference": "8835495304426403",
    "resultCode": "IdentifyShopper"
}

Step 2: Get the 3D Secure 2 device fingerprint

If your server receives an IdentifyShopper resultCode, start the 3D Secure 2 device fingerprinting process.

1. Create an instance of ConfigParameters passing the directoryServerId and the publicKey parameters from the /authorise response or from your prefetched cached keys.

   ConfigParameters configParameters = AdyenConfigParameters.from(
           {hint:The directoryServerId from the authorise response}directoryServerId{/hint},
           {hint:The publicKey from the authorise response}directoryServerPublicKey{/hint}
   );

2. Use ThreeDS2Service.INSTANCE to create a transaction.

   • When using Adyen 3DS2 Android SDK version 2.2.0 and later, you must pass the value of additionalData.threeds2.threeDS2ResponseData.messageVersion from the /authorise response into createTransaction.

     For more information about the latest SDK version, refer to Migrating to 3DS2 SDK version 2.2.0.

   Keep a reference to your Transaction instance until the transaction is complete.

   Create a transaction in the SDK

   ThreeDS2Service.INSTANCE.initialize(/*Activity*/ this, configParameters, null, null);
   
   Transaction mTransaction = ThreeDS2Service.INSTANCE.createTransaction(
       null,
       {hint:The messageVersion from the authorise response}messageVersion{/hint}
   );

   https://docs.adyen.com/pt/pt/online-payments/classic-integrations/api-integration-ecommerce/3d-secure/native-3ds2/android-sdk-integration#create-a-transaction-in-the-sdk

3. Use the AuthenticationRequestParameters to get the device fingerprint information.

   AuthenticationRequestParameters authenticationRequestParameters = mTransaction.getAuthenticationRequestParameters();

   You'll get the following information:

   • transaction.authenticationRequestParameters.deviceData
   • transaction.authenticationRequestParameters.SDKTransactionID
   • transaction.authenticationRequestParameters.SDKAppID
   • transaction.authenticationRequestParameters.SDKReferenceNumber
   • transaction.authenticationRequestParameters.SDKEphemeralPublicKey
   • transaction.authenticationRequestParameters.MessageVersion

4. From your server, make a POST /authorise3ds2 request to send the encrypted device fingerprint information to Adyen:

   • sdkEncData: Device data
   • sdkTransID: SDK Transaction ID
   • sdkAppID: SDK App ID
   • sdkReferenceNumber: SDK Reference Number
   • sdkEphemPubKey: Object that contains the SDK Ephemeral Public Key
   • messageVersion: 3D Secure 2 protocol version
     To increase the likelihood of achieving a frictionless flow and higher authorisation rates, we also recommend that you send additional parameters.
   Send device fingerprint to Adyen

     curl https://pal-test.adyen.com/pal/servlet/Payment/v68/authorise3ds2 \
      -H "X-API-key: [Your API Key here]" \
      -H "Content-Type: application/json" \
      -d '{
         "merchantAccount": "YOUR_MERCHANT_ACCOUNT",
         "threeDS2RequestData": {
           "deviceChannel": "app",
           "sdkAppID": "9063b12c-fcde-43c7-b28e-8d0af5520e8a",
           "sdkEncData": "<device-fingerprint>",
           "sdkEphemPubKey": {
               "crv": "P-256",
               "kty": "EC",
               "x": "LYImJkRzS92vogM6AUPCBhJ20VagSe8IL0Q9SdisUSo",
               "y": "Rav4sKHnLUIUHVdyR4dyV7G2_EeAnuCn_6621ZhqZYU"
           },
           "sdkReferenceNumber": "3DS_LOA_SDK_ADBV_739485_94783",
           "sdkTransID": "b60c9879-ac77-4918-a317-7b01c4317053/8Q==..",
           "messageVersion": "2.2.0"
      }'

   https://docs.adyen.com/pt/pt/online-payments/classic-integrations/api-integration-ecommerce/3d-secure/native-3ds2/android-sdk-integration#send-device-fingerprint-to-adyen

   You receive a response containing a resultCode. Some of the possible values for resultCode are:

   • Authorised – Indicates that the 3D Secure 2 authentication was frictionless, and the payment authorisation was successfully completed. This means that you can already proceed with the delivery of goods and services.
   • ChallengeShopper – The issuer has requested further shopper interaction. This means that you'll have to perform the challenge flow. You also get the following parameters from the response, which you'll need to start the challenge flow in the SDK:
     • threeds2.threeDS2ResponseData.threeDSServerTransID
     • threeds2.threeDS2ResponseData.acsTransID
     • threeds2.threeDS2ResponseData.acsReferenceNumber
     • threeds2.threeDS2ResponseData.acsSignedContent
     • threeds2.threeDS2Token

   For a complete list of resultCode values and the actions that you need to take, see Result codes.

   Here's an example of a challenge flow response:

   Response showing ChallengeShopper

   {
       "additionalData": {
           "threeds2.threeDS2ResponseData.acsSignedContent": "eyJhbGciOiJQUzI1NiIsIngPVEFOQmdrcWhraUc5dtw4I-RBJ8_OUt8yIZEsoc...",
           "threeds2.threeDS2ResponseData.transStatus": "C",
           "threeds2.threeDS2ResponseData.acsChallengeMandated": "Y",
           "threeds2.threeDS2ResponseData.acsURL": "https://pal-test.adyen.com/threeds2simulator/services/ThreeDS2Simulator/v1/handle/83e78317-e73f-4a6f-j738-7hj09p07n178",
           "threeds2.threeDS2ResponseData.threeDSServerTransID": "930h2k09-1986-4hl2-800a-c8d7783918bf",
           "threeds2.threeDS2ResponseData.authenticationType": "01",
           "threeds2.threeDS2ResponseData.messageVersion": "2.1.0",
           "threeds2.threeDS2Token": "BQABAQC2LEWucYNwQRzhH9c1/hup5ZZa9HUehFbwdC86PAfhpGJ/+...",
           "threeds2.threeDS2ResponseData.acsTransID": "45e79886-e60c-4c6d-a962-7aa43d59b150",
           "threeds2.threeDS2ResponseData.acsReferenceNumber": "ADYEN-ACS-SIMULATOR"
       },
       "pspReference": "8825495326513370",
       "resultCode": "ChallengeShopper"
   }

   https://docs.adyen.com/pt/pt/online-payments/classic-integrations/api-integration-ecommerce/3d-secure/native-3ds2/android-sdk-integration#response-showing-challengeshopper

Step 3: Present a challenge

If your server receives a ChallengeShopper resultCode, this means that the issuer would like to perform additional checks in order to verify that the shopper is indeed the cardholder.

1. Create an instance of ChallengeParameters and pass the following:

   • The values from the /authorise3ds2 response.

   • ThreeDSRequestorAppURL: Supported in 3D Secure version 2.2.0 and later. Your app's URL in adyen3ds2://{YOUR_PACKAGE_NAME} format. You can also retrieve this URL from ChallengeParameters.getEmbeddedRequestorAppURL(context).

     In an out-of-band (OOB) authentication, the authenticating app uses this URL to call your app after an OOB authentication occurs. If you specified a previous version of 3D Secure in step 2, this parameter is ignored. For more information about the latest version, refer to Migrating to 3DS2 SDK version 2.2.0.

   Create instance of ChallengeParameters

   Map<String, String> additionalData = ...; // Retrieved from Adyen.
   
   ChallengeParameters challengeParameters = new ChallengeParameters();
   challengeParameters.set3DSServerTransactionID(additionalData.get("threeds2.threeDS2ResponseData.threeDSServerTransID"));
   challengeParameters.setAcsTransactionID(additionalData.get("threeds2.threeDS2ResponseData.acsTransID"));
   challengeParameters.setAcsRefNumber(additionalData.get("threeds2.threeDS2ResponseData.acsReferenceNumber"));
   challengeParameters.setAcsSignedContent(additionalData.get("threeds2.threeDS2ResponseData.acsSignedContent"));
   challengeParameters.setThreeDSRequestorAppURL(ChallengeParameters.getEmbeddedRequestorAppURL(this));

   https://docs.adyen.com/pt/pt/online-payments/classic-integrations/api-integration-ecommerce/3d-secure/native-3ds2/android-sdk-integration#create-instance-of-challengeparameters

2. Present the challenge.

   Present the challenge flow

   mTransaction.doChallenge(/*Activity*/ this, challengeParameters, new ChallengeStatusReceiver() {
                   @Override
                   public void completed(CompletionEvent completionEvent) {
                       String transactionStatus = completionEvent.getTransactionStatus();
                       // Submit the transactionStatus to /authorise3ds2.
                   }
   
                   @Override
                   public void cancelled() {
                       // Cancelled by the user or the App.
                   }
   
                   @Override
                   public void timedout() {
                       // The user didn't submit the challenge within the given time, 5 minutes in this case.
                   }
   
                   @Override
                   public void protocolError(ProtocolErrorEvent protocolErrorEvent) {
                       // An error occurred.
                   }
   
                   @Override
                   public void runtimeError(RuntimeErrorEvent runtimeErrorEvent) {
                       // An error occurred.
                   }
               }, 5);

   https://docs.adyen.com/pt/pt/online-payments/classic-integrations/api-integration-ecommerce/3d-secure/native-3ds2/android-sdk-integration#present-the-challenge-flow

3. When the challenge flow has been completed, get the transactionStatus from the completionEvent and pass this to your server.

4. From your server, make a POST /authorise3ds2 request specifying the transStatus generated by the SDK and the threeds2.threeDS2Token.

   Send challenge result

    curl https://pal-test.adyen.com/pal/servlet/Payment/v68/authorise3ds2 \
     -H "X-API-key: [Your API Key here]" \
     -H "Content-Type: application/json" \
     -d '{
        "merchantAccount": "YOUR_MERCHANT_ACCOUNT",
        "threeDS2Result": {
           "transStatus": "Y"
        },
       "threeDS2Token": "BQABAQC2LEWucYNwQRzhH9c1/hup5ZZa9HUehFbwdC86PAfhpGJ/+..."
     }'

   https://docs.adyen.com/pt/pt/online-payments/classic-integrations/api-integration-ecommerce/3d-secure/native-3ds2/android-sdk-integration#send-challenge-result

   You'll receive Authorised as the resultCode if the payment was successful.

   Response

   {
       "additionalData": {
           "liabilityShift": "true",
           "authCode": "44402",
           "avsResult": "4 AVS not supported for this card type",
           "threeDOffered": "true",
           "refusalReasonRaw": "AUTHORISED",
           "authorisationMid": "1000",
           "acquirerAccountCode": "TestPmmAcquirerAccount",
           "cvcResult": "1 Matches",
           "avsResultRaw": "4",
           "threeDAuthenticated": "true",
           "cvcResultRaw": "M",
           "acquirerCode": "TestPmmAcquirer",
           "acquirerReference": "7CASOGMCCB4"
       },
       "pspReference": "8825495331860022",
       "resultCode": "Authorised",
       "authCode": "44402"
   }

   https://docs.adyen.com/pt/pt/online-payments/classic-integrations/api-integration-ecommerce/3d-secure/native-3ds2/android-sdk-integration#response

Optional: Prefetch device fingerprinting keys

You can opt to retrieve and cache 3D Secure device fingerprint keys for specific BIN ranges or card brands. When you cache the keys, you reduce the number of calls for each transaction because you can already perform the 3D Secure 2 device fingerprinting before making the payment.
To use cached keys for your authentication flow, you need to:

1. Retrieve device fingerprinting keys once for each card brand or BIN and save the keys to your cache.
2. Use the cached keys to perform 3D Secure 2 device fingerprinting and submit the result in a payment request.
3. Present a challenge if required by the issuer.

Retrieve device fingerprinting keys

1. Send a POST /get3dsAvailability request, providing your merchantAccount along with a cardNumber from a BIN range you want to cache, or a list of card brand names.
   Request with card number

   curl https://pal-test.adyen.com/pal/servlet/Payment/v52/get3dsAvailability \
     -H "X-API-key: [Your API Key here]" \
     -H "Content-Type: application/json" \
     -d '{
         "merchantAccount":"YOUR_MERCHANT_ACCOUNT",
         "cardNumber":"4917610000000000"
     }'

   https://docs.adyen.com/pt/pt/online-payments/classic-integrations/api-integration-ecommerce/3d-secure/native-3ds2/ios-sdk-integration#request-with-card-number
   Response for card number

   {
     "binDetails": {
       "issuerCountry": "PL"
     },
     "dsPublicKeys": [
       {
         "brand": "visa",
         "directoryServerId": "F013371337",
         "publicKey": "eyJrdHkiOiJSU0==.."
       }
     ],
     "threeDS1Supported": true,
     "threeDS2CardRangeDetails": [
       {
         "brandCode": "visa",
         "endRange": "491761000000",
         "startRange": "491761000000",
         "threeDS2Version": "2.1.0",
         "threeDSMethodURL": "https://pal-test.adyen.com/threeds2simulator/acs/startMethod.shtml"
       }
     ],
     "threeDS2supported": true
   }

   https://docs.adyen.com/pt/pt/online-payments/classic-integrations/api-integration-ecommerce/3d-secure/native-3ds2/ios-sdk-integration#response-for-card-number
   Request with card brand

   curl https://pal-test.adyen.com/pal/servlet/Payment/v52/get3dsAvailability \
     -H "X-API-key: [Your API Key here]" \
     -H "Content-Type: application/json" \
     -d '{
         "merchantAccount":"YOUR_MERCHANT_ACCOUNT",
         "brands" : ["visa","mc"]
     }'

   https://docs.adyen.com/pt/pt/online-payments/classic-integrations/api-integration-ecommerce/3d-secure/native-3ds2/ios-sdk-integration#request-with-card-brand
   Response for card brands

   {
     "dsPublicKeys":[
       {
         "brand":"visa",
         "directoryServerId":"A000000003",
         "publicKey":"eyJrdHkiOiJSU0EiLCJlIjoiQVFBQiIsIm4iOiI4VFBxZkFOW..."
       },
       {
         "brand":"mc",
         "directoryServerId":"A000000011",
         "publicKey":"dabJHa91fadhUVZjZ1g4LUpWZ1Y0M2diWURtYmdTY0N5SkVSN..."
       }
     ]
   }

   https://docs.adyen.com/pt/pt/online-payments/classic-integrations/api-integration-ecommerce/3d-secure/native-3ds2/ios-sdk-integration#response-for-card-brands
2. Save the values of the following parameters for the specific BIN range or brand:
   • dsPublicKeys.directoryServerId
   • dsPublicKeys.publicKey

Next, use the cached keys to create a transaction in the 3D Secure 2 SDK to get the device fingerprint.

UI customizations

Customize the SDK theme

The SDK inherits your app's theme to ensure the UI of the challenge flow fits your app's look and feel. You can override the default SDK theme to inherit from one of AppCompat's theme variants. To do this, add the following XML snippet to your styles.xml file.

<style name="ThreeDS2Theme" parent="Theme.AppCompat.Light.DarkActionBar">
    <!-- Customize the SDK theme here. -->
    <item name="colorPrimary">@color/colorPrimary</item>
    <item name="colorPrimaryDark">@color/colorPrimaryDark</item>
    <item name="colorAccent">@color/colorAccent</item>
</style>

Customize UI elements

If you require further UI customizations, the SDK provides some customization options through the UiCustomization class.

To use the UiCustomization class, create an instance of UiCustomization, configure the UI elements that you want to customize, and pass it during initialization of the ThreeDS2Service.INSTANCE.

For example, to change the toolbar's title text and text color:

ToolbarCustomization toolbarCustomization = new ToolbarCustomization();
toolbarCustomization.setHeaderText("Secure Checkout");
toolbarCustomization.setTextColor("#FFFFFF");

UiCustomization uiCustomization = new UiCustomization();
uiCustomization.setToolbarCustomization(toolbarCustomization);

ThreeDS2Service.INSTANCE.initialize(getContext(), configParameters, null, uiCustomization);

Customizable UI elements

You can also customize the following UI elements used in the challenge flow:

Testing 3D Secure 2

Before going live, use the following card numbers and credentials to test your integration.

We recommend testing each Card Type.

To test how your integration handles different 3D Secure 2 authentication scenarios, use our test card numbers.
All our test cards use the following expiry dates and security codes:

When prompted for 3D Secure 2 text challenges, use the following credentials:

• For mobile, use password: 1234
• For web, use password: password

¹ This card doesn't require a CVC.
When you make a payment request with these cards, you'll receive the following result codes depending on your integration:

• RedirectShopper: You'll receive this result code if you are using the Redirect authentication.
• IdentifyShopper: You'll receive this result code if you are using the Native authentication.
• ChallengeShopper: You might get this result code after you submit the 3D Secure 2 device fingerprinting result in a Native authentication, indicating a challenge flow.

To test the web-based flow where the device fingerprinting step is skipped (because the issuer's ACS has not configured a threeDSMethodURL), and you get a ChallengeShopper resultCode immediately after submitting the payment request, use the following card:

To test the frictionless flow, specify in your payment request:

• amount.value: 12002

App-based integration

To test different authentication scenarios for app-based integration, use the following test cards:

Other scenarios

See also

• Android SDK on GitHub
• Javadoc SDK Reference