Redirect 3DS Components integration

Support cards with 3D Secure authentication through a redirect in your Android app.

Use our Redirect Component to redirect the shopper to perform 3D Secure 2 authentication.

When adding card payments with redirect 3D Secure authentication to your integration, you additionally need to:

Collect the additional parameters in your payment form and configure the card component.
Provide the required 3D Secure parameters when making a payment request.
Use the Redirect Component to handle the redirect.

This page describes the integration steps for Android Drop-in v4.x.x.

Requirements

Before starting your integration:

Make sure that you have integrated our Card Component, or built your own UI for collecting shopper's card details.
If you are using 3D Secure for PSD2 compliance, read our comprehensive PSD2 SCA guide.

Collect additional parameters in your payment form

For higher authentication rates, we strongly recommend that you collect the card holder name, the shopper billing address and email address in advance in your payment form. Deliver these parameters to your backend when making a payment as they are required by the card schemes.

Configure the Card Component

If you are using our Card Component, set holderNameRequired to true when creating a cardConfiguration object:

val cardConfiguration = CardConfiguration.Builder(context, "YOUR_CLIENT_KEY")
    .setHolderNameRequired(true)
    // When you are ready to accept live payments, change the value to one of our live environments.
    .setEnvironment(Environment.TEST)
    .build()

Make a payment

When you make a payment request, include the following additional 3D Secure 2 parameters.

See additional 3D Secure 2 parameters that we recommend to include in your request to increase authentication performance in our API reference.

Parameter name	Required	Description
paymentMethod		The type and required details for a card payment method. When using the Card Component, pass the `paymentComponentState.data.paymentMethod` object from your client app. When submitting raw card data, refer to Raw card data for the fields that you need to pass.
paymentMethod.holderName		Use case: required for Visa and JCB transactions. The cardholder's name.
channel		The platform where the transaction takes place. Set to Android.
returnUrl		The URL where the shopper will be redirected back to after completing 3D Secure authentication. Get this URL from the Component in the `RedirectComponent.getReturnUrl(context)`. Format: Maximum characters: 1024. Must not include `//` (double slash) after the top-level domain.
browserInfo		The shopper's browser information. The following sub-fields are required: acceptHeader: The accept header value of the shopper's browser. You can use a dummy value. userAgent: Get it using `WebSettings.getDefaultUserAgent(Context);` .
shopperIP		Use case: required for Visa and JCB transactions. The shopper's IP address.
shopperEmail		Use case: required for Visa and JCB transactions. The cardholder's email address. If you do not include the shopper email, you must include the shopper's phone number in your request.
telephoneNumber		Use case: required for Visa and JCB transactions if you did not include the `shopperEmail` field. The shopper's phone number. To be more specific, you can use the `mobilePhone`, `homePhone`, and `workPhone` fields in the `threeDS2RequestData` object. Format: The phone number must include a plus sign (+) and a country code (1-3 digits), followed by the number (4-15 digits). Example: +4912345678901 If the value you provide does not follow the guidelines, we drop the value and do not submit it for authentication.

Required for all transactions. Required for particular setups, or issuers and card schemes.

In the response, check if there is an action object.

Handle the redirect

Use the Redirect Component to redirect the shopper to complete the 3D Secure authentication. When the shopper returns back to your app, the Redirect Component provides the actionComponentData object.
From your server, make a POST /payments/details request specifying:
- details: This is the actionComponentData.details from the Component.
- paymentData: Required if using Checkout API version 66 or earlier: the value from the last API response that you stored locally in the client-side app.
On Checkout API v67 and later, the payment is authorized after the shopper completes authentication. You make a /payments/details request to get the payment result. On earlier versions, you need to complete the payment by making a /payments/details request containing payment data.

You receive a response containing:
- resultCode: Use this to present the payment result to your shopper.
- pspReference: Our unique identifier for the transaction.

Present the payment result

Use the resultCode from the /payments or /payments/details response to present the payment result to your shopper. You will also receive the outcome of the payment asynchronously in a webhook.

For card payments, you can receive the following resultCode values:

resultCode	Description	Action to take
Authorised	The payment was successful.	Inform the shopper that the payment has been successful. If you are using manual capture, you also need to capture the payment.
Cancelled	The shopper cancelled the payment.	Ask the shopper if they want to continue with the order, or ask them to select a different payment method.
Error	There was an error when the payment was being processed. For more information, check the `refusalReason` field.	Inform the shopper that there was an error processing their payment.
Refused	The payment was refused. For more information, check the `refusalReason` field.	Ask the shopper to try the payment again using a different payment method.

Test and go live

Use our test card numbers to test how your integration handles different 3D Secure authentication scenarios.