2.2.21

Added

• Support for 16KB Page Size devices: The SDK now supports devices using 16KB Page Sizes, introduced with Android 15, ensuring seamless compatibility with the latest hardware configurations.
• Edge-to-Edge UI: The SDK leverages the Edge-to-Edge UI, which is the default UI starting with Android 15.

Changed

• The compileSdkVersion and targetSdkVersion are now set to 35 (Android 15).
• Dependency versions:

  Name	Version
  Android Gradle plugin	8.7.0
  Kotlin	2.0.20
  Kotlinx Coroutines	1.9.0
  Kotlinx Serialization JSON	1.7.3
  Activity	1.9.2
  Annotation	1.8.2
  AppCompat	1.7.0
  Bouncy Castle Provider	1.78.1

Fixed

• Unit testing with SDK API classes: The SDK’s public API now resolves the issues that previously caused failures during Unit testing.

Security

• Device lock status check: Introduced a new security measure that detects if the device is not locked by the user. When detected, the SDK generates an SW99 warning only for the app and not to the ACS.
• Enhanced RASP and obfuscation: Strengthened security through improvements in Runtime Application Self-Protection (RASP) and obfuscation to provide better protection against reverse engineering and other security threats.

2.2.20

Fixes

• Resolved an issue where an UnsatisfiedLinkError could occur during app upgrades on certain devices.

2.2.19

Fixes

• Fixed NoSuchMethodError that occurred on Android APIs 21-25 during the challenge flow

2.2.18

Fixes

• Updated AdditionalDetails on error cases.

2.2.17

Changes

• Improved security measures.

Fixes

• Optimized ProGuard rules.

2.2.16

New

• InitializeResult and TransactionResult: ThreeDS2Service.INSTANCE.initialize and ThreeDS2Service.INSTANCE.createTransaction methods now return specialized result types: InitializeResult and TransactionResult, respectively. These new result types enhance error handling and streamline the process of interacting with the 3DS2 service. The results should be utilized as follows:

val initializeResult: InitializeResult  = ThreeDS2Service.INSTANCE.initialize(
    /* Activity */ this,
    configParameters,
    /* Locale */ null,
    /* UI Customization */ null,
)

if (initializeResult is InitializeResult.Failure) {
    // The initialization failed.
    // Submit the initializeResult.additionalDetails and initializeResult.transactionStatus
    // to /authorise3ds2
    return
}

val transactionResult: TransactionResult = ThreeDS2Service.INSTANCE.createTransaction(
    null,
    "<MESSAGE_PROTOCOL_VERSION>"
)

if (transactionResult is TransactionResult.Failure) {
    // The creation of transaction failed.
    // Submit the transactionResult.additionalDetails and transactionResult.transactionStatus
    // to /authorise3ds2
    return
}

val transaction = transactionResult.transaction
val authenticationRequestParameters = transaction?.authenticationRequestParameters
// Submit the authenticationRequestParameters to /authorise3ds2.

• Device Information Data: The data version for device information has been updated to 1.6, ensuring compatibility with latest data formats and standards.

Changed

• Minimum Android Version: The minSdkVersion has been raised to 21 (Android 5.0).

• Platform Updates: The compileSdkVersion and targetSdkVersion are now set to 34 (Android 14), providing compatibility enhancements and access to the latest features.

• AdyenConfigParameters.Builder: The AdyenConfigParameters.Builder constructor no longer accepts null values, enhancing stability and reliability.

• EMV® Specification Bulletin No. 214 v3: Implementation of whitelistingDataEntry change as per EMV® Specification Bulletin No. 214 v3, ensuring compliance with updated standards.

• Proguard Rules Update: Generic Proguard rules have been replaced with specific rules for the Bouncy Castle Provider library, optimizing code obfuscation.

• Internal Security Enhancements: Various internal security measures have been improved to enhance the overall security posture of the SDK.

• Dependency versions:

  Name	Version
  Kotlin	1.9.22
  Kotlinx Coroutines	1.7.3
  Kotlinx Serialization JSON	1.6.2
  Annotation	1.7.1
  AppCompat	1.6.1
  Bouncy Castle Provider	1.77

Fixed

• ACS Signed Content Verification edge case: Resolved an edge case where the verification of acsSignedContent JWS could fail due to an unexpected order in the certificate chain.

2.2.15

Fixed

• Challenge transaction NPE when internet connection is not stable.

2.2.14

⚠️ Version with known crash! Use version 2.2.15 or above. ⚠️

New

• New interface to handle challenge result: ChallengeStatusHandler.
  This interface replaces ChallengeStatusReceiver with a simpler and easier way to notify the app
  with the challenge Status.

val challengeStatusHandler = ChallengeStatusHandler { challengeResult ->
    when (challengeResult) {
        is ChallengeResult.Completed -> {
            // Submit the challengeResult.transactionStatus to /authorise3ds2
        }
        is ChallengeResult.Cancelled -> {
            // Challenge cancelled by the user
            // Submit the challengeResult.additionalDetails and challengeResult.transactionStatus
            // to /authorise3ds2
        }
        is ChallengeResult.Timeout -> {
            // The user didn't submit the challenge within the given time (default 5 minutes)
            // Submit the challengeResult.additionalDetails and challengeResult.transactionStatus
            // to /authorise3ds2
        }
        is ChallengeResult.Error -> {
            // An error occurred
            // Submit the challengeResult.additionalDetails and challengeResult.transactionStatus
            // to /authorise3ds2
        }
    }
}

transaction.doChallenge(
    /* Activity */ this,
    challengeParameters,
    challengeStatusHandler,
    /* Timeout in minutes */ 5,
)

Fixed

• Proguard/R8 rules added for 3DS2 SDK to prevent classes from transitive dependencies from being
  removed when using new Android Gradle Plugin 8.

• Message decoding improved to accept both Base64 and Base64URL.

Changed

• The ThreeDS2Service.INSTANCE is initialized with information that can only be used once.
  To prevent errors caused by this INSTANCE not being cleared properly, the SDK now clears this
  INSTANCE during the ThreeDS2Service.INSTANCE.initialize().

Removed

• ThreeDS2Service.INSTANCE.initialize(...) no longer throws SDKAlreadyInitializedException.

Deprecated

• ChallengeStatusReceiver is deprecated, use ChallengeStatusHandler instead.
  ⚠️ This deprecation is now shown as a warning but this interface will be removed in a future
  release.

• Transaction.doChallenge(Activity, ChallengeParameters, ChallengeStatusReceiver, int) is
  deprecated, use Transaction.doChallenge(Activity, ChallengeParameters, ChallengeStatusHandler, int)
  instead.
  ⚠️ This deprecation is now shown as a warning but this method will be removed in a future
  release.

• SDKAlreadyInitializedException is deprecated and no longer used. It can be safely removed.

Notes

The parameter directoryServerRootCertificates must be provided through AdyenConfigParameters
with the certificates obtained from the Adyen Server.
⚠️ Not providing this will result in failure in future releases.

Example:

val additionalData: Map<String, String> = ... // Retrieved from Adyen.

val directoryServerRootCertificates = additionalData.get(
    "threeds2.threeDS2DirectoryServerInformation.rootCertificates"
)

val configParameters = AdyenConfigParameters.Builder(
    directoryServerId,
    directoryServerPublicKey,
    directoryServerRootCertificates
).build()

ThreeDS2Service.INSTANCE.initialize(
    /* Activity */ this,
    configParameters,
    /* Locale */ null,
    /* UI Customization */ null,
)

2.2.13

Fixed

• Message Bridging Extension JSON format

2.2.12

New

• Message Bridging Extension support for Out-of-Band (OOB) challenge type. During OOB challenge on protocol version 2.2.0 to simplify navigation to issuer app there will be a new button shown to navigate to issuer app if ACS supports this feature.
  This introduces new button type ButtonType.OPEN_OOB_APP that is customizable via UiCustomization class:

UiCustomization().apply {
    //...
    setButtonCustomization(
        buttonCustomization,
        UiCustomization.ButtonType.OPEN_OOB_APP
    )
}.

• Android App Link format (https) support for threeDSRequestorAppUrl.

ChallengeParameters().apply {
    //...
    setThreeDSRequestorAppURL("https://{yourapp.com}/adyen3ds2")
}

⚠️ Because of recent updates to the 3D Secure protocol, we strongly recommend that you provide the threeDSRequestorAppURL parameter as an Android App Link instead of custom link. This requires your app to handle the provided Android App Link. More details on how to handle Android App Link can be found on docs page

• Eftpos scheme certificates

Changed

• Improved internal working with device information
• Amex scheme Public Key

Fixed

• Automatically completing HTML OOB challenge as Native OOB challenge if shopper was automatically redirected back from issuer app

Removed

AdyenConfigParameters.Builder(
    directoryServerId,
    directoryServerPublicKey
)

Replace by

AdyenConfigParameters.Builder(
    directoryServerId,
    directoryServerPublicKey,
    directoryServerRootCertificates
)

that supports directoryServerRootCertificates:

val additionalData: Map<String, String> = ... // Retrieved from Adyen.

//...
val directoryServerRootCertificates = additionalData.get(
    "threeds2.threeDS2DirectoryServerInformation.rootCertificates"
)

val configParameters = AdyenConfigParameters.Builder(
    directoryServerId,
    directoryServerPublicKey,
    directoryServerRootCertificates // null if using prefetched device fingerprinting keys.
)
//...
.build()