Releases: Adyen/adyen-3ds2-android
2.2.21
Added
- Support for 16KB Page Size devices: The SDK now supports devices using 16KB Page Sizes, introduced with Android 15, ensuring seamless compatibility with the latest hardware configurations.
- Edge-to-Edge UI: The SDK leverages the Edge-to-Edge UI, which is the default UI starting with Android 15.
Changed
- The compileSdkVersion and targetSdkVersion are now set to 35 (Android 15).
- Dependency versions:
Name Version Android Gradle plugin 8.7.0 Kotlin 2.0.20 Kotlinx Coroutines 1.9.0 Kotlinx Serialization JSON 1.7.3 Activity 1.9.2 Annotation 1.8.2 AppCompat 1.7.0 Bouncy Castle Provider 1.78.1
Fixed
- Unit testing with SDK API classes: The SDK’s public API now resolves the issues that previously caused failures during Unit testing.
Security
- Device lock status check: Introduced a new security measure that detects if the device is not locked by the user. When detected, the SDK generates an SW99 warning only for the app and not to the ACS.
- Enhanced RASP and obfuscation: Strengthened security through improvements in Runtime Application Self-Protection (RASP) and obfuscation to provide better protection against reverse engineering and other security threats.
2.2.20
Fixes
- Resolved an issue where an UnsatisfiedLinkError could occur during app upgrades on certain devices.
2.2.19
Fixes
- Fixed NoSuchMethodError that occurred on Android APIs 21-25 during the challenge flow
2.2.18
2.2.17
2.2.16
New
- InitializeResult and TransactionResult:
ThreeDS2Service.INSTANCE.initialize
andThreeDS2Service.INSTANCE.createTransaction
methods now return specialized result types: InitializeResult and TransactionResult, respectively. These new result types enhance error handling and streamline the process of interacting with the 3DS2 service. The results should be utilized as follows:
val initializeResult: InitializeResult = ThreeDS2Service.INSTANCE.initialize(
/* Activity */ this,
configParameters,
/* Locale */ null,
/* UI Customization */ null,
)
if (initializeResult is InitializeResult.Failure) {
// The initialization failed.
// Submit the initializeResult.additionalDetails and initializeResult.transactionStatus
// to /authorise3ds2
return
}
val transactionResult: TransactionResult = ThreeDS2Service.INSTANCE.createTransaction(
null,
"<MESSAGE_PROTOCOL_VERSION>"
)
if (transactionResult is TransactionResult.Failure) {
// The creation of transaction failed.
// Submit the transactionResult.additionalDetails and transactionResult.transactionStatus
// to /authorise3ds2
return
}
val transaction = transactionResult.transaction
val authenticationRequestParameters = transaction?.authenticationRequestParameters
// Submit the authenticationRequestParameters to /authorise3ds2.
- Device Information Data: The data version for device information has been updated to 1.6, ensuring compatibility with latest data formats and standards.
Changed
-
Minimum Android Version: The minSdkVersion has been raised to 21 (Android 5.0).
-
Platform Updates: The compileSdkVersion and targetSdkVersion are now set to 34 (Android 14), providing compatibility enhancements and access to the latest features.
-
AdyenConfigParameters.Builder: The AdyenConfigParameters.Builder constructor no longer accepts null values, enhancing stability and reliability.
-
EMV® Specification Bulletin No. 214 v3: Implementation of whitelistingDataEntry change as per EMV® Specification Bulletin No. 214 v3, ensuring compliance with updated standards.
-
Proguard Rules Update: Generic Proguard rules have been replaced with specific rules for the Bouncy Castle Provider library, optimizing code obfuscation.
-
Internal Security Enhancements: Various internal security measures have been improved to enhance the overall security posture of the SDK.
-
Dependency versions:
Name Version Kotlin 1.9.22 Kotlinx Coroutines 1.7.3 Kotlinx Serialization JSON 1.6.2 Annotation 1.7.1 AppCompat 1.6.1 Bouncy Castle Provider 1.77
Fixed
- ACS Signed Content Verification edge case: Resolved an edge case where the verification of acsSignedContent JWS could fail due to an unexpected order in the certificate chain.
2.2.15
Fixed
- Challenge transaction NPE when internet connection is not stable.
2.2.14
⚠️ Version with known crash! Use version 2.2.15 or above. ⚠️
New
- New interface to handle challenge result:
ChallengeStatusHandler
.
This interface replacesChallengeStatusReceiver
with a simpler and easier way to notify the app
with the challenge Status.
val challengeStatusHandler = ChallengeStatusHandler { challengeResult ->
when (challengeResult) {
is ChallengeResult.Completed -> {
// Submit the challengeResult.transactionStatus to /authorise3ds2
}
is ChallengeResult.Cancelled -> {
// Challenge cancelled by the user
// Submit the challengeResult.additionalDetails and challengeResult.transactionStatus
// to /authorise3ds2
}
is ChallengeResult.Timeout -> {
// The user didn't submit the challenge within the given time (default 5 minutes)
// Submit the challengeResult.additionalDetails and challengeResult.transactionStatus
// to /authorise3ds2
}
is ChallengeResult.Error -> {
// An error occurred
// Submit the challengeResult.additionalDetails and challengeResult.transactionStatus
// to /authorise3ds2
}
}
}
transaction.doChallenge(
/* Activity */ this,
challengeParameters,
challengeStatusHandler,
/* Timeout in minutes */ 5,
)
Fixed
-
Proguard/R8 rules added for 3DS2 SDK to prevent classes from transitive dependencies from being
removed when using new Android Gradle Plugin 8. -
Message decoding improved to accept both
Base64
andBase64URL
.
Changed
- The
ThreeDS2Service.INSTANCE
is initialized with information that can only be used once.
To prevent errors caused by thisINSTANCE
not being cleared properly, the SDK now clears this
INSTANCE
during theThreeDS2Service.INSTANCE.initialize()
.
Removed
ThreeDS2Service.INSTANCE.initialize(...)
no longer throwsSDKAlreadyInitializedException
.
Deprecated
-
ChallengeStatusReceiver
is deprecated, useChallengeStatusHandler
instead.
⚠️ This deprecation is now shown as a warning but this interface will be removed in a future
release. -
Transaction.doChallenge(Activity, ChallengeParameters, ChallengeStatusReceiver, int)
is
deprecated, useTransaction.doChallenge(Activity, ChallengeParameters, ChallengeStatusHandler, int)
instead.
⚠️ This deprecation is now shown as a warning but this method will be removed in a future
release. -
SDKAlreadyInitializedException
is deprecated and no longer used. It can be safely removed.
Notes
The parameter directoryServerRootCertificates
must be provided through AdyenConfigParameters
with the certificates obtained from the Adyen Server.
Example:
val additionalData: Map<String, String> = ... // Retrieved from Adyen.
val directoryServerRootCertificates = additionalData.get(
"threeds2.threeDS2DirectoryServerInformation.rootCertificates"
)
val configParameters = AdyenConfigParameters.Builder(
directoryServerId,
directoryServerPublicKey,
directoryServerRootCertificates
).build()
ThreeDS2Service.INSTANCE.initialize(
/* Activity */ this,
configParameters,
/* Locale */ null,
/* UI Customization */ null,
)
2.2.13
Fixed
- Message Bridging Extension JSON format
2.2.12
New
- Message Bridging Extension support for Out-of-Band (OOB) challenge type. During OOB challenge on protocol version 2.2.0 to simplify navigation to issuer app there will be a new button shown to navigate to issuer app if ACS supports this feature.
This introduces new button typeButtonType.OPEN_OOB_APP
that is customizable via UiCustomization class:
UiCustomization().apply {
//...
setButtonCustomization(
buttonCustomization,
UiCustomization.ButtonType.OPEN_OOB_APP
)
}.
- Android App Link format (https) support for
threeDSRequestorAppUrl
.
ChallengeParameters().apply {
//...
setThreeDSRequestorAppURL("https://{yourapp.com}/adyen3ds2")
}
threeDSRequestorAppURL
parameter as an Android App Link instead of custom link. This requires your app to handle the provided Android App Link. More details on how to handle Android App Link can be found on docs page
- Eftpos scheme certificates
Changed
- Improved internal working with device information
- Amex scheme Public Key
Fixed
- Automatically completing HTML OOB challenge as Native OOB challenge if shopper was automatically redirected back from issuer app
Removed
AdyenConfigParameters.Builder(
directoryServerId,
directoryServerPublicKey
)
Replace by
AdyenConfigParameters.Builder(
directoryServerId,
directoryServerPublicKey,
directoryServerRootCertificates
)
that supports directoryServerRootCertificates
:
val additionalData: Map<String, String> = ... // Retrieved from Adyen.
//...
val directoryServerRootCertificates = additionalData.get(
"threeds2.threeDS2DirectoryServerInformation.rootCertificates"
)
val configParameters = AdyenConfigParameters.Builder(
directoryServerId,
directoryServerPublicKey,
directoryServerRootCertificates // null if using prefetched device fingerprinting keys.
)
//...
.build()