Access Worldpay
/
Versioning and Change log

Versioning and Change log

This log details any breaking and non-breaking API changes we have released for our Checkout Android SDK. There is also a section included outlining upgrade notes between major versions of the SDK.

Prerequisite

Make yourself familiar with our API Principles to ensure a resilient integration.

Versioning log

Version 4 (23 August 2024)

PCI-SSF compliance

PCI-SSF assessment and certification

The Checkout Android SDK has gone through a thorough assessment against the PCI-SSF standard and is now certified PCI-SSF compliant. This will help you reduce the scope of your own PCI assessments.

Minimum version requirements:

  • The minimum Android version supported by the SDK for the purpose of providing a PCI-SSF compliant solution is Android 12
  • Although the SDK supports Android 8 to 11 it is not PCI-SSF compliant for these versions. This is because Google has stopped supporting/delivering security fixes for these versions.

Version 3 functionality we have removed in version 4:

  • Support for using EditText. AccessCheckoutEditText must be used instead. This component is dedicated to capturing and encapsulating your customer's card details to minimize your exposure to PCI Data
  • Support for passing card details directly to create an instance of CardDetails
  • Support for using merchantId() in AccessCheckoutClientBuilder to pass your Checkout ID. This is replaced by checkoutId().

Licensing

The Access Checkout Android SDK license is now a proprietary license (previously open source). This is for the purpose of protecting you against a risk of breaking changes in case where the Worldpay APIs, consumed by the SDK, are to change in the future.

Version 3 (22 January 2024)

PCI and Payments API support

Support for enhanced card sessions

The SDK now returns a card session URL in the form of https://access.worldpay.com/sessions/.... Previously, the card session URL looked like this: https://access.worldpay.com/verifiedTokens/sessions/... .

The format of the new card session URL supports our new upcoming Payments API, whilst also remaining compatible with our Verified Tokens API.

Support for SAQ-A compliance

  • We have added a new UI Component (AccessCheckoutEditText) dedicated to capturing and encapsulating your customer's card details to minimize your exposure to PCI Data.

At a high level, you now pass references of instances of this UI component to our SDK. The SDK ensures you don't have to manipulate card details directly. This allows your application to be assessed against the PCI SAQ-A standard.

Version 2 functionality that is deprecated in version 3:

  • Support for using EditText (planned removal in version 4)
  • Support for directly passing card details to create an instance of CardDetails (planned removal in version 4)
  • Support for using merchantId() in AccessCheckoutClientBuilder to pass your Checkout ID is deprecated and replaced by checkoutId() (planned removal of merchantId() in version 4)

Minimum version requirements

  • The minimum version supported is API Level 26

Version 2 (30 July 2020)

Simplified integration

Version 2 has a simplified integration and caters for CVC session creation for our Android and iOS SDK.

Change log (Non-breaking changes)

PAN formatting (06 September 2021)

More details

PAN formatting allows you to format the card in your checkout form as the customer types.

Card brand configuration (15 March 2021)

More details

The card brand configuration allows you to restrict the cards that you accept on your checkout form.

CVC session increased lifespan (all versions) (19 October 2020)

More details

We have increased the lifespan of the CVC session from one minute to 15 minutes.