Last Updated: 23 August 2024 | Change Log
Create sessions to pay with a card and CVC
Use our Android SDK to secure your customer's payment details by creating separate sessions for the card details and CVC.
You can see an example of the session generation here.
Set your views
When you create your checkout form, you must set the views that your customers use to enter their card details. You must use unique identifiers for your view configurations.
Here's an example of how you would set your view configurations.
<?xml version="1.0" encoding="utf-8"?> <LinearLayout xmlns:android="http://schemas.android.com/apk/res/android" android:layout_width="match_parent" android:layout_height="match_parent" > <!-- layout style attributes omitted --> <EditText android:id="@+id/pan" /> <!-- layout style attributes omitted --> <EditText android:id="@+id/expiryDate" /> <!-- layout style attributes omitted --> <EditText android:id="@+id/cvc" /> <!-- layout style attributes omitted --> <Button android:id="@+id/submit_button" /> </LinearLayout>
Reference your views
You must now reference your view configurations. Use the same unique view identifiers as above.
Here's an example of how you would reference your view configurations.
package com.worldpay.access.checkout.sample.code // android library imports omitted class MainActivity : AppCompatActivity() { override fun onCreate(savedInstanceState: Bundle?) { super.onCreate(savedInstanceState) val pan = findViewById<EditText>(R.id.pan) val cvc = findViewById<EditText>(R.id.cvc) val expiryDate = findViewById<EditText>(R.id.expiryDate) val submit = findViewById<Button>(R.id.submit_button) } }
Validate card details
You can optionally validate your customer's card details. See our instructions here.
Create CARD session and CVC session
Implementing callbacks
The SDK converts the customer's card details. It then retrieves the CARD session and CVC session by invoking a callback to the implementation class of the SessionResponseListener interface.
You must create a class that implements our SessionResponseListener interface.
Your implementation receives notifications once the session request is complete.
You get the session as a Map<SessionType, String> or the exception as a AccessCheckoutException in case of an error.
Here is an example implementation of the SessionResponseListener interface.
package com.worldpay.access.checkout.sample.code import com.worldpay.access.checkout.client.api.exception.AccessCheckoutException import com.worldpay.access.checkout.client.session.listener.SessionResponseListener import com.worldpay.access.checkout.client.session.model.SessionType class MySessionResponseListener: SessionResponseListener { override fun onSuccess(sessionResponseMap: Map<SessionType, String>) { //TODO: handle the session response here } override fun onError(error: AccessCheckoutException) { //TODO: handle the exception here } }
Initialize the AccessCheckoutClient
You must now initialize the AccessCheckoutClient using the AccessCheckoutClientBuilder.
To do this, you must provide your baseUrl, merchantId (checkout ID) and other parameters. See the table below for more information.
Here's an example of how you would initialize the SDK with the mandatory parameters and configurations.
package com.worldpay.access.checkout.sample.code // android library imports omitted import com.worldpay.access.checkout.client.session.AccessCheckoutClientBuilder import com.worldpay.access.checkout.client.session.AccessCheckoutClient import com.worldpay.access.checkout.client.session.model.SessionType class MainActivity : AppCompatActivity() { private val baseUrl = "TARGET_BASE_URL" private val checkoutId = "YOUR_CHECKOUT_ID" override fun onCreate(savedInstanceState: Bundle?) { super.onCreate(savedInstanceState) // reference views code ommited val sessionResponseListener = MySessionResponseListener() val accessCheckoutClient = AccessCheckoutClientBuilder() .baseUrl(baseUrl) .merchantId(checkoutId) .context(this) .sessionResponseListener(sessionResponseListener) .lifecycleOwner(this) .build() } }
When using the SDK with AndroidX Lifecycle 2.3.0 and above, the call to build() must be done on the main UI thread. This is due to changes to the LifecycleRegistry class used by the SDK which now enforces this constraint.
Mandatory parameters
| Parameter | Description |
|---|---|
baseUrl |
|
merchantId | Your unique checkout ID. |
sessionResponseListener | The callback listener that returns your customer's session. |
context | Android Context |
lifecycle | Android LifecycleOwner |
Generate CARD session and CVC session
You must pass the customer's card details as well as the SessionType.CARD and SessionType.CVC enums to the generateSessions method on the AccessCheckoutClient instance.
Here's an example of what you should do when your customer clicks the submit button.
package com.worldpay.access.checkout.sample.code // android library imports omitted import com.worldpay.access.checkout.client.session.AccessCheckoutClient import com.worldpay.access.checkout.client.session.model.CardDetails import com.worldpay.access.checkout.client.session.model.SessionType class MainActivity : AppCompatActivity() { // fields ommitted override fun onCreate(savedInstanceState: Bundle?) { super.onCreate(savedInstanceState) val pan = findViewById<EditText>(R.id.pan) val cvc = findViewById<EditText>(R.id.cvc) val expiryDate = findViewById<EditText>(R.id.expiryDate) val submit = findViewById<Button>(R.id.submit_button) // AccessCheckoutClient creation code ommitted submit.setOnClickListener { val cardDetails = CardDetails.Builder() .pan(pan.getInsertedText()) .expiryDate(expiryDate.getInsertedText()) .cvc(cvc.getInsertedText()) .build() accessCheckoutClient.generateSessions(cardDetails, listOf(SessionType.CARD, SessionType.CVC)) } } }
Full code sample
Here's the full code sample of the steps above.
package com.worldpay.access.checkout.sample.code import android.os.Bundle import androidx.appcompat.app.AppCompatActivity import android.widget.Button import android.widget.EditText import com.worldpay.access.checkout.sample.code.R import com.worldpay.access.checkout.client.session.AccessCheckoutClient import com.worldpay.access.checkout.client.session.model.CardDetails import com.worldpay.access.checkout.client.session.model.SessionType class MainActivity : AppCompatActivity() { private val baseUrl = "TARGET_BASE_URL" private val checkoutId = "YOUR_CHECKOUT_ID" override fun onCreate(savedInstanceState: Bundle?) { super.onCreate(savedInstanceState) val pan = findViewById<EditText>(R.id.pan) val cvc = findViewById<EditText>(R.id.cvc) val expiryDate = findViewById<EditText>(R.id.expiryDate) val submit = findViewById<Button>(R.id.submit_button) val sessionResponseListener = MySessionResponseListener() val accessCheckoutClient = AccessCheckoutClientBuilder() .baseUrl(baseUrl) .merchantId(checkoutId) .context(this) .sessionResponseListener(sessionResponseListener) .lifecycleOwner(this) .build() submit.setOnClickListener { val cardDetails = CardDetails.Builder() .pan(pan.getInsertedText()) .expiryDate(expiryDate.getInsertedText()) .cvc(cvc.getInsertedText()) .build() accessCheckoutClient.generateSessions(cardDetails, listOf(SessionType.CVC, SessionType.CARD)) } } }
Do not validate the structure or length of the session resources. We follow HATEOS standard to allow us the flexibility to extend our APIs with non-breaking changes.
Create a verified token
Once you've received a CARD session you must create a verified token to take a payment.
The CARD session has a lifespan of one minute and you can use it only once. If you do not create a token within that time, you must create a new CARD session value.
Take a payment
Use the value of the CVC session and the verified token in our card/checkout paymentInstrument to take a card on file payment.
The CVC session has a lifespan of 15 minutes and you can use it only once. If you do not take a payment within that time, you must create a new CVC session value. You can do this with our CVC only SDK.
This paymentInstrument can be used in any of our card on file resources (payments:cardonFileAuthorize, payments:migrateCardOnFileSale and payments:migrateCardOnFileAuthorize).
Need to create a session for CVC only? Take a look at our integration example below:
Create a session for CVC only
You can see an example of the session generation here.
Set your views
When you create your checkout form, you must set the views that your customers use to enter their card details. You must use unique identifiers for your view configurations.
Here's an example of how you would set your view configurations.
<?xml version="1.0" encoding="utf-8"?> <LinearLayout xmlns:android="http://schemas.android.com/apk/res/android" android:layout_width="match_parent" android:layout_height="match_parent" > <!-- layout style attributes omitted --> <EditText android:id="@+id/cvc" /> <!-- layout style attributes omitted --> <Button android:id="@+id/submit_button" /> </LinearLayout>
Reference your views
You must now reference your view configurations. Use the same unique view identifiers as above.
Here's an example of how you would reference your view configurations.
package com.worldpay.access.checkout.sample.code // android library imports omitted class MainActivity : AppCompatActivity() { override fun onCreate(savedInstanceState: Bundle?) { super.onCreate(savedInstanceState) val cvc = findViewById<EditText>(R.id.cvc) val submit = findViewById<Button>(R.id.submit_button) } }
Validate CVC details
You can optionally validate your customer's CVC. You can find instructions here.
Create a CVC session
Implementing callbacks
The SDK converts the customer's card details. The SDK then retrieves the session by invoking a callback to the implementation class of the SessionResponseListener interface.
You must create a class that implements our SessionResponseListener interface.
Your implementation receives notifications once the session request is complete.
You get the session as a Map<SessionType, String> or the exception as a AccessCheckoutException in the case of an error.
Here is an example implementation of the SessionResponseListener interface.
package com.worldpay.access.checkout.sample.code import com.worldpay.access.checkout.client.api.exception.AccessCheckoutException import com.worldpay.access.checkout.client.session.listener.SessionResponseListener import com.worldpay.access.checkout.client.session.model.SessionType class MySessionResponseListener: SessionResponseListener { override fun onSuccess(sessionResponseMap: Map<SessionType, String>) { //TODO: handle the session response here } override fun onError(error: AccessCheckoutException) { //TODO: handle the exception here } }
Initialize the AccessCheckoutClient
You must now initialize the AccessCheckoutClient using the AccessCheckoutClientBuilder.
To do this, you must provide your baseUrl, checkoutId and other parameters. See the table below for more information.
Here's an example of how you would initialize the SDK with the mandatory parameters and configurations.
package com.worldpay.access.checkout.sample.code // android library imports omitted import com.worldpay.access.checkout.client.session.AccessCheckoutClientBuilder import com.worldpay.access.checkout.client.session.AccessCheckoutClient import com.worldpay.access.checkout.client.session.model.SessionType class MainActivity : AppCompatActivity() { private val baseUrl = "TARGET_BASE_URL" private val checkoutId = "YOUR_CHECKOUT_ID" override fun onCreate(savedInstanceState: Bundle?) { super.onCreate(savedInstanceState) // reference views code ommited val sessionResponseListener = MySessionResponseListener() val accessCheckoutClient = AccessCheckoutClientBuilder() .baseUrl(baseUrl) .merchantId(checkoutId) .context(this) .sessionResponseListener(sessionResponseListener) .lifecycleOwner(this) .build() } }
When using the SDK with AndroidX Lifecycle 2.3.0 and above, the call to build() must be done on the main UI thread. This is due to changes to the LifecycleRegistry class used by the SDK which now enforces this constraint.
Mandatory parameters
| Parameter | Description |
|---|---|
baseUrl |
|
merchantId | Your unique checkout ID. |
sessionResponseListener | The callback listener that returns your customer's session. |
context | Android Context |
lifecycle | Android LifecycleOwner |
Generate CVC session
You must pass the customer's card details and the SessionType.CVC enum to the generateSessions method on the AccessCheckoutClient instance.
Here's an example of what you should do when your customer clicks the submit button.
package com.worldpay.access.checkout.sample.code // android library imports omitted import com.worldpay.access.checkout.client.session.AccessCheckoutClient import com.worldpay.access.checkout.client.session.model.CardDetails import com.worldpay.access.checkout.client.session.model.SessionType class MainActivity : AppCompatActivity() { // fields ommitted override fun onCreate(savedInstanceState: Bundle?) { super.onCreate(savedInstanceState) val pan = findViewById<EditText>(R.id.pan) val cvc = findViewById<EditText>(R.id.cvc) val expiryDate = findViewById<EditText>(R.id.expiryDate) val submit = findViewById<Button>(R.id.submit_button) // AccessCheckoutClient creation code ommitted submit.setOnClickListener { val cardDetails = CardDetails.Builder() .pan(pan.getInsertedText()) .expiryDate(expiryDate.getInsertedText()) .cvc(cvc.getInsertedText()) .build() accessCheckoutClient.generateSessions(cardDetails, listOf(SessionType.CVC)) } } }
Full code sample
Here's the full code sample of the steps above.
package com.worldpay.access.checkout.sample.code import android.os.Bundle import androidx.appcompat.app.AppCompatActivity import android.widget.Button import android.widget.EditText import com.worldpay.access.checkout.sample.code.R import com.worldpay.access.checkout.client.session.AccessCheckoutClient import com.worldpay.access.checkout.client.session.model.CardDetails import com.worldpay.access.checkout.client.session.model.SessionType class MainActivity : AppCompatActivity() { private val baseUrl = "TARGET_BASE_URL" private val checkoutId = "YOUR_CHECKOUT_ID" override fun onCreate(savedInstanceState: Bundle?) { super.onCreate(savedInstanceState) val pan = findViewById<EditText>(R.id.pan) val cvc = findViewById<EditText>(R.id.cvc) val expiryDate = findViewById<EditText>(R.id.expiryDate) val submit = findViewById<Button>(R.id.submit_button) val sessionResponseListener = MySessionResponseListener() val accessCheckoutClient = AccessCheckoutClientBuilder() .baseUrl(baseUrl) .merchantId(checkoutId) .context(this) .sessionResponseListener(sessionResponseListener) .lifecycleOwner(this) .build() submit.setOnClickListener { val cardDetails = CardDetails.Builder() .pan(pan.getInsertedText()) .expiryDate(expiryDate.getInsertedText()) .cvc(cvc.getInsertedText()) .build() accessCheckoutClient.generateSessions(cardDetails, listOf(SessionType.CVC)) } } }
Do not validate the structure or length of the session resources. We follow HATEOS standard to allow us the flexibility to extend our APIs with non-breaking changes.
Take a payment
Use the value of the CVC session and your stored verified token in our card/checkout paymentInstrument to take a card on file payment.
The CVC session has a lifespan of 15 minutes and you can use it only once. If you do not take a payment within that time, you must create a new CVC session value.
This paymentInstrument can be used in any of our card on file resources (payments:cardOnFileAuthorize, payments:migrateCardOnFileSale and payments:migrateCardOnFileAuthorize).
Next steps
Take a card on file sale
Take a card on file authorization or
Migrate a card on file authorization