Last Updated: 23 August 2024 | Change Log
Use our iOS SDK to secure your customer's card details within the UI components by creating a session.
You can see an example of the session generation here.
To display your checkout form, you must create your layout first using your storyboard.
As part of our SDK, we provide a UI Component dedicated to capturing your customer's card details to minimize your exposure to PCI Data.
You must use this component if you want to qualify for the lowest level of PCI compliance (SAQ-A).
Here's an example of how you would reference your a UI component using unique identifiers
import AccessCheckoutSDK
class ViewController: UIViewController {
@IBOutlet weak var panAccessCheckoutView: AccessCheckoutUITextField!
@IBOutlet weak var expiryDateAccessCheckoutView: AccessCheckoutUITextField!
@IBOutlet weak var cvcAccessCheckoutView: AccessCheckoutUITextField!
func submitButtonClickHandler() {
// code to generate your session
...
}
...
You can optionally validate your customer's card details. You can find instructions here
You must now initialize the SDK using the AccessCheckoutClientBuilder
.
To do this, you must provide your BaseURL
, checkoutId
and other parameters. See the table below for more information.
Here's an example of how you would initialize the SDK with the mandatory parameters.
// The AccessCheckoutClientBuilder throws an error if either the accessBaseUrl() or checkoutId() calls are omitted
let accessCheckoutClient:AccessCheckoutClient? = try? AccessCheckoutClientBuilder().accessBaseUrl(<ACCESS_BASE_URL>)
.checkoutId(<CHECKOUT_ID>)
.build()
Placeholder | Descriptions |
---|---|
<ACCESS_BASE_URL> |
|
<CHECKOUT_ID> | Your unique checkout ID as provided by Worldpay. |
The SDK extracts your customers card details from the UI Component, the card details are then submitted to retrieve a session
.
// The CardDetailsBuilder throws an error if the expiry date is provided in a format different from MM/YY or MMYY (which will not happen if you use the components with built-in validation provided by the SDK)
let cardDetails:CardDetails = try! CardDetailsBuilder().pan(panAccessCheckoutView)
.expiryDate(expiryDateAccessCheckoutView)
.cvc(cvcAccessCheckoutView)
.build()
You must specify [SessionType.card]
as the type of session
to generate.
try? accessCheckoutClient?.generateSessions(cardDetails: cardDetails, sessionTypes: [SessionType.card]) { result in
DispatchQueue.main.async {
switch result {
case .success(let sessions):
// The session is returned in a Dictionary[SessionType:String]
let session = sessions[SessionType.card]
...
case .failure(let error):
// The error returned is of type AccessCheckoutError
let errorMessage = error.message
...
}
}
}
- The call to
generateSessions
takes a closure that returns aResult<[SessionType: String], AccessCheckoutError>
- You must use the pattern of the main thread in the closure when handling the success/failure would lead to updating the UI
Here's the full code sample of the steps above.
import AccessCheckoutSDK
class MyViewController: UIViewController {
private let accessBaseUrl = "https://try.access.worldpay.com"
private let checkoutId = "your-checkout-id"
@IBOutlet weak var panAccessCheckoutView: AccessCheckoutUITextField!
@IBOutlet weak var expiryDateAccessCheckoutView: AccessCheckoutUITextField!
@IBOutlet weak var cvcAccessCheckoutView: AccessCheckoutUITextField!
@IBAction func submit(_ sender: Any) {
let cardDetails = try! CardDetailsBuilder().pan(panAccessCheckoutView)
.expiryDate(expiryDateAccessCheckoutView)
.cvc(cvcAccessCheckoutView)
.build()
let accessCheckoutClient = try? AccessCheckoutClientBuilder().accessBaseUrl(accessBaseUrl)
.checkoutId(checkoutId)
.build()
try? accessCheckoutClient?.generateSessions(cardDetails: cardDetails, sessionTypes: [SessionType.card]) { result in
DispatchQueue.main.async {
switch result {
case .success(let sessionsDictionary):
let session = sessionsDictionary[SessionType.card]
...
case .failure(let error):
...
}
}
}
}
}
Do not validate the structure or length of the session resources. We follow HATEOS standard to allow us the flexibility to extend our APIs with non-breaking changes.
The CARD session
has a lifespan of one minute and you can use it only once. If you do not create a token within that time, you must create a new CARD session
value.