4.0.0

PCI SSF Compliance

• Version 4.0.0 of the Checkout Android SDK is compliant with the PCI SSF standard. This has been done to help merchants reduce the scope of their own PCI assessments.

Breaking change - Functionality deprecated in version 3.0.0 has been removed in version 4.0.0

• Support for using EditText has been removed. AccessCheckoutEditText must be used instead. This component is dedicated to capturing and encapsulating your customers card details to minimize your exposure to PCI Data. More information in the Worldpay Developer Documentation
• Support for passing directly card details to create an instance of CardDetails has been removed
• Support for using merchantId() in AccessCheckoutClientBuilder to pass your Checkout ID has been removed. It is replaced by checkoutId().

Breaking change - Minimum version requirements

• The minimum Android version supported by the SDK for the purpose of providing a PCI SSF compliant solution is Android 12
• Note that although the SDK supports Android 8 to 11, it is not PCI SSF compliant with these versions. This is due to the fact that Google has stopped supporting/delivering security fixes for these versions

Licensing

• The Access Checkout Android SDK licence is now a proprietary licence (was open source before). This is for the purpose of protecting merchants against a risk of breaking changes in case where the Worldpay APIs consumed by the SDK are to change in the future.

3.0.0

Support for enhanced card sessions

• Support for enhanced card sessions has been released. These card sessions will support integration with our Verified Payments API (to be released soon) and remain compatible with the Verified Tokens API.
• The way you integrate the SDK does not change.
• However, the card session URL returned by the SDK is now in the form https://access.worldpay.com/sessions/... , instead of https://access.worldpay.com/verifiedTokens/sessions/... before.

Support for minimizing exposure to card details

• Up to version 2 of our SDK, you had to capture and pass card details in your code to our SDK, which meant you were exposed to card details and made your PCI compliance assessment more difficult.
• We have added a new UI Component (AccessCheckoutEditText) dedicated to capturing and encapsulating your customers card details to minimize your exposure to PCI Data. At a high level, you now pass references of instances of this UI component to our SDK and in return the SDK will do all the heavy lifting for you, making sure that you do not have to manipulate card details directly. This allows your app to be assessed against the PCI SAQ-A standard.

Functionality added in version 2.. and deprecated in version 3.0.0

• Support for using EditText is deprecated and will be removed in the next major version.
• Support for passing directly card details to create an instance of CardDetails has been deprecated and will be removed in the next major.
• Support for using merchantId() in AccessCheckoutClientBuilder to pass your Checkout ID is deprecated and replaced by checkoutId(). Support for merchantId() will be removed in the next major version.

Minimum version requirements

• The minimum version supported is API Level 26

2.6.0

Removed

• Drop functionality which sets hints/placeholders on EditText provided by clients. It is the responsibility of the client to set whichever hint/placeholder they want in the language of their preference. Major version of the SDK has not been changed despite this functionality being dropped, the reason is that the SDK should never have had that functionality in the first place so this is classified as a bug fix

Added

• SDK now enforces numeric inputType for each EditText specified by the client

Fixed

• Fix an issue where pressing and maintaining the backspace key does not delete the entirety of the card number field (only occurring when pan formatting is enabled)
• Fix an issue where the caret would not move when attempting to insert digits towards the end of a card number

Changed

• Upgrade SDK and app to use API Level 33
• Upgrade Kotlin to 1.6.21
• Upgrade Kotlin coroutines to 1.5.2
• Upgrade Gradle to 7.4 and upgrade gradle-wrapper jar
• Refactor build pipeline to minimise duplication of workflows
• Change UI tests to also run against latest versions of Android
• Fix issue preventing Jacoco from correctly calculating code coverage following to Gradle upgrade

2.5.2

• Fix an issue where when inserting a number digits resulting in a pan longer than the max allowed the application crashes due to the caret position calculations.
• Add support for Access Checkout React Native versions

2.5.1

• Fix for an issue where the AccessCheckoutClientBuilder throws an exception when its build() method is not called on the UI thread. This issue is due to a change in the 'androix.lifecycle:lifecycle-runtime:' library starting from version 2.3.0 where the LifecycleRegistry enforces the call to addObserver() to be made on the UI thread

2.5.0

Added

• add functionality to stop session response listeners in order to fix a memory leak issue when integrating the SDK in a React Native application

2.4.0

Changed

• Replaced deprecated ASyncTasks by coroutine

2.3.0

Added

• Now supporting Android API Level 30

Changed

• Allowing initialising validation after the onResume function

2.2.0

Added

• Ability to enable Pan formatting by calling enablePanFormatting() when building CardValidationConfig

Changed

• All Pans that are entered will be formatted by default. All card brands except for Amex will be formatted as XXXX-XXXX-XXXX-XXXX. Amex will be formatted as XXXX-XXXXXX-XXXXX.
• Sanitise BaseUrl configuration value to remove trailing forward slashes, so that http://localhost/ becomes http://localhost

2.1.0

Added

• Ability to specify the card brands to support for validation, all other card brands will no longer be valid during card validation

Changed

• Outgoing http requests are now using a HttpsUrlConnection instead of HttpUrlConnection