Netcetera 3DS SDK Documentation

Netcetera 3DS SDK

3-D Secure Mobile SDK is the mobile-device-side component of 3-D Secure, one of the novelties introduced by the new, EMVCo 2.X protocol version. It secures authentication in mobile-based purchases. Being integrated in 3-D Secure Requestor (Merchant) app, enables the app for EMV 3DS (2.X) transactions.

The Netcetera 3DS SDK is an implementation of the 3-D Secure Mobile SDK, by Netcetera AG.

This integration documentation covers both the Android and iOS platforms.


The Netcetera 3DS SDK is implemented according to the EMVCo 3-D Secure Mobile SDK specification and includes all the features that are defined by it. Some worth mentioning features would include:

    • Initialization
      • Security checks
      • Configurable device data collection
    • Frictionless message flow
    • Authentication request parameters
    • Challenge message flow
      • UI Customization
      • Secure communication
      • Challenge Request creation
      • Challenge Response validation
      • Customizable Native challenge UI
      • HTML challenge UI
  • External configuration
    • DS certificates and public keys configuration
    • DS Logo images
  • Netcetera Demo Merchant Application

3DS App Flow

The 3-D Secure 2.X protocol supports in-app flow that offers authentication in the merchant applications. The sequence diagram bellow shows the process of authentication.

Component description for the sequence diagram:

  • Merchant application (3DS Requestor App): An App on a Consumer Device that can process a 3-D Secure transaction through the use of a 3DS SDK.
  • SDK Integrator: Direct integrator of the 3DS SDK that can be either another SDK or the merchant application itself.
  • Shop Backend/PSP (3DS Requestor): Custom shop implementation or some other payment processing platform that will serve as intermediary layer between the merchant application and the 3DS Server for easier initiation of authentication.
  • 3DS Server: 3DS Integrator's server or systems that handle online transactions and facilitates communication between the 3DS Requestor and the DS.
  • Directory Server: A server component operated in the Interoperability Domain; it performs a number of functions that include: authenticating the 3DS Server, routing messages between the 3DS Server and the ACS, and validating the 3DS Server, the 3DS SDK, and the 3DS Requestor.
  • Access Control Server: A component that operates in the Issuer Domain, that verifies whether authentication is available for a card number and device type, and authenticates specific Cardholders.

3DS App flow