Netcetera 3DS SDK Documentation

Netcetera 3DS SDK

3-D Secure Mobile SDK is the mobile-device-side component of 3-D Secure, one of the novelties introduced by the new, EMVCo 2.0 protocol version. It secures authentication in mobile-based purchases. Being integrated in 3-D Secure Requestor (Merchant) app, enables the app for EMV 3DS (2.0) transactions.

The Netcetera 3DS SDK is an implementation of the 3-D Secure Mobile SDK, by Netcetera AG.

This integration documentation covers both the Android and iOS platforms.


The Netcetera 3DS SDK is implemented according to the EMVCo 3-D Secure Mobile SDK specification and includes all the features that are defined by it. Some worth mentioning features would include:

  • Initialization
    • Security checks
    • Configurable device data collection
  • Frictionless message flow
    • Authentication request parameters
  • Challenge message flow
    • UI Customization
    • Secure communication
    • Challenge Request creation
    • Challenge Response validation
    • Customizable Native challenge UI
    • HTML challenge UI
  • External configuration
  • DS certificates and public keys configuration
  • DS Logo images
  • Netcetera Demo Merchant Application

3DS App Flow

The 3-D Secure 2.0 protocol supports in-app flow that offers authentication in the merchant applications. The sequence diagram bellow shows the process of authentication.

Component description for the sequence diagram:

  • Merchant application (3DS Requestor App): An App on a Consumer Device that can process a 3-D Secure transaction through the use of a 3DS SDK.
  • SDK Integrator: Direct integrator of the 3DS SDK that can be either another SDK or the merchant application itself.
  • Shop Backend/PSP (3DS Requestor): Custom shop implementation or some other payment processing platform that will serve as intermediary layer between the merchant application and the 3DS Server for easier initiation of authentication.
  • 3DS Server: 3DS Integrator’s server or systems that handle online transactions and facilitates communication between the 3DS Requestor and the DS.
  • Directory Server: A server component operated in the Interoperability Domain; it performs a number of functions that include: authenticating the 3DS Server, routing messages between the 3DS Server and the ACS, and validating the 3DS Server, the 3DS SDK, and the 3DS Requestor.
  • Access Control Server: A component that operates in the Issuer Domain, that verifies whether authentication is available for a card number and device type, and authenticates specific Cardholders.
3DS APP Based Flow