**Last updated**: 30 October 2025 | [**Change log**](/products/checkout/android/changelog/)

# Android SDK

Take payments and still qualify for SAQ-A - the lowest PCI compliance level - with our Android SDK.

Create your own uniquely styled and branded checkout form by integrating our SDK into your native app.

Read more about the Checkout SDK and the supported payment journeys [here](/products/checkout).

Note
Make yourself familiar with our [API Principles](/products/reference/api-principles) to ensure a resilient integration.

Important
Please ensure you integrate the SDK as advised in our documentation or you might be subject to additional PCI Compliance and won't meet the SAQ-A Compliance level.

## How does it work?

We are securing your customer's payment details by creating a session. You can then either apply the session directly in the [Payments API](/products/payments/card-payment) or [create a token](/products/verified-tokens/create-verified-token) for use with our modular APIs.

### What is a session?

A `session` is a unique identifier for your customer's payment details, generated by the SDK.

## Get our SDK

To get our SDK, include the Gradle, [Maven](https://search.maven.org/search?q=g:com.worldpay.access%20and%20a:access-checkout-android) or Local AAR library configuration below.

Gradle

```
implementation 'com.worldpay.access:access-checkout-android:3.0.0'
```

Maven

```
<dependency>
  <groupId>com.worldpay.access</groupId>
  <artifactId>access-checkout-android</artifactId>
  <version>3.0.0</version>
</dependency>
```

Local AAR

```
allprojects {
    repositories {
        //...
        flatDir {
            dirs 'libs'
        }
    }
}
```

#### Local AAR library

If you're using the Local AAR library to get the SDK, copy the library file into your `app/libs` folder. Then add the `flatDir` repo to the project level `build.gradle` using the code in the Local AAR library example above.

You must also add the example below to your app-level dependency list:


```
implementation (name:'access-checkout-android', ext:'aar')
implementation "org.jetbrains.kotlin:kotlin-stdlib-jdk8:1.6.21"
```

And here's a link to our Access Checkout [Android SDK GitHub Repo](https://github.com/Worldpay/access-checkout-android)

## Additional Security Measures

#### Obfuscate your app code

We highly recommend that you shrink and obfuscate your app code to reduce your app size and also make it more difficult for anyone to reverse-engineer your code. To enable shrinking and code obfuscation, you can follow the guidance on the [official Android Developer page](https://developer.android.com/build/shrink-code).

#### Verify integrity of the SDK using Gradle

You can verify the integrity of the SDK with the [Dependency Verification](https://docs.gradle.org/current/userguide/dependency_verification.html) feature of Gradle.

Run the command below at the root of your Gradle project to generate the `verification-metadata.xml` file used by Gradle to verify dependencies.

This file, generated by Gradle, contains the checksums of all the libraries defined in your project, with every checksum retrieved from the same repository where Gradle retrieves a dependency from.

This file instructs Gradle to verify the checksums of each library defined in the file. It will fail your `build` if any library's checksum retrieved from the remote repository is different from the checksum computed by Gradle.


```
gradle --write-verification-metadata sha256
```

## What to do next

Payments API
[**Create a session to pay with a card**](/products/checkout/android/v3/card-only)

1. [Submit card details to create a `session`](/products/checkout/android/v3/card-only)
2. Apply the session in the [payment request](/products/payments/card-payment)


[**Create a session for CVC only and pay with a stored token**](/products/checkout/android/v3/cvc-only)

1. [Submit the CVC to create a session](/products/checkout/android/v3/cvc-only)
2. Apply the `sessions.cvc` and stored token in the [payment request](/products/payments/use-a-stored-card)


Modular APIs
See our guides on how to create sessions you can use to take a payment:

Note
For one-time payments, you would need to [delete the token](/products/tokens#deleting-tokens) after you take the payment.

[**Create a session to pay with a card**](/products/checkout/android/v3/card-only)

1. [Submit card details to create a session](/products/checkout/android/v3/card-only)
2. Create a [verified token](/products/verified-tokens/create-verified-token)
3. [Take a payment](/products/card-payments/authorize-a-payment) with this token


[**Create sessions to pay with a card and CVC**](/products/checkout/android/v3/card-and-cvc)

1. [Submit card details and CVC to create two separate sessions](/products/checkout/android/v3/card-and-cvc)
2. Create a [verified token](/products/verified-tokens/create-verified-token) with your CARD `session`
3. Use your CVC `session` and verified token in our `card/checkout` payment instrument to [take a payment](/products/card-payments/authorize-a-payment)


[**Create a session for CVC only and pay with a stored token**](/products/checkout/android/v3/card-and-cvc#create-a-session-for-cvc-only)

1. [Submit the CVC to create a session](/products/checkout/android/v3/cvc-only)
2. Use your cvc `session` and stored verified token in our `card/checkout` payment instrument to [take a payment](/products/card-payments/authorize-a-payment)