Learn how to start an SCA buyer verification, get the resulting verification token, and use that token to complete a payment with the Square Payments API.
In-App Payments SDK

Verify a Buyer

Java (Android)

Use Strong Customer Authentication (SCA) to verify the buyer for one-time charges or for storing a customer card on file.

The In-App Payment SDK supports the Strong Customer Authentication (SCA) buyer verification flow for transactions where the buyer is present. When a buyer uses a payment card issued in the United Kingdom, the issuing bank might require your In-App Payments SDK application to challenge the buyer for additional identifying information. This can happen in a one-time charge when a card is stored on file with Square or when a stored card is used in a transaction.

To add the SCA flow to your application, complete the following steps to update your existing code. The In-App Payments SDK handles all the buyer verification logic and the verification UI. You provide the location ID, buyer contact name, and payment ID (the payment token or stored customer payment card ID) to the buyer verification method and the SDK completes the SCA flow to return a verification token to your application.

Add the following buyer verification dependency to your module build.gradle file:

Make sure that the buyerVerificationVersion dependency version matches the version used for the In-App Payments SDK library version, and is the latest version.

  1. Create a VerificationParameters object in your activity to encapsulate the information in the following list:

  • Contact - You should build the Contact object with as many contact field values as possible. You must provide the given name. The contact family name and city should be provided. The more complete the contact object, the lower the chance that the buyer is challenged by the card-issuing bank.

  • Payment source ID - This ID can be the payment token returned by the CardEntry activity or a card-on-file ID for the buyer's payment card stored with Square.

  • Location ID - The location IDs are found on the Locations page for your application in the Developer Dashboard. The ID references a seller location and stores the physical address of the seller.

  • Buyer action - The buyer's intention of storing the card on file or charging it.

  1. Pass the VerificationParameters object into the SDK verify method in step 3.

    This example creates a contact and sets the verification parameters to the contact and a payment source ID.


SCA should be called for all customer-initiated transactions, including digital wallet payments. If the seller doesn't have SCA called for digital wallet payments, the transactions may be declined due to lack of authentication.

This steps verifies a buyer for a card to be stored or charged.

A stored buyer's card ID can be used in place of a payment token in any of the example code that sets the first parameter of the VerificationParameters object.

  1. Declare a class variable to store the ID of a stored card on file:

  2. If you're verifying a buyer for a card to be stored, add the following code in onActivityResult:

  3. If you're verifying a buyer for a card to be charged, update your onActivityResult with the following code to start the buyer verification activity. The verification token is received in step 4.

  4. Add the verification code from step 2 or step 3 to the onActivityResult callback in your activity:

For information about storing a customer card on file after the payment token has been verified, see Integrate Customer Profiles with Other Services.


In production, the CreateCard and CreatePayment operations are run on your backend after your client provides the payment token and verification token.

In this step, you charge a card for a verified buyer.

In onActivityResult for requestCode == DEFAULT_BUYER_VERIFICATION_REQUEST_CODE, send the payment source ID (the payment token or stored customer payment card ID) you got in step 3 and the verification token from this step to your backend to complete a payment with verification.

In this example, note the following:

  1. Create a helper method to print a cURL command to save a card on file.

  2. Create a helper method to print a cURL command to create a payment with the Payments API CreatePayment.


    The cURL command is run when requestCode is DEFAULT_BUYER_VERIFICATION_REQUEST_CODE.

  1. Create a helper method to print a cURL command to charge a card:

  1. Update onActivityResult for requestCode == DEFAULT_BUYER_VERIFICATION_REQUEST_CODE to call the cURL helper methods to store and charge a card: