Risk Android SDK

Last updated: April 30, 2025

The checkout-risk-sdk-android SDK captures advanced fraud signals that are leveraged in our machine-learning model for fraud scoring.

Information

To enable access to the Risk Android SDK, contact your account manager or [email protected].

You must generate a public API key from your Dashboard.

The minimum requirements to use the SDK are:

Android API level 21 (Android 5.0) or later as a build target
Compatibility with targetSdk versions 21 to 33

Import the SDK.
Initialize the SDK.
Publish the device data.
Complete the data safety questionnaire.

Add the Risk Android SDK as a dependency from GitHub.

Information

For the installation steps and available versions, see the jitpack.io/frames-android documentation.

Add the JitPack repository to your project-level build.gradle file:


1// project gradle file
2
3allprojects {
4    repositories {
5        maven { url 'https://jitpack.io' }
6        maven { url = uri("https://maven.fpregistry.io/releases") }
7    }
8}

Add the Risk SDK dependency to the module gradle file:


1// module gradle file
2
3dependencies {
4    implementation 'com.github.checkout:checkout-risk-sdk-android:<latest_version>'
5}

To ensure you have the correct build configuration, make sure you:

Add the Jitpack repository to the project gradle file.
Add the dependency to the module gradle file.

To initialize the package, call the Risk.getInstance() method and pass the following:

API key
Environment


1// Example usage of package
2
3val yourConfig = RiskConfig(publicKey = "pk_qa_xxx", environment = RiskEnvironment.QA)
4
5// Initialize the package with the getInstance method early-on
6val riskInstance =
7    Risk.getInstance(
8        context,
9        RiskConfig(
10            BuildConfig.SAMPLE_MERCHANT_PUBLIC_KEY,
11            RiskEnvironment.QA,
12            false,
13        ),
14    ).let {
15        it?.let {
16            it
17        } ?: run {
18            null
19        }
20    }

When the customer selects to pay, publish the device data by calling the publishData() method on the Risk instance and retrieve the deviceSessionId:


1// Publish the device data with the publishData method
2
3riskInstance?.publishData().let {
4    if (it is PublishDataResult.Success) {
5        println("Device session ID: ${it.deviceSessionId}") // dsid_XXXX
6    }
7}

The getInstance method returns a single instance of Risk. When you call the method, Checkout.com performs preliminary checks and retrieves the public keys to initialize the package to collect device data. If the checks fail or the merchant is disabled, the method returns null.

If the checks are successful, the method returns an instance of Risk to the package consumer.

Call the publishData() method on the instance to publish the data.


1data class RiskConfig(val publicKey: String, val environment: RiskEnvironment, val framesMode: Boolean = false)
2
3// Instance creation of Risk Android package
4public class Risk private constructor(...) {
5    public companion object {
6        ...
7        public suspend fun getInstance(applicationContext: Context, config: RiskConfig): Risk? {
8            ...
9        }
10    }
11}
12
13enum class RiskEnvironment {
14    SANDBOX,
15    PROD
16}


1class Risk private constructor(...) {
2    companion object {
3        ...
4        suspend fun publishData(...): ... {
5            ...
6        }
7    }
8}

Call the publishData() method to publish and persist the device data.


1public suspend fun publishData(cardToken: string? = null): PublishDataResult {
2...
3}


1public sealed class PublishDataResult {
2    public data class Success(val deviceSessionId: String) : PublishDataResult()
3
4    public data object PublishFailure : PublishDataResult()
5}


1// Example usage of package
2val yourConfig = RiskConfig(publicKey = "pk_qa_xxx", environment = RiskEnvironment.QA)
3
4// Initialize the package with the getInstance method
5val riskInstance =
6    Risk.getInstance(
7        context,
8        RiskConfig(
9            BuildConfig.SAMPLE_MERCHANT_PUBLIC_KEY,
10            RiskEnvironment.QA,
11            false,
12        ),
13    ).let {
14        it?.let {
15            it
16        } ?: run {
17            null
18        }
19    }
20
21// Publish the device data with the publishData method when the user selects the option to pay
22
23riskInstance?.publishData().let {
24    if (it is PublishDataResult.Success) {
25        println("Device session ID: ${it.deviceSessionId}") // dsid_XXXX
26    }
27}

When you submit your app to Google Play, provide the required responses in your Data safety form.

Risk Android SDK

Information

Before you begin

How it works

Import the SDK

Information

Initialize the SDK

Publish the device data

Argument

Response

Argument

Response

Example configuration

Complete Data safety form