Mobile SDKs
Omise provides native mobile SDKs for building secure payment integrations in iOS and Android applications. Our SDKs handle sensitive payment data collection and tokenization, ensuring PCI compliance while providing a seamless mobile payment experience.
Overviewโ
Mobile SDKs enable you to securely collect payment information from your mobile applications without having sensitive card data touch your servers. All SDKs follow platform-specific best practices and provide native UI components and APIs.
Key Featuresโ
- Native tokenization - Create secure payment tokens directly from mobile devices
- PCI compliant - Card data never touches your servers
- Platform-specific design - Native components following iOS and Android design guidelines
- Multiple payment methods - Support for cards, mobile banking, and alternative payment methods
- Built-in validation - Client-side validation for card numbers, CVV, and expiry dates
- 3D Secure support - Built-in support for 3D Secure authentication flows
- Biometric authentication - Support for Touch ID, Face ID, and fingerprint authentication
- Error handling - Comprehensive error messages and handling
- Network resilience - Automatic retry logic and offline handling
Available SDKsโ
iOS SDKโ
Build secure payment experiences for iPhone and iPad applications.
- Languages: Swift 5.0+, Objective-C
- iOS Version: iOS 12.0 and later
- Installation: CocoaPods, Swift Package Manager, Carthage
- Repository: omise/omise-ios
Android SDKโ
Integrate payments into native Android applications.
- Languages: Kotlin, Java 8+
- Android Version: API Level 21 (Android 5.0) and later
- Installation: Gradle, Maven
- Repository: omise/omise-android
Get Started with Android SDK โ
Flutter SDKโ
Create cross-platform payment solutions with Flutter.
- Language: Dart 2.12+
- Flutter Version: Flutter 2.0 and later
- Platforms: iOS and Android
- Installation: pub.dev
- Repository: omise/omise-flutter
Get Started with Flutter SDK โ
Dart SDKโ
Server-side Dart integration for backend services.
- Language: Dart 2.12+
- Platform: Server-side Dart applications
- Installation: pub.dev
- Repository: omise/omise-dart
Architecture Overviewโ
All mobile SDKs follow a similar architectural pattern:
โโโโโโโโโโโโโโโโโโโ
โ Mobile App โ
โ โ
โ โโโโโโโโโโโโโ โ
โ โ Omise SDK โ โ
โ โโโโโโโฌโโโโโโ โ
โโโโโโโโโโผโโโโโโโโโ
โ
โ HTTPS (TLS 1.2+)
โ
โโโโโโผโโโโโ
โ Omise โ
โ API โ
โโโโโโฌโโโโโ
โ
โโโโโโผโโโโโโโโโ
โ Your Server โ
โโโโโโโโโโโโโโโ
Security Flowโ
- Customer enters payment details in your mobile app
- SDK validates the input client-side
- SDK sends encrypted data directly to Omise servers
- Omise returns a secure token to the mobile app
- App sends token to your server
- Your server creates a charge using the token
This flow ensures that sensitive card data never touches your servers, maintaining PCI compliance.
Choosing the Right SDKโ
| Use Case | Recommended SDK | Reason |
|---|---|---|
| Native iOS app | iOS SDK | Best performance, native UI components |
| Native Android app | Android SDK | Best performance, native UI components |
| Cross-platform app | Flutter SDK | Write once, deploy to both platforms |
| Backend service in Dart | Dart SDK | Full API access for server operations |
| React Native app | iOS + Android SDKs | Use native modules with RN bridge |
Common Use Casesโ
Tokenizing Credit Cardsโ
All mobile SDKs provide methods to tokenize credit card information:
// iOS (Swift)
let request = Request(
name: "John Doe",
number: "4242424242424242",
expirationMonth: 12,
expirationYear: 2025,
securityCode: "123"
)
client.send(request) { result in
// Handle token
}
// Android (Kotlin)
val request = Token.CreateTokenRequest(
name = "John Doe",
number = "4242424242424242",
expirationMonth = 12,
expirationYear = 2025,
securityCode = "123"
)
client.send(request, callback)
// Flutter (Dart)
final token = await omise.createToken(
name: 'John Doe',
number: '4242424242424242',
expirationMonth: 12,
expirationYear: 2025,
securityCode: '123',
);
Creating Payment Sourcesโ
For alternative payment methods like mobile banking:
// iOS - Internet Banking
let request = CreateSourceRequest(
amount: 100000,
currency: "thb",
type: .internetBankingBay
)
// Android - Mobile Banking
val request = Source.CreateSourceRequest(
amount = 100000,
currency = "thb",
type = SourceType.InternetBankingBay
)
// Flutter - PromptPay
final source = await omise.createSource(
amount: 100000,
currency: 'thb',
type: 'promptpay',
);
Installation Quick Linksโ
iOSโ
# CocoaPods
pod 'OmiseSDK'
# Swift Package Manager
dependencies: [
.package(url: "https://github.com/omise/omise-ios", from: "5.0.0")
]
Androidโ
dependencies {
implementation 'co.omise:omise-android:4.0.0'
}
Flutterโ
flutter pub add omise_flutter
Dartโ
dart pub add omise_dart
Best Practicesโ
Securityโ
- Never log sensitive data - Don't log card numbers, CVV, or tokens
- Use HTTPS only - All SDKs enforce HTTPS connections
- Validate on server - Always validate tokens server-side before creating charges
- Implement rate limiting - Prevent brute-force attacks on payment forms
- Use public key only - Never embed your secret key in mobile apps
User Experienceโ
- Show loading states - Display progress indicators during tokenization
- Handle errors gracefully - Provide clear error messages to users
- Support multiple payment methods - Offer local payment methods for better conversion
- Implement proper validation - Validate input before sending to API
- Save card details securely - Use platform-specific secure storage (Keychain, KeyStore)
Performanceโ
- Cache public keys - Reduce initialization time by caching configuration
- Implement timeouts - Set reasonable timeouts for API calls
- Handle offline scenarios - Gracefully handle network failures
- Minimize API calls - Batch operations when possible
- Use background threads - Don't block the UI during API calls
Testingโ
All SDKs support testing with Omise test mode:
Test Cardsโ
Successful: 4242424242424242
Failed: 4111111111111111
3D Secure: 4000000000000002
Test Configurationโ
// iOS
let config = Config(publicKey: "pkey_test_...")
// Android
val client = Client("pkey_test_...")
// Flutter/Dart
final omise = Omise(publicKey: 'pkey_test_...');
Error Handlingโ
All SDKs provide structured error handling:
// iOS
client.send(request) { result in
switch result {
case .success(let token):
// Use token
case .failure(let error):
// Handle error
print(error.localizedDescription)
}
}
// Android
client.send(request, object : RequestListener<Token> {
override fun onRequestSucceed(model: Token) {
// Use token
}
override fun onRequestFailed(error: Throwable) {
// Handle error
}
})
// Flutter
try {
final token = await omise.createToken(...);
// Use token
} catch (error) {
// Handle error
}
Migration Guidesโ
Upgrading from v3.x to v4.x (Android)โ
The v4.x release includes breaking changes. See the Android SDK migration guide for details.
Upgrading from v4.x to v5.x (iOS)โ
The v5.x release adds Swift concurrency support. See the iOS SDK migration guide for details.
Supported Payment Methodsโ
| Payment Method | iOS | Android | Flutter | Dart |
|---|---|---|---|---|
| Credit/Debit Cards | โ | โ | โ | โ |
| Internet Banking | โ | โ | โ | โ |
| Mobile Banking | โ | โ | โ | โ |
| PromptPay | โ | โ | โ | โ |
| TrueMoney Wallet | โ | โ | โ | โ |
| Alipay | โ | โ | โ | โ |
| PayNow | โ | โ | โ | โ |
| DuitNow | โ | โ | โ | โ |
| GrabPay | โ | โ | โ | โ |
| Boost | โ | โ | โ | โ |
| ShopeePay | โ | โ | โ | โ |
Platform Requirementsโ
iOS SDKโ
- Xcode 13.0 or later
- Swift 5.5+ or Objective-C
- iOS 12.0 or later
- CocoaPods 1.10+ or SPM
Android SDKโ
- Android Studio Arctic Fox or later
- Kotlin 1.5+ or Java 8+
- Gradle 7.0+
- Android API Level 21+ (Android 5.0+)
Flutter SDKโ
- Flutter 2.0 or later
- Dart 2.12 or later
- iOS 12.0+ and Android API Level 21+
Dart SDKโ
- Dart 2.12 or later
- Server-side or CLI applications
Frequently Asked Questionsโ
General Questionsโ
Can I use these SDKs with React Native?
Yes, you can create native modules that wrap the iOS and Android SDKs. We don't currently provide an official React Native package, but the native SDKs can be integrated using React Native's native module system.
Do the SDKs support 3D Secure authentication?
Yes, all mobile SDKs support 3D Secure authentication. The SDKs will automatically handle the authentication flow when required by the card issuer.
Can I customize the UI components?
Yes, while the SDKs provide default UI components, you can also use the core APIs to build completely custom payment forms that match your app's design.
What happens if the network request fails?
The SDKs implement automatic retry logic with exponential backoff. If all retries fail, you'll receive an error that you can handle and present to the user.
Are the SDKs open source?
Yes, all Omise mobile SDKs are open source and available on GitHub under the MIT license.
How do I test my integration?
Use your test mode public key (starting with pkey_test_) and test card numbers. All API calls will be made to the test environment and no real charges will be created.
Security Questionsโ
Where is card data stored?
Card data is only stored temporarily in memory during the tokenization process. Once a token is created, the card data is discarded. Tokens themselves are stored on Omise's secure servers.
Is it safe to store tokens on the device?
Yes, tokens are safe to store as they cannot be used directly without your secret key. However, ensure you use platform-specific secure storage (Keychain on iOS, KeyStore on Android).
Do I need to be PCI compliant when using these SDKs?
Using the SDKs significantly reduces your PCI compliance scope as card data never touches your servers. However, you should still follow PCI DSS best practices for handling tokens.
Can the SDKs work offline?
The SDKs require network connectivity to create tokens and sources. However, they can queue operations and retry when connectivity is restored.
Technical Questionsโ
What's the difference between a token and a source?
Tokens represent credit/debit cards and can be charged immediately. Sources represent alternative payment methods (like internet banking) that require additional steps to complete the payment.
Can I charge a token directly from the mobile app?
No, tokens should always be charged from your server using your secret key. The mobile SDKs only use your public key and cannot create charges.
How long are tokens valid?
Tokens expire after a certain period (typically 30 minutes) if not used. Once used to create a charge or attach to a customer, they become permanently associated with that entity.
Can I use multiple public keys in one app?
Yes, you can initialize multiple client instances with different public keys if you need to support multiple Omise accounts.
Support and Resourcesโ
Documentationโ
- iOS SDK Documentation
- Android SDK Documentation
- Flutter SDK Documentation
- Dart SDK Documentation
- API Reference
Code Examplesโ
Communityโ
Getting Helpโ
If you encounter issues with any of the mobile SDKs:
- Check the SDK-specific documentation
- Review the changelog for breaking changes
- Search existing GitHub issues
- Contact support with your SDK version, platform details, and error messages
Next Stepsโ
Choose your platform to get started:
- iOS SDK โ - Build payments for iPhone and iPad
- Android SDK โ - Integrate payments in Android apps
- Flutter SDK โ - Create cross-platform payment solutions
- Dart SDK โ - Build server-side integrations with Dart
For backend integration after tokenization:
- Charges API - Create charges from tokens
- Customers API - Save cards for future use
- Sources API - Handle alternative payment methods