Mobile SDKs
Omise provides native mobile SDKs for building secure payment integrations in iOS and Android applications. Our SDKs handle sensitive payment data collection and tokenization, ensuring PCI compliance while providing a seamless mobile payment experience.
Overview
Mobile SDKs enable you to securely collect payment information from your mobile applications without having sensitive card data touch your servers. All SDKs follow platform-specific best practices and provide native UI components and APIs.
Key Features
- Native tokenization - Create secure payment tokens directly from mobile devices
- PCI compliant - Card data never touches your servers
- Platform-specific design - Native components following iOS and Android design guidelines
- Multiple payment methods - サポート for cards, mobile banking, and alternative payment methods
- Built-in validation - Client-side validation for card numbers, CVV, and expiry dates
- 3D Secure support - Built-in support for 3D Secure authentication flows
- Biometric authentication - サポート for Touch ID, Face ID, and fingerprint authentication
- Error handling - Comprehensive error messages and handling
- Network resilience - Automatic retry logic and offline handling
Available SDKs
iOS SDK
Build secure payment experiences for iPhone and iPad applications.
- Languages: Swift 5.0+, Objective-C
- iOS Version: iOS 12.0 and later
- インストール: CocoaPods, Swift Package Manager, Carthage
- Repository: omise/omise-ios
Android SDK
Integrate payments into native Android applications.
- Languages: Kotlin, Java 8+
- Android Version: API Level 21 (Android 5.0) and later
- インストール: Gradle, Maven
- Repository: omise/omise-android
Get Started with Android SDK →
Flutter SDK
Create cross-platform payment solutions with Flutter.
- Language: Dart 2.12+
- Flutter Version: Flutter 2.0 and later
- Platforms: iOS and Android
- インストール: pub.dev
- Repository: omise/omise-flutter
Get Started with Flutter SDK →
Dart SDK
Server-side Dart integration for backend services.
- Language: Dart 2.12+
- Platform: Server-side Dart applications
- インストール: pub.dev
- Repository: omise/omise-dart
Architecture Overview
All mobile SDKs follow a similar architectural pattern:
┌─────────────────┐
│ Mobile App │
│ │
│ ┌───────────┐ │
│ │ Omise SDK │ │
│ └─────┬─────┘ │
└────────┼────────┘
│
│ HTTPS (TLS 1.2+)
│
┌────▼────┐
│ Omise │
│ API │
└────┬────┘
│
┌────▼────────┐
│ Your Server │
└─────────────┘
Security Flow
- Customer enters payment details in your mobile app
- SDK validates the input client-side
- SDK sends encrypted data directly to Omise servers
- Omise returns a secure token to the mobile app
- App sends token to your server
- Your server creates a charge using the token
This flow ensures that sensitive card data never touches your servers, maintaining PCI compliance.
Choosing the Right SDK
| Use Case | Recommended SDK | Reason |
|---|---|---|
| Native iOS app | iOS SDK | Best performance, native UI components |
| Native Android app | Android SDK | Best performance, native UI components |
| Cross-platform app | Flutter SDK | Write once, deploy to both platforms |
| Backend service in Dart | Dart SDK | Full API access for server operations |
| React Native app | iOS + Android SDKs | Use native modules with RN bridge |
Common Use Cases
Tokenizing Credit Cards
All mobile SDKs provide methods to tokenize credit card information:
// iOS (Swift)
let request = Request(
name: "John Doe",
number: "4242424242424242",
expirationMonth: 12,
expirationYear: 2025,
securityCode: "123"
)
client.send(request) { result in
// Handle token
}
// Android (Kotlin)
val request = Token.CreateTokenRequest(
name = "John Doe",
number = "4242424242424242",
expirationMonth = 12,
expirationYear = 2025,
securityCode = "123"
)
client.send(request, callback)
// Flutter (Dart)
final token = await omise.createToken(
name: 'John Doe',
number: '4242424242424242',
expirationMonth: 12,
expirationYear: 2025,
securityCode: '123',
);
Creating Payment Sources
For alternative payment methods like mobile banking:
// iOS - インターネットバンキング
let request = CreateSourceRequest(
amount: 100000,
currency: "thb",
type: .internetBankingBay
)
// Android - Mobile Banking
val request = Source.CreateSourceRequest(
amount = 100000,
currency = "thb",
type = SourceType.InternetBankingBay
)
// Flutter - PromptPay
final source = await omise.createSource(
amount: 100000,
currency: 'thb',
type: 'promptpay',
);
インストール Quick Links
iOS
# CocoaPods
pod 'OmiseSDK'
# Swift Package Manager
dependencies: [
.package(url: "https://github.com/omise/omise-ios", from: "5.0.0")
]
Android
dependencies {
implementation 'co.omise:omise-android:4.0.0'
}
Flutter
flutter pub add omise_flutter
Dart
dart pub add omise_dart
ベストプラクティス
Security
- Never log sensitive data - Don't log card numbers, CVV, or tokens
- Use HTTPS only - All SDKs enforce HTTPS connections
- Validate on server - Always validate tokens server-side before creating charges
- Implement rate limiting - Prevent brute-force attacks on payment forms
- Use public key only - Never embed your secret key in mobile apps
User Experience
- Show loading states - Display progress indicators during tokenization
- Handle errors gracefully - Provide clear error messages to users
- サポート multiple payment methods - Offer local payment methods for better conversion
- Implement proper validation - Validate input before sending to API
- Save card details securely - Use platform-specific secure storage (Keychain, KeyStore)
Performance
- Cache public keys - Reduce initialization time by caching configuration
- Implement timeouts - Set reasonable timeouts for API calls
- Handle offline scenarios - Gracefully handle network failures
- Minimize API calls - Batch operations when possible
- Use background threads - Don't block the UI during API calls
テスト
All SDKs support testing with Omise test mode:
Test Cards
Successful: 4242424242424242
Failed: 4111111111111111
3D Secure: 4000000000000002
Test Configuration
// iOS
let config = Config(publicKey: "pkey_test_...")
// Android
val client = Client("pkey_test_...")
// Flutter/Dart
final omise = Omise(publicKey: 'pkey_test_...');
エラーハンドリング
All SDKs provide structured error handling:
// iOS
client.send(request) { result in
switch result {
case .success(let token):
// Use token
case .failure(let error):
// Handle error
print(error.localizedDescription)
}
}
// Android
client.send(request, object : RequestListener<Token> {
override fun onRequestSucceed(model: Token) {
// Use token
}
override fun onRequestFailed(error: Throwable) {
// Handle error
}
})
// Flutter
try {
final token = await omise.createToken(...);
// Use token
} catch (error) {
// Handle error
}
Migration Guides
Upgrading from v3.x to v4.x (Android)
The v4.x release includes breaking changes. See the Android SDK migration guide for details.
Upgrading from v4.x to v5.x (iOS)
The v5.x release adds Swift concurrency support. See the iOS SDK migration guide for details.
サポートed Payment Methods
| Payment Method | iOS | Android | Flutter | Dart |
|---|---|---|---|---|
| Credit/Debit Cards | ✓ | ✓ | ✓ | ✓ |
| インターネットバンキング | ✓ | ✓ | ✓ | ✓ |
| Mobile Banking | ✓ | ✓ | ✓ | ✓ |
| PromptPay | ✓ | ✓ | ✓ | ✓ |
| TrueMoney Wallet | ✓ | ✓ | ✓ | ✓ |
| Alipay | ✓ | ✓ | ✓ | ✓ |
| PayNow | ✓ | ✓ | ✓ | ✓ |
| DuitNow | ✓ | ✓ | ✓ | ✓ |
| GrabPay | ✓ | ✓ | ✓ | ✓ |
| Boost | ✓ | ✓ | ✓ | ✓ |
| ShopeePay | ✓ | ✓ | ✓ | ✓ |
Platform 要件
iOS SDK
- Xcode 13.0 or later
- Swift 5.5+ or Objective-C
- iOS 12.0 or later
- CocoaPods 1.10+ or SPM
Android SDK
- Android Studio Arctic Fox or later
- Kotlin 1.5+ or Java 8+
- Gradle 7.0+
- Android API Level 21+ (Android 5.0+)
Flutter SDK
- Flutter 2.0 or later
- Dart 2.12 or later
- iOS 12.0+ and Android API Level 21+
Dart SDK
- Dart 2.12 or later
- Server-side or CLI applications
Frequently Asked Questions
General Questions
Can I use these SDKs with React Native?
Yes, you can create native modules that wrap the iOS and Android SDKs. We don't currently provide an official React Native package, but the native SDKs can be integrated using React Native's native module system.
Do the SDKs support 3D Secure authentication?
Yes, all mobile SDKs support 3D Secure authentication. The SDKs will automatically handle the authentication flow when required by the card issuer.
Can I customize the UI components?
Yes, while the SDKs provide default UI components, you can also use the core APIs to build completely custom payment forms that match your app's design.
What happens if the network request fails?
The SDKs implement automatic retry logic with exponential backoff. If all retries fail, you'll receive an error that you can handle and present to the user.
Are the SDKs open source?
Yes, all Omise mobile SDKs are open source and available on GitHub under the MIT license.
How do I test my integration?
Use your test mode public key (starting with pkey_test_) and test card numbers. All API calls will be made to the test environment and no real charges will be created.
Security Questions
Where is card data stored?
Card data is only stored temporarily in memory during the tokenization process. Once a token is created, the card data is discarded. Tokens themselves are stored on Omise's secure servers.
Is it safe to store tokens on the device?
Yes, tokens are safe to store as they cannot be used directly without your secret key. However, ensure you use platform-specific secure storage (Keychain on iOS, KeyStore on Android).
Do I need to be PCI compliant when using these SDKs?
Using the SDKs significantly reduces your PCI compliance scope as card data never touches your servers. However, you should still follow PCI DSS best practices for handling tokens.
Can the SDKs work offline?
The SDKs require network connectivity to create tokens and sources. However, they can queue operations and retry when connectivity is restored.
Technical Questions
What's the difference between a token and a source?
Tokens represent credit/debit cards and can be charged immediately. Sources represent alternative payment methods (like internet banking) that require additional steps to complete the payment.
Can I charge a token directly from the mobile app?
No, tokens should always be charged from your server using your secret key. The mobile SDKs only use your public key and cannot create charges.
How long are tokens valid?
Tokens expire after a certain period (typically 30 minutes) if not used. Once used to create a charge or attach to a customer, they become permanently associated with that entity.
Can I use multiple public keys in one app?
Yes, you can initialize multiple client instances with different public keys if you need to support multiple Omise accounts.
サポート and Resources
Documentation
- iOS SDK Documentation
- Android SDK Documentation
- Flutter SDK Documentation
- Dart SDK Documentation
- API Reference
Code Examples
Community
Getting Help
If you encounter issues with any of the mobile SDKs:
- Check the SDK-specific documentation
- Review the changelog for breaking changes
- Search existing GitHub issues
- Contact support with your SDK version, platform details, and error messages
次のステップ
Choose your platform to get started:
- iOS SDK → - Build payments for iPhone and iPad
- Android SDK → - Integrate payments in Android apps
- Flutter SDK → - Create cross-platform payment solutions
- Dart SDK → - Build server-side integrations with Dart
For backend integration after tokenization:
- Charges API - Create charges from tokens
- Customers API - Save cards for future use
- Sources API - Handle alternative payment methods