Known Issues in Android 4.4

Paysafe Android SDK supports Android version 4.4 and above. However there are some known issues that occur only on Android 4.4 and are not handled by the SDK. You should consider resolving them in your application.

Update your security provider

Under the curtains Paysafe Android SDK uses secure connections to backend services. Android relies on a security provider to provide this secure communication. The default security provider in Android 4.4 has some vulnerabilities and you must update it.

private void updateSecurityProvider() {
    ProviderInstaller.installIfNeededAsync(context, new ProviderInstaller.ProviderInstallListener() {

        @Override
        public void onProviderInstalled() {
            // Provider is up-to-date, app can make secure network calls and use Paysafe Android SDK
        }

        @Override
        public void onProviderInstallFailed(int errorCode, Intent intent) {
            GoogleApiAvailability availability = GoogleApiAvailability.getInstance();
            if (availability.isUserResolvableError(errorCode)) {
                // Recoverable error. Show a dialog prompting the user to
                // install/update/enable Google Play services.
                availability.showErrorDialogFragment(
                    context,
                    errorCode,
                    ERROR_DIALOG_REQUEST_CODE,
                    new DialogInterface.OnCancelListener() {
                       @Override
                       public void onCancel(DialogInterface dialog) {
                         // The user chose not to take the recovery action, notify the user
                       }
                    });
            } else {
                // Google Play services is not available, notify the user
            }
        }
    });
}

It is mandatory to update the security provider before you create instance of PaysafeApiClient. Good place to do it is in your Application.onCreate() method.

For more information refer to the official documentation: Update your security provider to protect against SSL exploits

Notify the user to turn on Location Services

If the user has turned off his Location Services and your app declares one of the following permissions in AndroidManifest.xml:

You should make sure the user has turned on his Location Services before creating an instance of ThreeDSecureService

private void checkLocationServicesEnabled() {
    LocationManager lm = (LocationManager) context.getSystemService(Context.LOCATION_SERVICE);
    if (lm != null && !lm.isProviderEnabled(LocationManager.GPS_PROVIDER)) {
        context.startActivity(new Intent(Settings.ACTION_LOCATION_SOURCE_SETTINGS))
    }
}

This step is necessary, because if the Location Services are not turned on before creating an instance of ThreeDSecureService the initialization would fail with NullPointerException. This is a known issue and we are working to fix it.

Did you find this page useful?