Certificates embedded in Adyen3DS2 are close to expiring

[krudos]

i am getting this message on ios console

Certificates embedded in Adyen3DS2 are close to expiring. Please update to the latest available version as soon as possible.

i am importing the library with cocoapod using 'Adyen3DS2', '2.1.0-rc.5'

[mohammedDehairy]

Hi @krudos ,

Thanks for reaching out.

I am afraid this message is a bit misleading, actually the nearest date any embedded certificate would expire is June 24th, 2022, we show this message two years before the earliest date one of the embedded certificates would expire.

By then we would have made numerous updates, and we'll keep the embedded certificates up to date.

[mohadian]

Hi @mohammedDehairy

I am getting the same warning message, it is a bit of relief to know what you mentioned however I was wondering if you could clarify what is expected from us (developers who are using Adyen SDK)

we are using Adyen '3.7.0' and upgrading to version 4+ require some changes from our backend team as well ( changes to the API), I was wondering if you could clarify when is the deadline you are expecting us to migrate to the 4+?

Thanks Mostafa

[mohammedDehairy]

Hi @mohadian ,

The embedded VISA certificate is expiring in June next year, we have updated the VISA certificate in the latest 3DS2 SDK (2.2.4), and we're planing to update the 3DS2 SDK dependency to 2.2.4 in components/DropIn this week.

• We'll release 4.4.0 with the latest 3DS2 SDK (2.2.4)
• We'll release also 3.8.7 with the latest 3DS2 SDK (2.2.4)

so after we release those two versions, its imperative to upgrade to one of those two versions ASAP.

I'll post here when the two new versions are released.

BTW, the old certificate will still be there for backward compatibility, so even with 3DS2 SDK (2.2.4), you're going to still see the warning.

[mohadian]

Hi @mohammedDehairy

If I am not mistaken the 3.9.0 and 4.4.0 are using 3DS 2.2.4

To confirm: what would be the impact of not updating the Adyen SDK to those two versions? would the 3DS check fail?

[mohammedDehairy]

Hi @mohadian ,

Yes the 3.9.0 and 4.4.0 are using 3DS 2.2.4.

And the risk is that SDK versions pre-2.2.4 has an expired VISA certificate, so when VISA finally discontinue the certificate , VISA transactions that go through 3DS2 will fail.

[dovhoang]

Hi @mohammedDehairy

I am using Adyen '4.7.3' and the latest 3DS2 '2.2.6' and getting the same warning message. I think the certificate needs to update.

2022-08-04 16:35:21.262787+0700 Runner[25007:5737110] [WARNING] One or more of the certificates embedded in Adyen3DS2 will expire on June 24th 2022. To make sure you have the latest certificates, always upgrade to the latest SDK version to ensure you have the latest certificates. We'll make sure the certificates are updated well before the mentioned date.

Thanks, Hoang

[mohammedDehairy]

@viethoang093 thanks for reaching out.

2.2.6 has the latest certificates, this message is unfortunately misleading and we'll remove it with the next release. But you can ignore it for now. Sorry for the confusion.

Mohamed

[mohammedDehairy]

Will close this issue due to lack of activity, please feel free to reopen if you still need our help regarding this issue.