Migrating from com.cashfree.pg:android-sdk to com.cashfree.pg:api

This document is for merchants who are migrating from the deprecated SDK to the newer SDK

implementation 'com.cashfree.pg:android-sdk:1.7.28' 


implementation 'com.cashfree.pg:api:2.0.0'

We have released our latest version 2.0.+ to make our integration more secure for merchants and customers to use. In the this latest version, we have revamped the integration method for using our pre-built checkout and made some changes in our SDKs.

Following are the key changes made in the latest version. Please check respective pages for detailed changes.

  1. Create Order API Change

We have deprecated the use of cftoken generation API and introduced the new Create Order API.

In the new integration, merchant's backend will create the order and pass on the payment_session_id to the SDK to initiate payment whereas in the old version cftoken was generated by the backend which will be used by the SDK to create order and process payment for it.

  1. New Android SDK

The new SDK comes with a lot of security enhancements and extra configuration options.

  1. Sample Code
    Going forward, all SDKs will use payment_session_id instead of order_token to complete the payment.
CFSession cfSession = new CFSession.CFSessionBuilder()
CFTheme cfTheme = new CFTheme.CFThemeBuilder()
CFDropCheckoutPayment cfDropCheckoutPayment = new CFDropCheckoutPayment.CFDropCheckoutPaymentBuilder()
CFPaymentGatewayService.getInstance().doPayment(this, cfDropCheckoutPayment);
  1. Whitelisting the application package names.

The newer versions of our SDK comes with a lot of security enhancements and one of them is application package check. You can check step-by-step process of making whitelisting request here.

  1. Application Integrity

The latest versions of our Android SDK(1.1.0 and newer) comes with Play Integrity API integration which prevents applications from using our payment features if the application is distributed outside of playstore. This enables us to protect our merchants from potentially risky and fraudulent interactions, such as cheating and unauthorized access, allowing us to respond with appropriate actions to prevent attacks and reduce abuse.

Apps on Google Play

In the Play Console, navigate to the Release section of the left menu. Go to Setup > App integrity. Select the Integrity API tab and enable it.


Apps distributed outside Google Play Store

If your application is distributed outside of the play store get in touch with your account manager or write an email to [email protected].