For users running Chrome 80 and higher, Chrome is enforcing a secure-by-default cookie classification system, treating cookies that have no declared SameSite value as SameSite=Lax cookies. Only cookies set as SameSite=None; Secure will be available in third-party contexts, provided they are being accessed from secure connections. Do note that the SameSite field is not yet widely supported in older browsers, as well as Safari and Firefox.
After we noticed our merchants were experiencing issues, we immediately flagged it with Magento in their GitHub issue. A few weeks ago Magento made us aware they expect some changes from Adyen’s side, which our developers have now released. Magento is also going to provide the possibility for developers to configure the SameSite Cookie type for each cookie variable. This possibility will be added in a future release of theirs.
In our new release (6.5.0) we pass the extra redirect parameters redirectFromIssuerMethod, redirectToIssuerMethod and returnUrl to the /payments request so that Adyen returns the response via GET and not POST, avoiding the SameSite check.
If you want to test your solution fully but are unable to see the warnings, you have to enable the experimental flags, which can be found on chrome://flags, and set all the functions named "SameSite" to "Enabled".
We highly recommend you to upgrade your Magento 2 version to the released 6.5.0. in order to resolve the SameSite Cookie issue. If you cannot upgrade to this release (which we do recommend), you can implement the following commit of the patch.