7. Sandbox Testcases¶

The sandbox contains a list of test cases meant to assist you in implementation. More testcases can be added on demand.

It is also the intension that you can use the sandbox for automatic integration testing of your service. We will not modify individual test cases and will deprecate them with a sufficient grace period, if need be.

The 3-D Secure server sandbox validates input according to the specification.

7.1. Generic Tests¶

Test	Trigger PAN	What’s being tested in your system
Card not enrolled	`9000100111111111`	Handling not enrolled response. This test only involves the preauth call.

7.2. Browser Tests¶

These tests involve deviceChannel: 02. This must be set in all authentication requests.

For all these tests:

Perform the preauth call.
Execute the 3DS Method if available.
Perform a regular auth request. Use the same acctNumber as used in the preauth call.
Fetch the challenge result using the postauth endpoint if relevant.

The /auth browser example input is usable for all cases. Just change the acctNumber or purchaseAmount where needed.

Message Version `2.1.0`¶

These tests have a preauth response with acsEndProtocolVersion: 2.1.0. This means your system should automatically fall back to using verson 2.1.0.

Sending messageVersion: 2.2.0 with these PANs will result in an error.

Browser testcases¶
Testname	Trigger PAN	Success criteria	What’s being tested in your system
3DS Method timeout	`9000100411111111`	`ARes` with `transStatus: Y`	The `threeDSCompInd` being set correctly
Frictionless 3DS Method	`9000100511111111`	`ARes` with `transStatus: Y`	Frictionless authentication with 3DS Method
Frictionless no 3DS Method	`9000100611111111`	`ARes` with `transStatus: Y`	Frictionless authentication without 3DS Method
Manual challenge	`9000100811111111`	`RReq` with `transStatus: Y` or `N`	Challenge authentication with 3DS method
Automatic Challenge pass	`9000100911111111`	`RReq` with `transStatus: Y`	Successful challenge authentication with 3DS method The challenge will auto-submit using JavaScript
Automatic Challenge fail	`9000101011111111`	`RReq` with `transStatus: N`	Failed challenge authentication with 3DS Method The challenge will auto-submit using JavaScript
Automatic Challenge pass	`9000101111111111`	`RReq` with `transStatus: Y`	Successful challenge authentication without 3DS method The challenge will auto-submit using JavaScript
Frictionless `N`	`9000105001111111`	`ARes` with `transStatus: N`	Frictionless authentication failure
Frictionless `U`	`9000105041111111`	`ARes` with `transStatus: U`	Frictionless authentication failure
Frictionless `R`	`9000105071111111`	`ARes` with `transStatus: R`	Frictionless authentication failure
Frictionless `A`	`9000105611111111`	`ARes` with `transStatus: A`	Frictionless authentication attempt
Frictionless `cardholderInfo`	`9000105111111111`	`ARes` with `transStatus: N`	Correctly displaying `cardholderInfo` to the cardholder
DS Timeout	`9000105311111111`	`Erro` with `errorCode: 405`	Correct handling of DS timeout

Message Version `2.2.0`¶

These tests have a preauth response with acsEndProtocolVersion: 2.2.0. If your system supports version 2.2.0, you can use these testcases to verify that your system automatically upgrades to version 2.2.0.

Sending messageVersion: 2.1.0 with these PANs will result in an error.

Browser testcases¶
Testname	Trigger PAN	Success criteria	What’s being tested in your system
3DS Method timeout	`9001100411111111`	`ARes` with `transStatus: Y`	The `threeDSCompInd` being set correctly
Frictionless 3DS Method	`9001100511111111`	`ARes` with `transStatus: Y`	Frictionless authentication with 3DS Method
Frictionless no 3DS Method	`9001100611111111`	`ARes` with `transStatus: Y`	Frictionless authentication without 3DS Method
Manual challenge	`9001100811111111`	`RReq` with `transStatus: Y` or `N`	Challenge authentication with 3DS method
Automatic Challenge pass	`9001100911111111`	`RReq` with `transStatus: Y`	Successful challenge authentication with 3DS method The challenge will auto-submit using JavaScript
Automatic Challenge fail	`9001101011111111`	`RReq` with `transStatus: N`	Failed challenge authentication with 3DS Method The challenge will auto-submit using JavaScript
Automatic Challenge pass	`9001101111111111`	`RReq` with `transStatus: Y`	Successful challenge authentication without 3DS method The challenge will auto-submit using JavaScript
Frictionless `N`	`9001105001111111`	`ARes` with `transStatus: N`	Frictionless authentication failure
Frictionless `U`	`9001105041111111`	`ARes` with `transStatus: U`	Frictionless authentication failure
Frictionless `R`	`9001105071111111`	`ARes` with `transStatus: R`	Frictionless authentication failure
Frictionless `A`	`9001105611111111`	`ARes` with `transStatus: A`	Frictionless authentication attempt
Frictionless `cardholderInfo`	`9001105111111111`	`ARes` with `transStatus: N`	Correctly displaying `cardholderInfo` to the cardholder
DS Timeout	`9001105311111111`	`Erro` with `errorCode: 405`	Correct handling of DS timeout

Scheme test PANs¶

To allow for integration testing with your authorization system, three different PANs exist in the sandbox.

These cards support versions 2.1.0 and 2.2.0. You need to force 2.1.0 if your system automatically upgrades to 2.2.0.

Scheme PAN testcases¶
Testname	Trigger PAN	Trigger Amount	Success criteria
Manual Challenge	`2221000000000009` `4111111111111111` `5500000000000004`	`20000`	`RReq` with `transStatus` `Y` or `N`
Frictionless `Y`	`2221000000000009` `4111111111111111` `5500000000000004`	`20001`	`ARes` with `transStatus` `Y`
Frictionless `N`	`2221000000000009` `4111111111111111` `5500000000000004`	`20002`	`ARes` with `transStatus` `N`
Frictionless `A`	`2221000000000009` `4111111111111111` `5500000000000004`	`20003`	`ARes` with `transStatus` `A`
Automatic challenge pass	`2221000000000009` `4111111111111111` `5500000000000004`	`20004`	`RReq` with `transStatus` `Y`
Automatic challenge fail	`2221000000000009` `4111111111111111` `5500000000000004`	`20005`	`RReq` with `transStatus` `N`

7.3. 3RI Tests¶

These tests involve deviceChannel: 03. This must be set in all authentication requests. The /auth 3RI example input is usable for all cases. Just change the acctNumber where needed.

For all these tests: Perform a regular auth request. The /preauth call is optional. Any threeDSServerTransID received from it will not be used in a final 3DS Requestor Initiated transaction.

Message Version `2.1.0`¶

Sending messageVersion: 2.2.0 with these PANs will result in an error.

Browser testcases¶
Testname	Trigger PAN	Success criteria	What’s being tested in your system
Frictionless `Y`	`9000110511111111`	`ARes` with `transStatus: Y`	Correctly sending a 3RI request
Frictionless `A`	`9000110611111111`	`ARes` with `transStatus: A`	Correctly sending a 3RI request
Frictionless `U`	`9000110711111111`	`ARes` with `transStatus: U`	Correctly sending a 3RI request
Frictionless `R`	`9000110811111111`	`ARes` with `transStatus: R`	Correctly sending a 3RI request

Message Version `2.2.0`¶

Sending messageVersion: 2.1.0 with these PANs will result in an error.

Browser testcases¶
Testname	Trigger PAN	Success criteria	What’s being tested in your system
Frictionless `Y`	`9001110511111111`	`ARes` with `transStatus: Y`	Correctly sending a 3RI request
Frictionless `A`	`9001110611111111`	`ARes` with `transStatus: A`	Correctly sending a 3RI request
Frictionless `U`	`9001110711111111`	`ARes` with `transStatus: U`	Correctly sending a 3RI request
Frictionless `R`	`9001110811111111`	`ARes` with `transStatus: R`	Correctly sending a 3RI request

7. Sandbox Testcases¶

7.1. Generic Tests¶

7.2. Browser Tests¶

Message Version 2.1.0¶

Message Version 2.2.0¶

Scheme test PANs¶

7.3. 3RI Tests¶

Message Version 2.1.0¶

Message Version 2.2.0¶

Message Version `2.1.0`¶

Message Version `2.2.0`¶

Message Version `2.1.0`¶

Message Version `2.2.0`¶