7. Sandbox Testcases¶
The sandbox contains a list of test cases meant to assist you in implementation.
It is also the intension that you can use the sandbox for automatic integration testing of your service. We will not modify individual test cases. If need be, we can deprecate them with a sufficient grace period.
The 3-D Secure server sandbox validates input according to the specification.
7.1. Generic Tests¶
Test |
Trigger PAN |
What’s being tested in your system |
|---|---|---|
Card not enrolled |
|
Handling not enrolled response. This test only involves the preauth call. |
7.2. Browser Tests¶
These tests involve deviceChannel: 02. This must be set in all
authentication requests.
- For all these tests:
Perform the preauth call.
Execute the 3DS Method if available.
Perform a regular auth request. Use the same
acctNumberas used in thepreauthcall.Fetch the challenge result using the postauth endpoint if relevant.
The /auth browser example input is usable for all
cases. Just change the last four digit in acctNumber where needed.
Message version¶
This section determines the outcome of the preauth. The response is with
acsEndProtocolVersion: 2.1.0 and/or acsEndProtocolVersion: 2.2.0. This means your system should automatically
be able to determine messageVersion.
Sending a wrong messageVersion will result in an error.
Read 3-D Secure Version Determination.
First digit |
PAN last 4 |
Description |
Requirements |
|---|---|---|---|
0 |
0xxx |
Range messageVersion 2.1 and 2.2 |
n/a |
1 |
1xxx |
messageVersion 2.1 |
n/a |
2 |
2xxx |
messageVersion 2.2 |
n/a |
3DS Method¶
If 3DS Method URL is included in the preauth endpoint response, the 3DS method must be invoked as explained in this guide 3DS Method Invocation.
Read 3DS Method failure if the 3DS method has a timeout.
Second digit |
PAN last 4 |
Description |
Requirements |
|---|---|---|---|
0 |
x0xx |
With 3DS method included |
n/a |
1 |
x1xx |
With 3DS method missing |
n/a |
2 |
x2xx |
With 3DS method timeout |
n/a |
ARes outcome¶
This section determines the outcome of the ARes.
Read Auth usage to understand the flow.
Third digit |
PAN last 4 |
Description |
Requirements |
|---|---|---|---|
0 |
xx03 |
Frictionless transStatus Y |
n/a |
1 |
xx13 |
Frictionless transStatus N |
n/a |
2 |
xx23 |
Frictionless transStatus A |
n/a |
3 |
xx33 |
Frictionless transStatus R |
n/a |
4 |
xx43 |
Frictionless transStatus I |
only supported with messageVersion 2.2 |
5 |
xx53 |
Frictionless transStatus U |
n/a |
6 |
xx63 |
DS timeout |
n/a |
7 |
xx7x |
transStatus C |
Complete the Challenge flow |
Challenge flow¶
This section determines the outcome of the challenge flow.
The challenge flow must be invoked as explained in this guide Challenge flow guide.
After the challenge flow invoke /postauth to fetch the challenge result.
Read postauth usage for understanding how to fetch challenge result.
Fourth digit |
PAN last 4 |
Description |
Requirements |
|---|---|---|---|
0 |
xx70 |
Challenge flow automatically passes transStatus Y |
transStatus C in ARes see ARes outcome |
1 |
xx71 |
Challenge flow automatically fails transStatus N |
transStatus C in ARes see ARes outcome |
2 |
xx72 |
Manual challenge with transStatus Y or N |
transStatus C in ARes see ARes outcome |
7.3. Error¶
If the last four digits do not match any of the given test cases above, an error will be given.
7.4. Browser Examples¶
Testname |
PAN example |
PAN last 4 |
Success criteria |
What’s being tested in your system |
|---|---|---|---|---|
3DS Method timeout |
|
|
|
The |
Frictionless 3DS Method |
|
|
|
Frictionless authentication with 3DS Method |
Frictionless no 3DS Method |
|
|
|
Frictionless authentication without 3DS Method |
Manual challenge |
|
|
|
Challenge authentication with 3DS method |
Automatic Challenge pass |
|
|
|
Successful challenge authentication with 3DS method The challenge will auto-submit using JavaScript |
Automatic Challenge fail |
|
|
|
Failed challenge authentication with 3DS Method The challenge will auto-submit using JavaScript |