Table of Contents

Testing Guide

This page is intended to guide you through the best practices for testing your integration with .


Test environment

Make sure all the testing is done against one of our sandbox accounts. Testing on a live account can cause problems such as:

  1. Unnecessary downtime
  2. Live transaction corruption/loss
  3. Chargebacks
  4. PCI DSS implications

Setting up the test environment

You should ensure that your test environment is configured as close as possible to your live environment, particularly:

  1. Web server (IIS/Apache) version
  2. Web server configuration, especially the language interface (PHP/ASP etc.) and session timeout
  3. Database connectivity
  4. Firewall
  5. Latest versions of our shopping carts and SDKs

Background validation

If you're using our Hosted Pages solution, you should seriously consider implementing Background Validation.

With background validation you can provide a webhook to which our host will send the result of every transaction in addition to the response you already get from the page. This ensures that your order system accurately reflects the transaction result even in the case where the cardholder redirect fails.

Security concerns

The PCI DSS states that you should never use live cards in a test environment, otherwise this environment is also subject to PCI audit and DSS rules.

cannot be held accountable for live cards being put through our test systems and sandbox accounts.

What to test

All cases

  1. Host is unavailable (i.e. use invalid sandbox URL)
  2. Incorrect parameters in the request
  3. The hash string sent by the gateway in the response is properly validated
  4. Make sure your application is able to handle the different types of responses
  5. Refreshing the receipt page does not re-perform the transaction/resend the receipts
  6. PCI DSS guidelines are met in all scenarios
  7. All required currencies are processed correctly

Per integration method

Hosted Payment Page

  1. Customer doesn't complete transaction (e.g. closes browser window)
  2. The Receipt Page URL is misconfigured in your terminal
  3. Customer takes over 60 mins to complete transaction
  4. Simultaneous transactions do not interfere with each other
  5. Background validation is successful for all transactions and responses, if applicable

REST API

  1. API Key is valid
  2. Access tokens are re-generated before they expire
  3. Only digits with no spaces are sent into Card number/CVV fields
  4. Host returns a Bad Request error due to incorrect content in the JSON request
  5. Host returns an Unprocessable Entity error to indicate a business rule or constraint violation

When using shopping carts

Testing will be quite specific depending on the shopping cart and plug-in being used. You should cover all the relevant test above for your integration method, even though the functionality is obscured by the plug-in you are using, the issues outlined above can still occur.

Other shopping cart issues that should be tested are:

  1. Only digits with no spaces are sent into Card number/CVV fields
  2. Order status is updated correctly in shopping cart
  3. Customer e-mails are populated correctly
  4. Customers get the right number of e-mails (our host may also send an e-mail to the customer depending on the plug-in)
  5. Session timeouts do not cause transactions to be dropped
  6. Transactions over 1,000 and 1,000,000 Euro/Pounds/Dollar etc. are handled correctly

Testing resources

Sandbox

Initial testing doesn't require a dedicated test account, you can use our sandbox to get started. Ready to play around? Sign up for a sandbox account.

Credit Cards

Test cards that can be used on our host are:

Advanced solutions

For large merchants, will be happy to provide you with specialized test scripts and help with any struggle you may go through during integration. Feel free to contact our team of experts.