• Save
Payment gateway testing
Upcoming SlideShare
Loading in...5

Like this? Share it with your network


Payment gateway testing






Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds


Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Payment gateway testing Presentation Transcript

  • 1. How to test Payment Gateway functionality S.No. Check Points 1 Gather appropriate test data for the dummy credit card numbers and sand box accounts. 2 Status Gather payment gateway documents with error codes – useful it if any error came during testing to identify whether it’s our application fault or payment gateway related error. 3 Understanding of the integration of the payment gateway with application. 4 Understand and test the parameters and sessions passed through payment gateway and application. 5 Understand and test the amount related information passed through query string or session or variables in any form. 6 Check the format of the amount with currency format. 7 Check the language of the application and payment gateway language. 8 Test after successful payment all the necessary data retrieved to our application or not. 9 Check what happens if payment gateway goes down during the payment process. 10 Check what happens if payment process went successful but do not return to our application. 11 Check what happens if session goes time out during the payment process. 12 Check what happens in backend during the payment process is the session data stored in temporary table or any id is generated or not? 13 Check what happens if payment process is fail. 14 Verify DB entries for the transaction whether they store credit card details and all or not. 15 Verify DB entries for the amount related fields in database for the fresh transaction, modified transaction and canceled transaction. 16 Verify error page during payment gateway process. 17 Verify security passes for the transaction. Payment Gateway Page 1
  • 2. Payment Gateway Workflow Payment Gateway Page 2
  • 3. Payment Gateway Terminology Acquirer/Acquiring Bank/Merchant Bank is a financial company/bank that will process credit/debit card transactions on behalf of you from a customer visiting your site. As a merchant you've an account with Acquiring bank. CCAvenue/EBS/ICICI Payseal can be taken as an acquirer bank. API (Application Programming Interface): APIs provide users with pre-existing interfaces to program against which allows rapid and standardized application development. Application Service Provider (ASP) is a business which provides computer based services to its customers over network (especially internet). Most commonly it is used with customers accessing services from a server using client browsers like Internet Explorer. An example would be IRCTC server will be an ASP for you as a customer. Authorization: The approval or guarantee of funds given by the Card Issuer to the Acquirer. BIN (Bank Identification Number): The six-digit number assigned by Visa and MasterCard to identify a member (Issuer or Acquirer) or processor for authorization, clearing or settlement processing. Business to Business (B2B) is E-Commerce that happens among business is called B2B. Business to consumer (B2C) is E-Commerce that occurs between consumers and business entities are called a B2C for example a customer buying from your site. Brick and mortar business are those ECommerce stores which have a physical store which is exactly opposite of an (internet) online store. Batch Is the processing of all your transactions from merchant account and settlement which will show your total earnings or loss (in case of chargebacks). Payment Gateway Page 3
  • 4. Card Issuer is financial institution that issues the payment card to the Cardholder. Cardholder: Customer associated with the primary account number (or an additional authorized user) that requests a transaction from a merchant. CVV (Card Verification Value): Term for 3-digit code in signature panel to verify that the card is in the cardholder’s possession. Card refers to a plastic card with some magnetic coded information from brands like Visa, MasterCard, American Express, Diner’s Club, Discover and JCB and which allows one to use them at various ATM’s and online worldwide. Card Association is the network of all banks (i.e., both payment gateways and issues banks) that process plastic cards of various brands like VISA, MasterCard, Discover, American Express and others. Credit Card Processor allows a payment gateway merchant to accept all sorts of cards for online money payment, including net banking. It is a third party company used by your payment gateway( eg CCAvenue) which negotiates customer financial transactions with banks and card associations(VISA, MasterCard etc.) and inform the merchant of payment success/failure through the payment gateway used. Some providers can themselves be Card Processor like AlertPay or 2Checkout. Capture operation further validates it and confirms the purchase of product and start of dispatch of product to the customer creating billable transaction in Merchant's account. If after authorization, Capture is not done by merchant within specified period then the transaction is reversed as if it had never occurred and the amount credited back to customer's credit/debit card account. Till the time the transaction has not be Captured, the customer's transaction amount will not be reflected in her credit card account. Discount Rate/Transaction Discount Rate (TDR) is total fees retained/charged by the payment gateway from the merchant for each transaction. It can be fixed percentage or fixed amount. The largest component of TDR is the interchange fee. E-commerce is buying and selling of products/services online using internet. Payment Gateway Page 4
  • 5. HTTP (Hypertext transfer protocol) is a networking protocol to transfer unsecured information, used especially between a web server and client browser Interchange fee is a term used in payment gateway industry and refers to fee charged by the issuing bank. For example if you use your ICICI debit card at HDFC ATM then, ICICI will pay interchange fee to HDFC for using its ATM. IVR (Interactive voice response) is a technology for computers to recognize human voice so as to process for example credit card entered by a customer. Merchant: Seller of products or services. Merchant Agreement: Contract between a Merchant and Acquirer that outlines payment processing rights and responsibilities. MID (Merchant Identification Number/Merchant ID): Unique number assigned by an Acquirer to identify a specific merchant. MasterCard is a payment technology based company with head office in New York and which facilitates electronic funds transfers from Credit/Debit/Prepaid cards across the world. Like Visa the financial institutions/acquirer banks need to abide by its rules like transaction security. Merchant Account is a type of account that allows receiving various types of payments - credit card/debit card/net banking/prepaid card etc. from your customers. You’ll need to pay TDR over the received payments. You’ve visited this site as you’re looking for a merchant account. MOTO is a short form of Mail Order/Telephone Order credit card charging processing and occurs without physical presence of credit card. In MOTO there are three ways you can charge your customer’s credit card: using Touch Tone, POS software and Virtual Terminal Payment Gateway is an Ecommerce online transaction processing platform/interface which allows a merchant (you) to receive payment online from customers using various types of cards and net banking facilities. Point of Sale (POS), Point of Purchase (POP), and Checkout is location where transaction occurs. Payment Gateway Page 5
  • 6. POS Terminal is hardware and software used for Checkouts. For example you swipe-in your card in POS Terminal at any shop for payment. POS Software is specialized software available on the merchant’s PC so that he/she can key-in and charge credit card of a customer directly from his/her keyboard. Payment Card Industry Data Security Standard (PCI DSS) is a security standard to handle customer and card data during financial transaction of various credit/debit/prepaid and other cards. It aims to reduce credit card frauds. PCI DSS compliance is must for all companies which store/process secured payment data like card information. PIN (Personal Identification Number): A cardholder’s secret identification number that completes an online debit transaction. Smart Card: A payment card with a built in chip to store information. SSL (Secured Socket Layer) is a protocol which provides secured way to transmit data between two softwares on a network or internet, without any risk of interception. You don’t need SSL but if the payment interfaces from for example PayPal, CCAvenue will work only in SSL. TID (Terminal Identification Number): Number that identifies a merchant to the front-end network. A unique number is assigned to each POS terminal. Refund is return of money paid to the customer by the merchant. Reversal is done before settlement wherein the merchant undoes the transaction as if it never occurred. VISA is a payment technology based company with head office in California and which facilitates electronic funds transfers from Credit/Debit/Prepaid cards across the world. The financial institutions/acquirer banks need to abide by the Visa rules like transaction security, not allowing charging surcharge when receiving payments via Visa card. Payment Gateway Page 6