Testing Card PreAuths

testing card preauths these scenarios do not include 3d secure 2 authentication testing see testing 3d secure 2 authentication docid\ bdcgiyqdm3mle ubxp1yr for 3d secure 2 authentication testing for your app card preauth and card token preauth scenarios (positive flow) important to consider yourpaymentreference is your unique reference for each transaction when making token preauths, yourconsumerreference must match the original reference when the token was initially created suggested test scenario expected outcome tip process a card preauth with the cv2/cvv security code included in the request this will check the cv2/cvv is valid for that card 200 successful the cv2 field check will be performed during the transaction process process a card preauth without the cv2/cvv security code included in the request declined the cv2 field check will not be performed during the transaction process process a card token preauth with the cv2/cvv security code included in the request this will check the cv2/cvv and card token are valid and match the stored card details 200 successful the cv2 field check will be performed during the transaction process when making token preauths, yourconsumerreference must match the original reference when the token was initially created process a card token preauth without the cv2/cvv security code included in the request 200 successful the cv2 field check will not be performed during the transaction process when making token preauths, yourconsumerreference must match the original reference when the token was initially created process a card preauth with the billing address information (cardaddress block) included in the request this will validate the billing address is registered to that card 200 successful ensure the cardaddress block has the correct fields address1 address2 town postcode required countrycode see country codes docid\ xze369mfk5uvosanzm8uo for the list of valid iso 3166 1 format country codes example cardaddress block "cardaddress" { "address1" "cardholder house", "address2" "1 cardholder street", "town" "cardholder town", "postcode" "ab1 2cd", "countrycode" 826, "state" "fl", }, to validate the card is registered to the correct post code, ensure the following permission on your sandbox api credentials is enabled enforce avs checks the default setting = disabled process a card preauth without the billing address information (cardaddress block) included in the request 200 successful process a card token preauth with the billing address information (cardaddress block) included in the request this will validate the billing address and card token are valid and match the stored card details 200 successful ensure the cardaddress block has the correct fields address1 address2 town postcode required countrycode see country codes docid\ xze369mfk5uvosanzm8uo for the list of valid iso 3166 1 format country codes example cardaddress block "cardaddress" { "address1" "cardholder house", "address2" "1 cardholder street", "town" "cardholder town", "postcode" "ab1 2cd", "countrycode" 826, "state" "fl", }, to validate the card is registered to the correct post code, ensure the following permission on your sandbox api credentials is enabled enforce avs checks the default setting = disabled when making token preauths, yourconsumerreference must match the original reference when the token was initially created process a card token preauth without the billing address information (cardaddress block) included in the request 200 successful when making token preauths, yourconsumerreference must match the original reference when the token was initially created process a card preauth using the different currencies you will be implementing on your app 200 successful if you do not provide a currency in the preauth request, the default value (gbp) will be sent ensure you have the correct currencies configured for your app process a card preauth for mcc 6012 merchants, with the primaryaccountdetails block included in the request it is mandatory for merchants who have an mcc code of 6012 to submit additional information about the primary account holder for payment pre authorisation for use by mcc 6012 merchants only 200 successful ensure you send the primaryaccountdetails block in your request name this is the surname accountnumber dateofbirth format yyyy mm dd postcode example primaryaccountdetails block "primaryaccountdetails" { "name" "smith", "accountnumber" "1234567890", "dateofbirth" "1980 01 01", "postcode" "ab1 2cd" } for more information on api credentials and permissions, see introduction docid\ s 8hoamytkgy13t0p657 test card data to simulate a successful preauth use the test cards docid obafnuc1umhk vihhs5d card preauth and card token preauth request parameters sandbox endpoint https //api sandbox judopay com/transactions/preauths http method post header parameters depending on how you integrate with judopay, you can authenticate requests by /paymentsession , or tokensecretauth the token and secret pair for more information, see authentication methods docid\ ylkw5coh5nqnfq3j wjk2 api version 6 23 for the latest version of the judopay transaction api, see transaction api reference docid\ bcxnm5keok nlnrztafut content type application/json accept application/json authorization method tokensecretauth in the authorization header supply basic { authstring } example basic txpfdpdrszwmsgk4djhxetpjbts4yjq5otdkzmo7ctk1yte0oweymdg1mmy3ywyyzweyztcwymqyzgy3o replace { authstring } with base64 encoding of api token api token (username) colon colon api secret (password) example mzpdkqk1mgi8v3ky mzpdkqk1mgi8v3ky y158n4732dfc7595a149a20381f7af2ea2e70gr6df794b8rnwc019cc5f799kk3 authorization method paymentsessionauthtoken for payment session authentication in the api token header supply the token used to authenticate the call to generate a payment session the payment session header value must also be supplied authorization method paymentsessionauthreference for payment session authentication in the payment session header supply the reference returned in the create payment session response the api token header value must also be supplied body parameters configuration property descriptions parameter description judoid string required required unique id supplied by judopay specific to a merchant and/or location format 100100100 maximum length 9 characters do not include spaces or dashes amount decimal required required the amount to process format two decimal places for currencies using a different structure please contact judopay for support currency string required required the currency of the transaction any iso 4217 alphabetic currency code gbp usd eur phonecountrycode string optional optional the country code of the consumer's phone format maximum length 3 characters only numbers allowed do not include special characters or spaces challengerequestindicator string optional optional indicates the type of challenge request you wish to apply values nopreference nochallenge no challenge required challengepreferred a challenge is preferred for this transaction challengeasmandate must challenge this transaction scaexemption string optional optional to apply for an exemption from sca, for a customer initiated transaction values trustedbeneficiary provides the cardholder the option to add the merchant to their trusted list transactionriskanalysis allows for certain remote transactions to be exempt from sca including low value transactions, provided a robust risk analysis is performed yourconsumerreference string required required unique reference to anonymously identify your customer advisable to use guids must be below 40 characters yourpaymentreference string required required your unique reference for this payment format maximum length 50 characters this value should be unique in order to protect your customers against duplicate transactions with a server side integration, if a payment reference is not supplied, the transaction will not be processed billingaddress object optional optional card holder's billing address if the billingaddress is provided, the postcode is required emailaddress string optional optional consumer’s valid email address it is recommended but not required for 3d secure 2 authentication mobilenumber string optional optional consumer’s valid mobile number format maximum length 15 characters only numbers allowed do not include special characters or spaces primaryaccountdetails object optional optional this is mandatory for merchants who have an mcc code of 6012 primary account holder details name this is the surname accountnumber dateofbirth format yyyy mm dd postcode initialrecurringpayment boolean optional optional indicates if this initial payment is part of a recurring payment card preauth request example { "cardnumber" 4111111111111111, "cv2" 123, "expirydate" "01/25", "cardaddress" { "address1" "cardholder house", "address2" "1 cardholder street", "town" "cardholder town", "postcode" "ab1 2cd", "countrycode" 826 }, "judoid" 100100100, "yourconsumerreference" "2b45fd3f cee5 4e7e 874f 28051db65408", "yourpaymentreference" "6482c678 cad3 4efd b081 aeae7a89a134", "yourpaymentmetadata" { "internallocationref" "example", "internalid" 99 }, "amount" 1 01, "currency" "gbp", "cardholdername" "john doe", "mobilenumber" 7999999999, "phonecountrycode" 44, "emailaddress" "test user\@judopay com", "shippingaddress" { "isbillingaddress" true }, "threedsecure" { "authenticationsource" "browser", "methodnotificationurl" "https //api sandbox judopay com/order/3ds/methodnotification", "challengenotificationurl" "https //api sandbox judopay com/order/3ds/challengenotification", "methodcompletion" false, "challengerequestindicator" "challengeasmandate" } } card token preauth request example { "yourconsumerreference" "2b45fd3f cee5 4e7e 874f 28051db65408", "yourpaymentreference" "34a73594 f3b2 414c a5c9 58679530b418", "judoid" 100502814, "amount" 5 00, "cardtoken" "sof xfmzmenor sj9mtrcvrxhw", "cv2" "838" } response example { "receiptid" "914568453493526528", "yourpaymentreference" "34a73594 f3b2 414c a5c9 58679530b418", "type" "preauth", "createdat" "2022 11 28t17 28 32 0996+00 00", "result" "success", "message" "authcode 5", "judoid" 100502814, "merchantname" "shodan cybersource routing", "appearsonstatementas" "apl /shodancybersourcero", "originalamount" "5 00", "netamount" "5 00", "amount" "5 00", "currency" "gbp", "acquirertransactionid" "7016984508", "externalbankresponsecode" "0", "authcode" "5", "carddetails" { "cardlastfour" "1111", "enddate" "1222", "cardtoken" "oalxtkjeig9mjttenupfngnzog62ryt9", "cardtype" 1, "cardscheme" "visa", "cardfunding" "credit", "cardcategory" "", "cardcountry" "us", "bank" "jpmorgan chase bank, n a " }, "billingaddress" { "address1" "32 edward street", "address2" "camborne", "town" "cornwall cowrnwall", "postcode" "tr14 8pa", "countrycode" 426 }, "consumer" { "yourconsumerreference" "cv2 test" }, "risks" { "postcodecheck" "unknown", "cv2check" "unknown", "merchantsuggestion" "allow" } } if your request was successful, you will receive a code 200 and a receiptid a receiptid is judopay's unique reference for the transaction it is used to process refunds or cancellations and to help us investigate any issues with the transaction card preauth scenarios (negative flow) declines can occur for various reasons, it can be impossible to simulate all the negative flows in a sandbox environment important to consider how your app handles negative flows your customer's experience should a negative flow occur logic to communicate error messages customise how your app responds how to maintain application consistency to simulate an unsuccessful flow , use the following test card details card type card name card number expiry date start date cv2 address visa ian lee 4221690000004963 12/22 01/18 125 274 grove street, rayvale, vertland vt22 6jn follow our suggested guidelines to simulate negative scenarios, to test your app’s error handling suggested negative test scenario expected error code error description attempt a preauth with an invalid cv2 74 the cv2 entered is invalid attempt a preauth with a missing cv2 the sandbox token has cv2 enabled, the payment request has an empty cv2 field 31 sorry, you've not supplied the 3 digit card security code please check your details and try again this is a codes and descriptions docid zrsihomuew xnrq4pbtj attempt a preauth with insufficient funds in the account declined card declined simulate an error resulting from invalid data attempt a preauth with an incorrect card number entered 166 unable to process transaction no record of card number found by 3ds server attempt a preauth with an invalid card expiry month = 14 161 sorry, but the card expiry date must be in the future attempt a preauth using the incorrect card token 70 sorry, but it looks like the card token specified is not valid please check your details and try again simulate an error resulting from incorrect api credentials attempt a preauth using the incorrect judoid 77 judo id not found, please check the judo id attempt a preauth with the incorrect currency entered for the specified transaction 72 sorry, we're currently unable to route this transaction please check your account details and try again if this issue persists, please contact customer services this is a codes and descriptions docid zrsihomuew xnrq4pbtj where the codes remain fixed, the descriptions may change you should not build any error handling logic based on these descriptions for a list of possible error codes, types and descriptions, seesee codes and descriptions docid zrsihomuew xnrq4pbtj next steps using the successful preauth test transactions, you can test the following scenarios testing voids docid\ dmbakskjll551suxqipum testing collections docid\ yvjgzt2gxwbdxm3m0wemu