Testing SaveCard

testing savecard these scenarios do not include 3d secure 2 authentication testing see testing 3d secure 2 authentication docid\ bdcgiyqdm3mle ubxp1yr for 3d secure 2 authentication testing for your app savecard scenarios (positive flow) use savecard if you do not want to perform a pre authorisation check on a customer's account savecard stores the card details and tokenises the card number into an encrypted string during the savecard request flow, judopay validates the fields in the request model before storing the card details and tokenising the card number if the request fails these checks, for example due to an incorrect field value, or the field has been incorrectly formatted, you will receive a model error response for more information, see codes and descriptions docid zrsihomuew xnrq4pbtj the cardtoken is not validated by the issuer, until it is used in a payment or preauth request important to consider savecard involves storing the following card details cardnumber cardexpirydate cv2 tokenises the card number into an encrypted string the savecard request is not processed through the 3d secure 2 flow and is not authenticated for a request to follow the 3d secure 2 authentication flow, use testing checkcard docid 3ssysze0atrwujrqsiqov instead you cannot use the receiptid from the savecard response for merchant initiated transactions this is due to the savecard request not being validated by the issuer for more information on the merchant initiated transaction flow, see testing merchant initiated transactions docid\ gb1c oqbh7uuw8rzusawt savecard does not validate the card or account, as the request does not go to the payment gateway suggested field validation test scenario expected outcome tip process a savecard request with the cv2/cvv security code included in the request to check the cv2/cvv field format is valid 200 successful the cv2 field validation check will be performed during the process process a savecard request without the cv2/cvv security code included in the request declined the cv2 field validation check will not be performed during the process process a savecard request with the billing address information (cardaddress block) included in the request to check the fields are correct 200 successful ensure the cardaddress block has the correct fields address1 address2 town postcode required countrycode see country codes docid\ xze369mfk5uvosanzm8uo for the list of valid iso 3166 1 format country codes example cardaddress block "cardaddress" { "address1" "cardholder house", "address2" "1 cardholder street", "town" "cardholder town", "postcode" "ab1 2cd", "countrycode" 826, "state" "fl", }, to validate the card is registered to the correct post code, ensure the following permission on your sandbox api credentials is enabled enforce avs checks the default setting = disabled process a savecard request without the billing address information (cardaddress block) included in the request 200 successful for more information on api credentials and permissions, see introduction docid\ s 8hoamytkgy13t0p657 test card data to simulate a successful savecard request use the test cards docid obafnuc1umhk vihhs5d savecard request parameters sandbox endpoint https //api sandbox judopay com/transactions/savecard http method post header parameters depending on how you integrate with judopay, you can authenticate requests by /paymentsession , or tokensecretauth the token and secret pair for more information, see authentication methods docid\ ylkw5coh5nqnfq3j wjk2 api version 6 23 for the latest version of the judopay transaction api, see transaction api reference docid\ bcxnm5keok nlnrztafut content type application/json accept application/json authorization method tokensecretauth in the authorization header supply basic { authstring } example basic txpfdpdrszwmsgk4djhxetpjbts4yjq5otdkzmo7ctk1yte0oweymdg1mmy3ywyyzweyztcwymqyzgy3o replace { authstring } with base64 encoding of api token api token (username) colon colon api secret (password) example mzpdkqk1mgi8v3ky mzpdkqk1mgi8v3ky y158n4732dfc7595a149a20381f7af2ea2e70gr6df794b8rnwc019cc5f799kk3 authorization method paymentsessionauthtoken for payment session authentication in the api token header supply the token used to authenticate the call to generate a payment session the payment session header value must also be supplied authorization method paymentsessionauthreference for payment session authentication in the payment session header supply the reference returned in the create payment session response the api token header value must also be supplied body parameters configuration property descriptions parameter description judoid string optional optional unique id supplied by judopay specific to a merchant and/or location format 100100100 maximum length 9 characters do not include spaces or dashes cardnumber string required required the unique number printed on the card (13 to 19 digits depending on card type) submitted without whitespace or non numeric characters expirydate string required required the expiry date of the card format mm/yy cv2 string optional optional the 3 or 4 digit number on the back of the card also known as the card verification value (cvv) or security code yourconsumerreference string required required unique reference to anonymously identify your customer advisable to use guids must be below 40 characters cardholdername string optional optional the full name of the card holder savecard request example { "cardnumber" "4976000000003436", "expirydate" "12/24", "cv2" "452", "yourconsumerreference" "carlie1656\@example com", "cardholdername" "brenda quigley", "judoid" "100078697" } response example { "receiptid" "9551393333331152", "yourpaymentreference" "judo registercard 638149261737657931", "type" "save", "createdat" "2023 03 20t16 22 53 7970+00 00", "result" "success", "message" "register card", "judoid" 100042597, "merchantname" "shodan ai routing", "appearsonstatementas" "apl /shodanairouting ", "originalamount" "0 00", "netamount" "0 00", "amount" "0 00", "currency" "gbp", "acquirertransactionid" "123456", "externalbankresponsecode" "", "authcode" "", "carddetails" { "cardlastfour" "3436", "enddate" "1224", "cardtoken" "sof obcph1avsugsj8uf9wnt7a", "cardtype" 11, "cardscheme" "visa", "cardfunding" "debit", "cardcategory" "classic", "cardcountry" "fr", "bank" "credit industriel et commercial", "cardholdername" "brenda quigley" }, "consumer" { "yourconsumerreference" "carlie1656\@example com", }, "threedsecure" { "attempted" false }, "risks" { "postcodecheck" "unknown", "cv2check" "passed", "merchantsuggestion" "allow" } } savecard scenarios (negative flow) field and formatting errors can occur for various reasons, it can be impossible to simulate all the model errors in a sandbox environment important to consider how your app handles negative flows your customer's experience should a negative flow occur logic to communicate error messages customise how your app responds how to maintain application consistency follow our suggested guidelines to simulate model errors, to test your app’s error handling suggested field validation negative scenario expected error code model error description attempt to perform a savecard request using an invalid/expired card expiry date 46 { "details" \[ { "code" 46, "fieldname" "expirydate", "message" "sorry, but the expiry date entered is in the past please check your details and try again " } attempt to perform a savecard request using an invalid card number for example use 13 digits for the card number 30 { "details" \[ { "code" 30, "fieldname" "cardnumber", "message" "sorry, it looks like the card number entered is invalid please check your details and try again " } attempt to perform a savecard request with an invalid cv2 field format for example "abc123" 1 { "details" \[ { "message" "sorry, we're unable to process your request please check your details and try again ", "code" 1, "category" 2 } attempt to perform a savecard request with a missing cv2 the sandbox token has cv2 enabled, the savecard request has an empty cv2 field 31 { "details" \[ { "code" 31, "fieldname" "cv2", "message" "sorry, you've not supplied the 3 digit card security code please check your details and try again " } where the codes remain fixed, the descriptions may change you should not build any error handling logic based on these descriptions for a list of possible error codes, types and descriptions, see codes and descriptions docid zrsihomuew xnrq4pbtj next steps using the cardtoken from the savecard response, you can test the following scenarios testing card preauths docid\ gwwuvrkwonc5yvk6qhmmi testing card payments docid\ nq7c98panemfgukhbpucb