Testing SaveCard

Testing SaveCard
These scenarios do not include 3D Secure 2 authentication testing.
See Testing 3D Secure 2 Flows﻿ for 3D Secure 2 authentication testing for your app.
SaveCard Scenarios (Positive Flow)
Use saveCard If you do not want to perform a pre-authorisation check on a customer's account. 
SaveCard stores the card details and tokenises the card number into an encrypted string.
During the saveCard request flow, Judopay validates the fields in the request model before storing the card details and tokenising the card number.

If the request fails these checks, for example due to an incorrect field value, or the field has been incorrectly formatted, you will receive a model error response.
For more information, see Model Errors﻿.
The cardToken is not validated by the issuer, until it is used in a payment or preAuth request.
﻿
Important to Consider
SaveCard involves storing the following card details:
cardNumber
cardExpiryDate
cv2
Tokenises the card number into an encrypted string.
The saveCard request is not processed through the 3D Secure 2 flow and is not authenticated.
For a request to follow the 3D Secure 2 authentication flow, use Testing CheckCard﻿ instead.
You cannot use the receiptId from the saveCard response for Merchant Initiated Transactions.
This is due to the saveCard request not being validated by the issuer.
For more information on the Merchant Initiated Transaction flow, see Testing Merchant Initiated Transactions﻿.
SaveCard does not validate the card or account, as the request does not go to the payment gateway.
Suggested Field Validation Test Scenario
Expected Outcome
Tip
Process a saveCard request with the CV2/CVV security code included in the request to check the CV2/CVV field format is valid.
 
200
Successful
The CV2 field validation check will be performed during the process.
﻿


Process a saveCard request without the CV2/CVV security code included in the request.
﻿
Declined
 
The CV2 field validation check will not be performed during the process.


Process a saveCard request with the billing address information (cardAddress block) included in the request to check the fields are correct.
 
200
Successful
Ensure the cardAddress block has the correct fields:
address1
address2
town
postCode
Required
countryCode
See here﻿ for the list of valid ISO 3166-1 format country codes.
Example cardAddress block:
"cardAddress": {  
    "address1": "CardHolder House",  
    "address2": "1 CardHolder Street",  

    "town": "CardHolder Town",  
    "postCode": "AB1 2CD",  
    "countryCode": 826,  
    "state": "FL", 
},
To validate the card is registered to the correct post code, ensure the following permission on your sandbox API Credentials is enabled:
Enforce AVS checks.
The default setting = disabled.
Process a saveCard request without the billing address information (cardAddress block) included in the request.
200
Successful
﻿
For more information on API credentials and permissions, see Permissions﻿.
﻿
Test Card Data
To simulate a successful saveCard request use the Test Cards﻿.
﻿
SaveCard Request Parameters
Sandbox endpoint:
https://api-sandbox.judopay.com/transactions/savecard
HTTP Method: POST
Header Parameters:
Depending on how you integrate with Judopay, you can authenticate requests by:
/paymentsession, or
TokenSecretAuth
The token and secret pair
For more information, see Authentication Methods﻿.
﻿
﻿
Body Parameters:
Configuration Property Descriptions
Parameter
Description
judoId
String
Optional﻿
﻿
﻿
Unique ID supplied by Judopay.
Specific to a merchant and/or location.
Format:
100100100
Maximum length 9 characters.
Do not include spaces or dashes.
cardNumber
String
Required﻿
The unique number printed on the card (13 to 19 digits depending on card type).
Submitted without whitespace or non-numeric characters.
expiryDate
String
Required﻿
The expiry date of the card.
Format:
MM/YY
cv2
String
Optional﻿
The 3 or 4 digit number on the back of the card.
Also known as the card verification value (CVV) or security code.
yourConsumerReference
String
Required﻿
Unique reference to anonymously identify your customer.
Advisable to use GUIDs.
Must be below 40 characters.
cardHolderName
String
Optional﻿
The full name of the card holder.
SaveCard Request Example
Response Example
{
    "cardNumber": "4976000000003436",
    "expiryDate": "12/24",
    "cv2": "452",
    "yourConsumerReference": "[email protected]",
    "cardHolderName": "Brenda Quigley",
    "judoId": "100078697"
}
{
    "cardNumber": "4976000000003436",
    "expiryDate": "12/24",
    "cv2": "452",
    "yourConsumerReference": "Carlie1656@example.com",
    "cardHolderName": "Brenda Quigley",
    "judoId": "100078697"
}
﻿
﻿
SaveCard Scenarios (Negative Flow)
Field and formatting errors can occur for various reasons, it can be impossible to simulate all the model errors in a sandbox environment.
Important to Consider
How your app handles negative flows
Your customer's experience should a negative flow occur:
Logic to communicate error messages
Customise how your app responds
How to maintain application consistency
Follow our suggested guidelines to simulate model errors, to test your app’s error handling:
Suggested Field Validation Negative Scenario
Expected Error Code
Model Error Description
Attempt to perform a saveCard request using an invalid/expired card expiry date.
46
{
  "details": [
   {
     "code": 46,
     "fieldName": "ExpiryDate",
     "message": "Sorry, but the expiry date entered is in the past. Please check your details and try again."
   }
Attempt to perform a saveCard request using an invalid card number.
For example use 13 digits for the card number.
30
{
 "details": [
  {
    "code": 30,
    "fieldName": "CardNumber",
    "message": "Sorry, it looks like the card number entered is invalid. Please check your details and try again."
 }
Attempt to perform a saveCard request with an invalid CV2 field format.
For example "ABC123".
1
{
 "details": [
 {
   "message": "Sorry, we're unable
    to process your request. Please 
    check your details and try
    again.",
 "code": 1,
 "category": 2
}
Attempt to perform a saveCard request with a missing CV2.
The sandbox token has cv2 enabled, the saveCard request has an empty cv2 field.
31
{
 "details": [
 {
    "code": 31,
    "fieldName": "Cv2",
    "message": "Sorry, you've not supplied the 3-digit card security code. Please check your details and try again."
 }
﻿
For a list of possible error codes, types and descriptions, see  Error Codes and Descriptions﻿.
﻿
Next Steps
Using the cardToken from the saveCard response, you can test the following scenarios:
﻿Testing Card PreAuths﻿﻿
﻿Testing Card Payments﻿﻿
﻿

Suggested Field Validation Test Scenario	Expected Outcome	Tip
Process a saveCard request with the CV2/CVV security code included in the request to check the CV2/CVV field format is valid.	200 Successful	The CV2 field validation check will be performed during the process.
Process a saveCard request without the CV2/CVV security code included in the request.	Declined	The CV2 field validation check will not be performed during the process.
Process a saveCard request with the billing address information (cardAddress block) included in the request to check the fields are correct.	200 Successful	Ensure the cardAddress block has the correct fields: address1 address2 town postCode Required countryCode See here for the list of valid ISO 3166-1 format country codes. Example cardAddress block: "cardAddress": { "address1": "CardHolder House", "address2": "1 CardHolder Street", "town": "CardHolder Town", "postCode": "AB1 2CD", "countryCode": 826, "state": "FL", }, To validate the card is registered to the correct post code, ensure the following permission on your sandbox API Credentials is enabled: Enforce AVS checks. The default setting = disabled.
Process a saveCard request without the billing address information (cardAddress block) included in the request.	200 Successful

Parameter	Description
judoId String Optional	Unique ID supplied by Judopay. Specific to a merchant and/or location. Format: 100100100 Maximum length 9 characters. Do not include spaces or dashes.
cardNumber String Required	The unique number printed on the card (13 to 19 digits depending on card type). Submitted without whitespace or non-numeric characters.
expiryDate String Required	The expiry date of the card. Format: MM/YY
cv2 String Optional	The 3 or 4 digit number on the back of the card. Also known as the card verification value (CVV) or security code.
yourConsumerReference String Required	Unique reference to anonymously identify your customer. Advisable to use GUIDs. Must be below 40 characters.
cardHolderName String Optional	The full name of the card holder.

Suggested Field Validation Negative Scenario	Expected Error Code	Model Error Description
Attempt to perform a saveCard request using an invalid/expired card expiry date.	46	{ "details": [ { "code": 46, "fieldName": "ExpiryDate", "message": "Sorry, but the expiry date entered is in the past. Please check your details and try again." }
Attempt to perform a saveCard request using an invalid card number. For example use 13 digits for the card number.	30	{ "details": [ { "code": 30, "fieldName": "CardNumber", "message": "Sorry, it looks like the card number entered is invalid. Please check your details and try again." }
Attempt to perform a saveCard request with an invalid CV2 field format. For example "ABC123".	1	{ "details": [ { "message": "Sorry, we're unable to process your request. Please check your details and try again.", "code": 1, "category": 2 }
Attempt to perform a saveCard request with a missing CV2. The sandbox token has cv2 enabled, the saveCard request has an empty cv2 field.	31	{ "details": [ { "code": 31, "fieldName": "Cv2", "message": "Sorry, you've not supplied the 3-digit card security code. Please check your details and try again." }

Updated 18 Oct 2024

Testing Voids

Testing CheckCard