Testing

Test your Opayo Direct requests using test data to return the correct responses.

Test 3D Secure

The following table lists our magic CardHolder values. When you test your Opayo Direct transaction request, these simulate 3D-Authenticated transaction responses.

Magic CardHolder values.

Magic Value

3DSecureStatus

Description

SUCCESSFUL

OK

Returned for a frictionless flow where authentication is successful.

NOTAUTH

NOTAUTHED

Returned for a frictionless flow where authentication is unsuccessful.

CHALLENGE

Status=3DAUTH

3DSecureStatus=OK

Returned for a challenge flow. The cardholder will be re-directed to the ACS to enter two-factor authentication. A CReq, VPSTxId, ACSURL and StatusDetail will also be returned.

Once you re-direct to the ACSURL, entering the correct password displayed on the site will simulate a successful authentication, entering any other password will simulate an unsuccessful authentication.

PROOFATTEMPT

ATTEMPTONLY

The cardholder attempted to authenticate themselves, and the process did not complete. A CAVV is returned and this is treated as being successfully authenticated.

NOTENROLLED

Fallback to 3DSv1

The card is not enrolled in the 3D-Secure v2 scheme and will fallback to 3DSv1. You will receive a PAReq,

MD, ACSURL and StatusDetail.

TECHDIFFICULTIES

INCOMPLETE

3D-Secure authentication was unable to complete. No authentication occurred.

ERROR

ERROR

Simulates an error condition where 3D-Authentication cannot be performed due to data errors or service unavailability in one of the parties involved in the check.

Test 3D Secure Passwords

Important. All other phrases will fail authentication.

3DS2

3DS2 Secure Password Responses

Value

Description

challenge

Successful authentication. (All other phrases will fail authentication).

 

3DSv1 (Fallback)

 

3DSv1 (Fallback) Secure Password Responses

Value

Description

password

Successful authentication

A:D:06

Cardholder not enrolled, will return the 3DSecureStatus ATTEMPTONLY

U:N:06

Authentication not available, will return the 3DSecureStatus INCOMPLETE

E:N:06

Error occurred during authentication, will return the 3DSecureStatus ERROR

Test Address Values

To test your failure pages use a Test Card. The test will always return an OK response and an Authorisation Code. All other card numbers will be declined.

Test your Rule Base and fraud-specific code by omitting the following codes. The transaction will authorise and you will receive NOTMATCHED messages in the AVS/CV2 checks.

  • Billing Address 1: 88
  • Billing Post Code: 412

Test Payment Cards

You can use the following Test Card details using any Expiry date and the CVV: 123 (1234 for Amex cards).

Available test payment cards for 3D Secure testing

Payment Method

Card Number

Card Type

3D Secure object status

Visa

4929000000006

Visa

Authenticated

Visa

4929000005559

Visa

CardNotEnrolled

Visa

4929000000014

Visa

IssuerNotEnrolled

Visa

4929000000022

Visa

Error

Visa Corporate

4484000000002

Visa

CardNotEnrolled

Visa Debit

4462000000000003

VisaDebit

Authenticated

Visa Electron

4917300000000008

VisaElectron

Authenticated

MasterCard

5186150660000009

MasterCard

Authenticated

MasterCard

5186150660000025

MasterCard

CardNotEnrolled

MasterCard

5186150660000108

MasterCard

IssuerNotEnrolled

MasterCard

5186150660000207

MasterCard

Error

Debit MasterCard

5185690060000001

DebitMasterCard

Authenticated

Maestro (UK Issued)

6759000000005

Maestro

Authenticated

Maestro (German Issued)

6705000000008

Maestro

Authenticated

Maestro (Irish Issued)

5185570760000008

Maestro

Authenticated

Maestro (Spanish Issued)

6766000000000

Maestro

Authenticated

American Express

374200000000004

AmericanExpress

N/A

Diners Club / Discover

36000000000008

Discover

N/A

JCB

3569990000000009

JCB

N/A

PayPal Testing

PayPal is available to the Opayo test environment. You can test without using a live PayPal account.

Important: ONLY test your PayPal integration when your site can correctly send and process the messages exchanged between your site and ours for a standard Opayo Direct transaction.

Set Up

  1. Sign in to https://developer.paypal.com. 
  2. Create one or more Sandbox accounts including at least one each of:
    • Personal (buyer account)
    • Business (merchant account)
Note: An Email address is issued for each account you create.
  1. Sign in to your Business (merchant account) and under API Access, add the following test-only Third Party Permission Username:
    ppdev_1256915571_biz_api1.sagepay.com
  2. You should grant all available permissions.

Start Testing

  1. Sign in to your Test MySagePay, and then add the Email address for the Business (merchant account) you created.
  2. Choose, either a Mark or Express Checkout option, and then send the Transaction Registration post with the CardType set to PAYPAL.
  3. Our response to your Transaction Registration Post will return a Status of PPREDIRECT and provide a simulated PayPalRedirectURL.

Check Results

  1. Ensure your code stores the VPSTxId and redirects the test customer’s browser to the PayPal Sign In page.
  2. Where you have provided them, the BasketXML information is shown with your company logo. Sign in using the Personal (buyer account) to complete the transaction process with PayPal
  3. Opayo will send a message to your PayPalCallbackURL along with the customer. Ensure your script can handle a PAYPALOK Status. You can choose to:
    • Accept the transaction based on the PayerStatus and or AddressStatus (as the result of these fields can dictate if the transaction is eligible for PayPal Seller Protection)
    • Modify the Amount by +/- 15% of the original value (if the delivery price changes as a result of the address selected

Complete the Transaction

  1. To proceed with the transaction, send a POST to the PayPal Completion URL with a value of YES in the Accept field. This will return a Status of OK in the final response to your servers.
    • When the AddressStatus is UNCONFIRMED, and the PayerStatus UNVERIFIED, you may not wish to continue.
    • If you do NOT wish to proceed, you must still send a POST to the Opayo servers to complete the transaction. Enter a value of NO in the Accept field to cancel the transaction. This will return a Status of NOTAUTHED in the final response to your servers.
  2. When you receive this final response from Direct (here), and depending on the Status of the transaction, you should redirect your customer to the relevant completion page on your site.
  • A Status of OK should redirect the user to a success page.
  • An ERROR, NOTAUTHED, REJECTED, MALFORMED or INVALID Status should redirect to the relevant error handling page.
Important. Please visit PayPal’s website for localised Seller Protection terms and conditions.

Support

Email the Opayo Support team for help with your debugging issues.