Testing Guide

This page describes the best practice methods to test your integration with the Worldnet payment gateway using our test server accounts and sandbox accounts. It is intended to facilitate thorough testing, resulting in an issue free launch with our live service. You should have chosen your integration method and be familiar with our Integration Guide and have begun integration before reviewing this document.

All testing should always be done on a test environment, separate from the live web server. Testing on the live server can cause many live problems such as:

1. Unnecessary downtime
2. Live transaction corruption/loss
3. Incorrect/incomplete results of live transactions
4. Customer frustration
5. Undiscovered issues over time, effecting large numbers of transactions
6. Chargebacks
7. PCI DSS implications

You should ensure that your test environment is configured as close as possible to your live environment, particularly:

1. Web server (IIS/Apache) version
2. Web server configuration, especially the language interface (PHP/ASP etc.) and session timeout
3. Database connectivity
4. Firewall
5. The identical shopping cart version & configuration to the live environment (if using shopping cart software)

If you are not using a plug-in supplied by Worldnet, then before testing should be attempted at all, you should become familiar with the relevant sections of our Integration Guide document. This is a complete and definitive guide to integrating your systems with the Worldnet gateway no matter what programming language, transaction types or integration method.

Planning your testing depends a lot on your method of implementation. For example if using our Hosted Payment Page (HPP) you should test the situation where a redirect back from our host fails, whereas this is unnecessary if you are using the XML gateway.

Also, if using our Hosted Payment Page solution, you should seriously consider implementing Background validation. What Background Validation does is, in the case where for some reason the transaction is authorised but the response fails to get back to your site (customer closes browser/your site is temporarily unavailable/etc.), our host will intermittently send a server side post to a URL with the order ID & transaction result until it receives an “OK” response. This ensures that your order system accurately reflects the transaction result even in the case where the cardholder redirect fails.

The PCI DSS states that you should never use live cards in a test environment, otherwise this environment is also subject to PCI audit and DSS rules. For this reason you should only ever use test card numbers, such as those listed in this document.

Worldnet cannot be held accountable for live cards being put through our test systems and sandbox accounts.

You should ensure that your test environment is configured as close as possible to your live environment, particularly:

1. Host is unavailable (i.e. Use invalid test host URL)
2. Request details (including hash) are incorrect
3. Response Hash string is incorrect
4. Responses for all possible transaction results (Authorisation/Decline/Referral/Failure) (see “Testing resources” section for details)
5. PCI DSS guidelines are met in all scenarios
6. Refreshing the receipt page does not re-perform the transaction/resend the receipts
7. All required currencies are processed correctly

1. Customer doesn't complete transaction (e.g. closes browser window)
2. Incorrect Receipt Page URL configured (same as response redirect failure)
3. Customer takes 60 mins to complete entering details
4. Simultaneous transactions do not interfere with each other
5. Background Validation is successful for all transactions and responses (if implemented)

1. Card number/CVV fields can only contain numeric characters (no spaces either)
2. Non-numeric characters (including spaces) are not sent in numeric fields
3. Remote XSD file unavailable (fallback to local cache?)
4. XML fails validation against remote XSD file
5. Host returns a failure due to incorrect content in XML request
6. Host returns a System Error response
7. Host does not return anything
8. Host returns extra response fields

Testing will be quite specific depending on the shopping cart and plug-in being used. If you have downloaded this guide from within a plug-in zip file as apposed to being sent it directly from Worldnet, please e-mail support@worldnettps.com to confirm that you have the latest version on the plug-in for your solution. Please include the name and version number of the shopping cart software and the name of the plug-in zip file that you downloaded.

You should cover all the relevant test above for your integration method, even though the functionality is obscured by the plug-in you are using. The issues outlined above can still occur. However other shopping cart issues that should be tested are:

1. Card number/CVV fields can only contain numeric characters (no spaces either)
2. Order status is updated correctly in shopping cart
3. Customer e-mails are populated correctly
4. Customers get the right number of e-mails (our host may also send an e-mail to the customer depending on the plug-in)
5. Session timeouts do not cause transactions not to be dropped/lost
6. Transactions over 1,000 and 1,000,000 Euro/Pounds/Dollar etc. are handled correctly

Basic transaction testing can be done through our sandbox accounts. You do not need a dedicated test account for this type of basic proof-of-concept testing.

Test cards that can be used on our host are:

All test cards can be used with any expiry date in the future, any CVV (n.b.) American Express cards have a 4 digit CVV) and any Issue number where appropriate.

Various different responses can be simulated by using different cent amounts for transactions. The cent values and their respective responses are:

Meaning that if you enter 5.01, 99.01 or 1754.01 you will get a decline, for example.

For large merchants, Worldnet will be happy to coordinate testing with you, provide/review specialised test scripts, and help with any issues raised. If you would like to avail of this service, please feel free to contact support@worldnettps.com.