Payment Gateway testing ensures an intermediate path between transaction channels such as net banking, debit, credit cards, and merchant acquired banks are working as they are supposed to be guaranteeing utmost security.
Payment gateway passes the information of the transaction channel to the merchant bank and then check the response received from the respective bank.
There are so many payment gateways available these days. Some of them are PayPal, Braintree and Citrus Payments.
Let’s first check out the flow of any transaction which happens on e-commerce and then we will dig into details of testing the payment gateway flow.
What is Payment Gateway Testing
Payment gateway integration is a must for any business. It has to be highly secure, highly functional and must offer high UX. To check all this you need payment gateway testing.
Payment Gateway transaction flow
The transaction starts with the customer who places an order for a product on an e-commerce website.
After confirming for a product, the customer is being redirected to some website where the customer is asked to enter payment details.
On this page, the customer clicks on the pay now button and then the payment gateway sends this entered information to the acquiring bank.
This information is sent in the form of encryption data and then the acquiring bank sends the data to the issuing bank to verify the details.
If the issuing bank verifies the transaction, then the payment is approved, and the successful response code is sent to the payment processor.
While if the issuing bank does not approve the transaction then the issuing bank sends a failure response code and at last, failure message is displayed to the customer.
Types of testing required on payment gateways
The below types of testing are required for testing the payment gateway.
- Functional Testing
Whenever a new payment gateway integrated into your system, functional testing is required to see if the application behaves the way it behaves with other payment gateways.
It should handle the calculation as it is mentioned in the contract shared with you. For some gateways who are well renowned in the market such as PayPal, functional testing can be avoided.
- Integration Testing
Integration testing very important testing that must be performed on any payment gateway. You need to verify that your application behaves the way you want to be even after integrating a payment gateway.
You need to check if the customer is successfully able to place an order and then after successful payment, you need to make sure that the funds are successfully received in the merchant’s bank.
Also, you need to verify if the transaction is void or refunded.
- Performance Testing
Performance testing is critical for testing a payment gateway. You need to have a maximum number accessing the payment gateway at the same time and see if the payment processor fails.
You need to increase users above a threshold level to check the performance of the payment gateway.
- Security Testing
Security testing must be done on any payment gateway on priority because of the sensitive information provided while filling the payment details.
It is very important to check if the payment details entered by the user are encrypted properly and to check if any kind of tweaks is not possible.
Read also: How to test a banking software
Important Test Cases for Payment Gateway
Let’s see some of the important test cases which you should write for a payment gateway.
-
- Test payment gateway with different card numbers – credit and debit. You should have dunny card numbers to test this flow.
- Verify the flow when there is a successful response from the issuing bank.
- After a successful transaction from the issuing bank, the successful payment message should be displayed to the user.
- When the payment is successful on the payment gateway, the update must be sent to the customer email or phone number.
- Verify the flow when there is a failed transaction.
- Verify the flow when the payment gateway stops responding.
- Verify the transaction flow with fraud protection or security settings.
- For testing purposes, after the successful transaction, an entry must be made in the database. That entry must be checked according to the architecture designed.
- Checking the flow in case the session expires while doing transactions.
- Verify if the payment gateway operates on the currency of the country in which the customer is doing the payment.
- If the application allows payment through various options, then each option should be tested individually.
- Verify that refund is of the same amount the transaction has been canceled or void. There should be any discrepancy in the amount as it can cause loss of business.
- Verify that the refund initiated to the customer account is credited within the stipulated time period mentioned by the applicable terms and conditions.
- Verify the refund time period is different for different payment modes. For example, refund initiation time for Paytm is less as compared to credit or debit cards.
- Verify the flow when a customer voluntarily cancels the transaction in the middle of the transaction.
Read also: How to test an e-commerce website
Example of Braintree payment gateway testing
-
- You can visit the Braintree site.
- There, you can click on the “Try the sandbox” button.
- You will be redirected to the official site where you must fill some important information to sign up on the page.
- You will get an email in your email address provided for account confirmation.
- You need to create your account by adding a password.
- You will then be able to see the portal of Braintree.
- You can find the sandbox keys and then integrate them into your application.
- You can change the settings of your sandbox in the settings tab in the portal.
- You can add settings like which cards would be accepted and you can add the CVV of the mock cards used in testing the application.
It is completely a different component which needs extensive testing as this drives the profit for the client and any kind of irregularities would let the client in loss
Payment gateway testing tips for testers
- Try to have a sandbox environment for testing and implementing any payment gateway in an application
- Make sure that the data capture and data flow of the system is tested for anomalies, For instance, not capturing credit card expiry date, showing a duplicate transaction
- Ensure end-to-end testing of the transaction process
- Be aware of the limitations of payment gateway sandboxes
- Make sure that error messages and popping up as it is supposed to be
Checklist for Payment gateway testing
- Make sure that you have data for duplicate credit cards from various card providers
- Collect data for payment wallets
- Make sure that data regarding error code has been documented
- Check all the functionality and settings regarding the payment has been tested thoroughly
- Make sure that the pop-up messages are working fine
- Check the fraud preventive measures are working fine
- Session expiry sequence check
- Check the currency integration
- Check the payment gateway behavior with respect to interruptions
Conclusion
Start setting the test environment and have a sandbox integrated with it. Gather all the test data for testing the sandbox example: all the dummy credit and debit cards and associated information with it. Formulate a test strategy and start your payment gateway testing.