Carding Forum
Professional
- Messages
- 2,788
- Reaction score
- 1,363
- Points
- 113
We deal with card payments for goods every day. Almost any service has the ability to buy something. The buyer wants to be sure that he, having applied the coupon, will buy the goods at a new price, and the amount that was indicated will be written off, and nothing more. But how to check payments?
The card number can be used to determine its “pedigree”.
The first digit in the plastic card number indicates which payment system it belongs to. All Visa cards have a number starting with "4", Mastercard - with "5", and American Express - "3". If the card was not issued by a credit institution, the number may begin with other digits. "1" and "2" are different airlines, "3" is for travel and entertainment organizations, "6" is for merchandising companies, "7" is for fuel companies, "8" is for telecommunications companies, and "9" is for government banknotes.
The second, third and fourth digits in the number are the number of the bank that issued the plastic card. The fifth and sixth provide additional information about this credit institution.
Together, the first six digits of the card number are the so-called bank identifier, or BIN.
The seventh and eighth digits in the number indicate the bank program under which the card was issued.
All other digits, except the last one, give an individual card number. It is formed according to a special algorithm, which means that for two consecutively created cards the number will differ not only by one digit - it will be completely unique.
Validity period. Specified in month/year format. Cards are issued for different periods: from 1 to 5 years depending on their type and purpose of use. The card can only be used for payments until the last day of the specified month, after which the card will become a useless piece of plastic.
The back of the card contains equally important information. In addition to the bank's contact information and the cardholder's signature, there is a security code (CVV2 or CVC2) - the last 3 digits of the seven-digit number next to the cardholder's signature.
Cases when testing payments with cards with 3D Secure:
To pay online, you enter the card number, expiration date, cardholder name and card verification code (eg CVC2) on the website. You are then redirected to the website of the bank that issued your card.
The bank will send you a confirmation code via SMS, messenger or banking app. Less commonly, one-time codes from a piece of paper or a permanent code that you set are used.
Once you enter the verification code on the page, the bank will check it. If the entered code matches the one sent, the transaction will be completed.
#1: entering a valid code from SMS – successful payment;
#2: entering an invalid code from an SMS – unsuccessful payment (checking the error display);
#3: entering the code from the SMS after the time for re-sending the code has expired – successful payment;
#4: Re-request code and enter: new code/previous code from SMS
#5: Return to the previous screen (card data entry screen) – check that the entered data has not disappeared.
Cases when testing payments with cards without 3D Secure:
#1: positive scenario that the payment is successful;
#2: and the negative scenario.
We will talk about each of them further, in the block of general cases when paying with cards.
#1: the user pays for the product – the cost is correctly displayed on the payment button and the amount debited corresponds to it;
#2: the user goes to the payment screen, returns and changes the quantity of goods – the cost is correctly displayed on the payment button and the amount debited corresponds to it;
#3: correct display of the final cost after applying a promo code/discount and other subsidies - the cost is correctly displayed on the payment button and the amount debited corresponds to it;
#4: correct calculation of commission;
#5: Going to the payment screen with a disconnected internet connection – correct display of the error.
Successful Card Payment Scenario.
Checking successful payment scenarios:
#1: successfully filling in all required fields on the payment widget;
#2: successful payment of the full amount;
#3: If a payment is made in two stages, then upon partial confirmation of the payment, two new checks will be generated: one for the return of the previous payment, the second for the payment taking into account the adjusted data.
Checking unsuccessful payment scenarios:
#1: payment by this payment method was rejected for unknown reasons;
#2: The bank card has expired;
#3: payment blocked due to suspected fraud;
#4: not enough money to pay (the amount on the card is zero);
#5: not enough money to pay (the amount on the card is in the negative);
#6: not enough money to pay (the amount on the card is less than the cost);
#7: The card number is incorrect;
#8: The organization that issued the payment instrument is unavailable;
#9: The payment limit for this payment method or your store has been reached;
#10: transactions using this payment method are prohibited (for example, the card is blocked due to loss, the wallet is blocked due to hacking by fraudsters);
#11: You cannot pay with a bank card issued in this country;
#12: CVV2 code (CVC2, CID) is incorrect.
#1 : check the receipt that comes after payment;
#2: Make sure the product is displayed on the screen, for example, “My purchases”;
#3: check for email notifications (for example, about a successful purchase, receipt of a receipt);
#4: check prices (for example, a product was paid for at a discount, which means the final (paid) price is displayed on the receipt, on the “My purchases” screen);
#5: refund the money to the card from which the payment was made.
Terms and Definitions
First, let's clear up some terminology:- Card - a bank card of the Visa, MasterCard or MIR payment systems.
- The acquirer is a settlement bank.
- Issuer - the bank that issued the card.
- The holder is an individual to whom the issuer has issued a card for use.
- A payment form is a set of fields containing information about the payment and the order. The form is placed in the store interface, on the page that the user sees after placing an order. The form code can be obtained upon connection, or you can create the form yourself.
- 3-D Secure is a protocol for verifying the holder by the issuer.
- A transaction is the process by which a seller receives funds from a buyer.
- Authorization - requested upon purchase. It is carried out by the client's issuing bank. This is a confirmation that the card belongs to the buyer, solvency, availability of sufficient funds, etc. After this, a certain amount is debited from the card balance, but is still not transferred to the seller's account.
- A payment gateway is an e-commerce application service that approves credit card payments for online purchases. Payment gateways protect credit card data by encrypting sensitive information such as credit card numbers, account holder information, and so on. This information is securely transferred between the buyer and the seller, and vice versa.
Card designations
And with markings on the card.The card number can be used to determine its “pedigree”.
The first digit in the plastic card number indicates which payment system it belongs to. All Visa cards have a number starting with "4", Mastercard - with "5", and American Express - "3". If the card was not issued by a credit institution, the number may begin with other digits. "1" and "2" are different airlines, "3" is for travel and entertainment organizations, "6" is for merchandising companies, "7" is for fuel companies, "8" is for telecommunications companies, and "9" is for government banknotes.
The second, third and fourth digits in the number are the number of the bank that issued the plastic card. The fifth and sixth provide additional information about this credit institution.
Together, the first six digits of the card number are the so-called bank identifier, or BIN.
The seventh and eighth digits in the number indicate the bank program under which the card was issued.
All other digits, except the last one, give an individual card number. It is formed according to a special algorithm, which means that for two consecutively created cards the number will differ not only by one digit - it will be completely unique.
Validity period. Specified in month/year format. Cards are issued for different periods: from 1 to 5 years depending on their type and purpose of use. The card can only be used for payments until the last day of the specified month, after which the card will become a useless piece of plastic.
The back of the card contains equally important information. In addition to the bank's contact information and the cardholder's signature, there is a security code (CVV2 or CVC2) - the last 3 digits of the seven-digit number next to the cardholder's signature.
Payments by cards with and without 3DS
There are two types of cards, with and without 3D Secure. 3D Secure (Three-Domain Secure) is the common name for the Verified By Visa and Mastercard Secure Code programs from the Visa and MasterCard payment systems. It is a secure protocol that adds another layer of security to your card payments. It helps ensure that the transaction is carried out by the cardholder and not by fraudsters.Cases when testing payments with cards with 3D Secure:
To pay online, you enter the card number, expiration date, cardholder name and card verification code (eg CVC2) on the website. You are then redirected to the website of the bank that issued your card.
The bank will send you a confirmation code via SMS, messenger or banking app. Less commonly, one-time codes from a piece of paper or a permanent code that you set are used.
Once you enter the verification code on the page, the bank will check it. If the entered code matches the one sent, the transaction will be completed.
#1: entering a valid code from SMS – successful payment;
#2: entering an invalid code from an SMS – unsuccessful payment (checking the error display);
#3: entering the code from the SMS after the time for re-sending the code has expired – successful payment;
#4: Re-request code and enter: new code/previous code from SMS
#5: Return to the previous screen (card data entry screen) – check that the entered data has not disappeared.
Cases when testing payments with cards without 3D Secure:
#1: positive scenario that the payment is successful;
#2: and the negative scenario.
We will talk about each of them further, in the block of general cases when paying with cards.
General cases
Let's look at common cases:#1: the user pays for the product – the cost is correctly displayed on the payment button and the amount debited corresponds to it;
#2: the user goes to the payment screen, returns and changes the quantity of goods – the cost is correctly displayed on the payment button and the amount debited corresponds to it;
#3: correct display of the final cost after applying a promo code/discount and other subsidies - the cost is correctly displayed on the payment button and the amount debited corresponds to it;
#4: correct calculation of commission;
#5: Going to the payment screen with a disconnected internet connection – correct display of the error.
Successful Card Payment Scenario.
Checking successful payment scenarios:
#1: successfully filling in all required fields on the payment widget;
#2: successful payment of the full amount;
#3: If a payment is made in two stages, then upon partial confirmation of the payment, two new checks will be generated: one for the return of the previous payment, the second for the payment taking into account the adjusted data.
Checking unsuccessful payment scenarios:
#1: payment by this payment method was rejected for unknown reasons;
#2: The bank card has expired;
#3: payment blocked due to suspected fraud;
#4: not enough money to pay (the amount on the card is zero);
#5: not enough money to pay (the amount on the card is in the negative);
#6: not enough money to pay (the amount on the card is less than the cost);
#7: The card number is incorrect;
#8: The organization that issued the payment instrument is unavailable;
#9: The payment limit for this payment method or your store has been reached;
#10: transactions using this payment method are prohibited (for example, the card is blocked due to loss, the wallet is blocked due to hacking by fraudsters);
#11: You cannot pay with a bank card issued in this country;
#12: CVV2 code (CVC2, CID) is incorrect.
What to check after payment
After paying for the goods, do not forget about such cases to make sure that the user received a receipt, the goods were displayed on the screen, for example, “My purchases”:#1 : check the receipt that comes after payment;
#2: Make sure the product is displayed on the screen, for example, “My purchases”;
#3: check for email notifications (for example, about a successful purchase, receipt of a receipt);
#4: check prices (for example, a product was paid for at a discount, which means the final (paid) price is displayed on the receipt, on the “My purchases” screen);
#5: refund the money to the card from which the payment was made.
Summary
Testing payments is an important and very responsible task. Test payments with different cards. Many payment services provide the ability to use test cards to test different payment scenarios, for example:- PayPal .
