Payment Gateway

What is it?

Whenever we need to make a purchase or an in-app payment, that is when a payment gateway comes into picture.

It acts as an intermediary between the website/app and the payment processor, securely transmitting sensitive info and real money. Which is why payment gateway integration across applications is a standardized process.

Benefits of testing payment gateways

  1. Enhanced Security - Identify and mitigate security vulnerabilities.

  2. Improved User Experience - Ensure a smooth and hassle free checkout process.

  3. Reduced cart abandonment - Minimize payment failures which lead to users abandoning the purchase.

  4. Increased Revenue - A smooth gateway contributes to a significant revenue boost.

  5. Compliance with regulations - Ensure alignment to industry standards and regulations.

Types of payment gateways

  1. Hosted Payment Gateways - Redirect customers to the payment gateway’s website to complete the transaction.

  2. Self-Hosted Payment Gateway - Customers enter their payment details directly on the company’s website which also handles the transmission of data to the payment processor.

  3. API-Hosted Payment Gateway (Non-Hosted) - Integrate the payment gateway’s API directly into your website, allowing for a more customized and seamless checkout experience.

  4. Local Bank Gateways - Redirect customers to their bank’s website to complete the transaction. Common in specific regions or countries.

  5. Mobile payment gateways - Specifically designed for mobile payments, often leveraging tech like UPI payments.

  6. Direct Payment Gateways - Directly connect your business to the payment processor often requiring higher security standards and compliance and requirements.

Payment Gateway test case examples

  1. Successful Transaction - Verify that a standard payment is successfully completed with different payment methods like credit card, debit card, UPI etc.

  2. Declined Transaction - Scenario where a transaction has failed due to insufficient funds, incorrect card details, or other issues.

  3. Security Checks - Ensure that security features like CVV verification, 3D Secure, and fraud detection mechanisms are working correctly.

  4. Currency Conversion - Test the accuracy of currency conversion if you support multiple currencies.

  5. Refund Processing - Verify the refund process for successful and failed transactions.

  6. Error Handling - Test how the system handles errors during the payment process, like network interruptions, server timeouts, and invalid inputs.

  7. Integration Testing - Ensure payment gateway integrates well with the website’s back end system.

3D Secure

What is it?

It is a security protocol that is designed to provide an additional layer of security for online credit and debit card transactions. This protocol was created by Arcot Systems (now CA technologies) and was first used by Visa to provide improved security for internet payments.

Verified by Visa, MasterCard Secure Code, J/Secure, and American Express SafeKey are payment security services based on 3D secure.

How does it work?

the name 3D comes from the three-domain model used to provide the additional layer of secure authentication between the financial authentication and authorization process.

  1. Acquirer Domain - The bank and the merchant receiving the transaction payment.

  2. Issuer Domain - The bank issued the credit or debit card used for the transaction.

  3. Interoperability Domain - The infrastructure provided for the card that’s used to support the 3D secure protocol.

References

https://www.verifi.com/chargebacks-disputes-faq/what-is-3d-secure/

https://www.browserstack.com/guide/payment-gateway-testing

Updated on
POM
Test Analysis for a Banking application