Payment Gateway Testing & Sample Test Case

What is a payment gateway?

A Payment Gateway is assistance given by a web-based business application for online transactions. It accepts credit/debit card data to finish the transaction. Payment Gateway safely encodes sensitive data like card numbers, account holder names, CVV numbers, passwords, etc. They guarantee that the transaction happens most securely by encoding the information of the clients. They make the entire web-based shopping experience smooth and reduce the chances of online fraud.

Why Test Payment Gateway?

If we buy something from an offline market, generally cash or credit/debit cards are used during checkout to buy items by swiping the credit/debit cards through the machine. The point of sale testing determines whether the payment processing should be approved or not when it is done through credit/debit cards.?

Customers want a smooth transaction process. It will be beneficial for the customers if after clicking the payment option they instantly can know whether their payment is approved or declined so that it saves time.?

Types of Payment Gateway:

1. Hosted Payment Gateway (Self):

The customers are redirected away automatically from the checkout page of e-commerce websites by Hosted Payment Gateway. When the customer clicks on the payment button, the application diverts the customer to the payment service organization page. Here, on this page, the customer can provide complete details and when the payment is made, it will take the customer back to the site page. For this kind of payment, a dealer ID isn’t needed. A few models are PayPal Standard, Payza, 2Checkout, etc.

2. Shared Payment Gateway (Non-Hosted):

The customer is redirected to the payment page arranged inside the e-commerce websites. The customisation of checkout is quite easy from beginning to end. The dealers should follow all security means to keep up with the security and defend customers’ information, which is the only challenge in non-hosted Payment Gateways.

Types of Testing for Payment Gateway:

There are different ways of payment gateway testing:

1. Functional Testing: Functional testing is expected for more up-to-date, less settled payment gateways to guarantee that the application acts as it is instructed. This type of testing guarantees that the gateway is completely functional and all its elements are working properly. This helps to check that the application page and the gateway, both are acting in the right way. For more settled installment processors, this sort of testing may not be needed. For example, it handles orders, calculations, charges, and so on precisely how it should be.
2. Integration Testing: Integration testing is important while integrating with a payment gateway. As a tester, it is necessary to check that the integration of the online store is working properly with the mentioned payment gateways. As a tester checking the whole transaction stream is important:
3. Performance Testing: It is important to test the website for performance. If numerous clients are attempting to finish transactions simultaneously, the procedure of the payment mustn’t fail. While testing it is expected to increase the clients over a threshold level to take a look at the performance of the payment gateway.
4. Security Testing: Security testing should be done on any payment gateway in need to secure sensitive data. During a transaction, a client will give sensitive data like their credit card number, CVV number, and so forth It is vital to guarantee that all sensitive data is communicated after encryption and that the gateway is secure.

Checklist for Payment Gateway Testing:

• Build a sandbox of payment processors.
• Check for the application response after the transaction.
• Arrange demo credit/debit card numbers for testing.
• Check for the message that is displayed after a successful transaction.
• Check for the message that is displayed after an unsuccessful transaction.
• Check for the language and currency that is relevant to the location.
• Check for the error message in case the payment fails.
• Redirect to the webpage after finishing the successful transaction.
• Check that all the payment options are working properly (e.g. Netbanking, UPI, credit/debit card).
• Check for the order confirmation message in the mobile number/ email ID/ website after the successful transaction that the order has been placed.
• Check for the message that is displayed after the session expires.
• Check the payment process is using a secured channel (e.g Payment should be done on an HTTPS page rather than HTTP)
• Check what happens if the payment gateway stops responding in the middle of the transaction.
• Check for the entries of transactions in the database that the tester has the access to application database.
• Check for fraud avoidance and security settings.
• Check that the amount is not deducted multiple times while purchasing.
• Check that the refund amount should be the same as the transaction amount.
• Verify the pop-up blocker is working properly during payment.

Payment Gateways Test cases:

1. UI Test Cases:

1. Verify whether the input fields of the payment webpage are properly working or not.
2. Verify the Company name and the logo in the payment gateway portal.
3. Verify if the credit/debit card is concealed or not.
4. Verify that all methods of payments are properly working.
5. Check the payment colour and design match the specification.

. Functional Test Cases:

1. Verify if all the options of payment portable are accessible.
2. Verify that the debit/credit cards can automatically be accessed if added previously by the particular user.
3. Check that all mandatory fields are filled by the user before proceeding to the payment portal.
4. Check the currency according to the country.
5. Check if items are added before proceeding with payments.
6. Verify if the credit/debit cards used by the user for payment have not expired.
7. Verify the factor that accurate card number, accurate CVV, accurate holder name, and accurate date of expiry are provided by the user.
8. Verify that the user gets an acknowledgement slip after the transaction.
9. Check for session expiry.
10. Verify that if the payment is unsuccessful still the user is notified through mail.
11. Verify that multiple payments are not committed for the same item.
12. Check if a particular payment method of payment activates the correct payment gateway.
13. At the time of payment verify that the portal is redirecting to the user’s bank account.

1. If the payment stopped in midway the amount is not deducted.
2. Verify the pop-up blocker is working properly during payment.
3. Verify that the payment is not diverted to some other webpage.

3. Performance Test Cases:

1. If multiple users are accessing the payment portal ensure that the portal does not crash.
2. Verify the processor is acknowledging fast and correctly.
3. Verify the time taken for redirecting from the online cart web page to the payment webpage is fast.
4. Check if the portal is secured from SQL injections and brute force attacks.?
5. Check if after the session ends the payment is happening.

4. Security Test Cases:

1. Check if the information on credit/ debit cards is encrypted.
2. Verify the user is getting the OTP to the linked mobile number.
3. Verify that the payment portal is using a secured link i.e. HTTPS but not HTTP.
4. In case of a wrong OTP check, the payment is cancelled.
5. Check the session expires after a particular time.
6. In case of the wrong OTP, inform the person to input the correct one.
7. Verify the account holder’s name and the user purchasing the item are the same.
8. Verify that the deducted amount is correct as shown to the user.