Testing your Spreedly Sandbox SCA Provider
Sandbox Test Scenarios
Credit Cards
Card Number | CVV | Expiration | Type |
---|---|---|---|
5555555555554444 | 123 | 10/2029 | 3D Secure Enrolled Card |
Note: Flow scenarios are available for any test MasterCard starting with
555555
, but using the same card over and over will automatically switch your request to the challenge flow. To mitigate this, you can change the card number by changing the last two numbers and verifying it with a Luhn calculator.
Test Scenarios
Setting the amount of the transaction to a certain value will simulate certain authentication results.
For these test amounts, currency_code
should be set to EUR
.
Note: Currently in beta, not all potential flows can be tested. We are working to support testing of a broader variety of situations.
Amount in cents | Response Status | Flow | Description |
---|---|---|---|
4 | Y | Frictionless | Authentication/account verified |
9996 | A | Frictionless | ACS could not be reached, but Authentication/account verification performed by issuing bank |
9997 | U | Denied | Authentication/account verification could not be performed, transaction fails |
9998 | N | Denied | Not authenticated/account not verified, transaction fails |
9999 | R | Denied | Authentication/account verification rejected, transaction fails |
100000 | C | Challenge | Authentication requires Challenge by issuing bank, handled by Lifecycle |
Challenge Values
When presented with a challenge, entering the code 123456
will result in a successful authentication.
Note: Our 3DS2 solution partners are based in Spain, so the example ACS challenge page may be in Spanish. This will only occur in the sandbox; for real 3DS2 authentications, the acquiring bank’s page will be displayed instead.
Using the Merchant Management Endpoint
All fields shown below are required to create a Spreedly SCA Provider, with the exception of each card brand’s merchant_password
field.
The values given for a sandbox Spreedly API provider must have the correct formatting (i.e., a valid country code and merchant category code) but are not used in the authentication, so fake values are acceptable. Please see the values given in our Integration Guide to use as examples of working values.
curl https://core.spreedly.com/v1/sca/providers.json \
-u 'C7cRfNJGODKh4Iu5Ox3PToKjniY:4UIuWybmdythfNGPqAqyQnYha6s451ri0fYAo4p3drZUi7q2Jf4b7HKg8etDtoKJ' \
-H 'Content-Type: application/json' \
-d '{
"sca_provider": {
"merchant_profile_key": "4pJUW6X81w6OtOLi0dI3W6DD9sY",
"type": "test",
"sandbox": true,
"mastercard": {
"acquirer_bin": "4444444444",
"merchant_url": "https://spreedly.com",
"merchant_password": "optional"
},
"visa": {
"acquirer_bin": "4444444444",
"merchant_url": "https://spreedly.com",
"merchant_password": "optional",
"merchant_brand_id": "optional"
},
"amex": {
"acquirer_bin": "4444444444",
"merchant_url": "https://spreedly.com",
"merchant_password": "optional"
},
"discover": {
"acquirer_bin": "4444444444",
"merchant_url": "https://spreedly.com",
"merchant_password": "optional"
}
}
}'
curl https://core.spreedly.com/v1/sca/providers.xml \
-u 'C7cRfNJGODKh4Iu5Ox3PToKjniY:4UIuWybmdythfNGPqAqyQnYha6s451ri0fYAo4p3drZUi7q2Jf4b7HKg8etDtoKJ' \
-H 'Content-Type: application/xml' \
-d '<sca_provider>
<merchant_profile_key>4pJUW6X81w6OtOLi0dI3W6DD9sY</merchant_profile_key>
<type>spreedly</type>
<sandbox>true</sandbox>
<mastercard>
<acquirer_bin>4444444444</acquirer_bin>
<merchant_url>https://spreedly.com</merchant_url>
<merchant_password>optional</merchant_password>
</mastercard>
<visa>
<acquirer_bin>4444444444</acquirer_bin>
<merchant_url>https://spreedly.com</merchant_url>
<merchant_password>optional</merchant_password>
<merchant_brand_id>optional</merchant_brand_id>
</visa>
<amex>
<acquirer_bin>4444444444</acquirer_bin>
<merchant_url>https://spreedly.com</merchant_url>
<merchant_password>optional</merchant_password>
</amex>
<discover>
<acquirer_bin>4444444444</acquirer_bin>
<merchant_url>https://spreedly.com</merchant_url>
<merchant_password>optional</merchant_password>
</discover>
</sca_provider>'
Note: this creates a
sandbox
(i.e., test-only) SCA provider, which is useful for integration tests. For Production, create a new SCA Provider without using this flag.When creating a production Spreedly SCA Provider, there may be up to a one hour delay for the 3DS server to register merchant credentials with all of the card brands. While the SCA Provider key returned here will work immediately in our API, it may result in failures with our 3DS Server. Spreedly advises merchants to wait an hour after creating a production Spreedly SCA Provider before using it on gateway transactions.
FAQs
See a list of all 3DS frequently asked questions in the Help Center.