The tables below list test card numbers and customer information that can be submitted using your test site reference, along with the responses that should be expected in return.
If testing our Mobile SDK payment solution, you must use Cardinal Commerce test card details.
Do not use these test card numbers when processing transactions on your live site reference.
While testing, all card types are supported, but when using your live account, you may receive an error if a card type is not supported. Please contact our Support Team for further information.
Introduction
When testing, you can use the test card details provided below to simulate different 3DS authentication outcomes. Additionally, you can send different amount values on valid requests to affect the outcome of the response returned:
- 700.00 will return a declined response from the test bank.
- 600.10 will return a bank system error from the test bank.
- 10.50 is a safe value that will not return an error on valid requests, unless the card number sent is used to simulate an error response, as described below.
Remember that you need to set the expiry date to any valid date in the future, otherwise an invalid field error will be returned.
To pass the security code checks, please use the following values:
- "123" for DISCOVER, MASTERCARD and VISA cards.
- "1234" for AMEX.
You can find more info on our security code checks in this article.
EMV 3-D Secure Test Cases
You must perform a full suite of test payments using the EMV 3-D Secure test cases provided below, ensure your system handles each scenario correctly and that it displays the correct message to the customer:
When testing using the cards below, the enrolled value returned will always be "Y" unless specified otherwise.
3DS status field values "N" and "R" do not proceed to authorisation where the AUTH request is initiated using Payment Pages and/or JavaScript Library.
| (3DSv2) Test Case 1: Successful Frictionless 3-D Secure Authentication & Successful Authorisation. Successful frictionless authentication representing the cardholder being authenticated by their card issuer. |
||
| Card type | v2.2.0 | Handling the response |
| AMEX | 340000000004001 | THREEDQUERY Status: Y (Authentication successful) AUTH Error code: 0 – Ok |
| DISCOVER | 6573700000000009 | |
| MASTERCARD | 5591390000000504 | |
| VISA | 4900490000000501 | |
| (3DSv2) Test Case 2: Failed Frictionless 3-D Secure Authentication & Failed Authorisation. Authentication failed by card issuer without challenge. |
||
| Card type | v2.2.0 | Handling the response |
| AMEX | 340000000004019 |
THREEDQUERY |
| DISCOVER | 6599999900000313 | |
| MASTERCARD | 5591390000000520 | |
| VISA | 4900490000000519 | |
| (3DSv2) Test Case 3: Attempts Stand-In Frictionless 3-D Secure Authentication & Successful Authorisation. Cardholder is enrolled in 3-D Secure, however the card issuer is not supporting the program, resulting in a stand-in authentication experience. |
||
| Card type | v2.2.0 | Handling the response |
| AMEX | 340000000004027 | THREEDQUERY Status: A (Authentication attempted) AUTH Error code: 0 -Ok |
| DISCOVER | 6599999900000321 | |
| MASTERCARD | 5591390000000538 | |
| VISA | 4900490000000527 | |
| (3DSv2) Test Case 4: Unavailable Frictionless 3-D Secure Authentication from the Issuer & Successful Authorisation. Authentication is unavailable at the current time. |
||
| Card type | v2.2.0 | Handling the response |
| AMEX | 340000000004035 | THREEDQUERY Status: U (Authentication unavailable) AUTH Error code: 0 – Ok |
| DISCOVER | 6599999900000339 | |
| MASTERCARD | 5591390000000546 | |
| VISA | 4900490000000535 | |
| (3DSv2) Test Case 5: Rejected Frictionless 3-D Secure Authentication by the Issuer & Failed Authorisation. Rejected authentication by the card issuer not requiring a challenge. |
||
| Card type | v2.2.0 | Handling the response |
| AMEX | 340000000004043 | THREEDQUERY Status: R (Authentication rejected) AUTH |
| DISCOVER | 6599999900000347 | |
| MASTERCARD | 5591390000000553 | |
| VISA | 4900490000000543 | |
|
(3DSv2) Test Case 6a: Frictionless 3-D Secure Authentication Failed & Successful Authorisation. |
||
| Card type | v2.2.0 | Handling the response |
| AMEX | 340000000004050 |
THREEDQUERY |
| DISCOVER | 6599999900000354 | |
| MASTERCARD | 5591390000000611 | |
| VISA | 4900490000000626 | |
| (3DSv2) Test Case 6b: Successful Frictionless 3-D Secure Authentication After Retry & Successful Authorisation. Authentication successful after retry when DS timeout occurred in first call. |
||
| Card type | v2.2.0 | Handling the response |
| AMEX | 340000000004068 | THREEDQUERY Status: Y (Authentication successful) AUTH Error code: 0 - Ok |
| DISCOVER | 6599999900000461 | |
| MASTERCARD | 5591390000000587 | |
| VISA | 4900490000000576 | |
| (3DSv2) Test Case 9: Successful Step Up 3-D Secure Authentication & Successful Authorisation. Successful traditional step up (challenge) authentication transaction. |
||
| Card type | v2.2.0 | Handling the response |
| AMEX | 340000000004118 | THREEDQUERY Status: C (Authentication challenge) AUTH Error code: 0 – Ok |
| DISCOVER | 6599999900000396 | |
| MASTERCARD | 5591390000000645 | |
| VISA | 4900490000000667 | |
| (3DSv2) Test Case 10: Failed Step Up 3-D Secure Authentication & No Authorisation. Traditional step up (challenge) authentication transaction with failed cardholder challenge. |
||
| Card type | v2.2.0 | Handling the response |
| AMEX | 340000000004126 | THREEDQUERY Status: C (Authentication challenge) AUTH Not performed |
| DISCOVER | 6599999900000404 | |
| MASTERCARD | 5591390000000579 | |
| VISA | 4900490000000568 | |
| (3DSv2) Test Case 11: Error on Step-Up 3-D Secure Authentication & No Authorisation. A system error occurred while attempting to process the authentication request. |
||
| Card type | v2.2.0 | Handling the response |
| AMEX | 340000000004134 | THREEDQUERY Status: C (Authentication challenge) AUTH Not performed |
| DISCOVER | 6599999900000420 | |
| MASTERCARD | 5591390000000595 | |
| VISA | 4900490000000584 | |
| (3DSv2) Test Case 12: Successful Frictionless 3-D Secure Authentication & Successful Authorisation (with methodurl). Successful frictionless authentication representing the cardholder being authenticated by their card issuer (with methodurl). |
||
| Card type | v2.2.0 | Handling the response |
| AMEX | 340000000004159 | THREEDQUERY Status: Y (Authentication successful) AUTH Error code: 0 – Ok |
| DISCOVER | 6599999900000438 | |
| MASTERCARD | 5591390000000603 | |
| VISA | 4900490000000618 | |
| (3DSv2) Test Case 13: Successful Step Up 3-D Secure Authentication & Successful Authorisation (with methodurl). Successful traditional step up (challenge) authentication transaction (with methodurl). |
||
| Card type | v2.2.0 | Handling the response |
| AMEX | 340000000004167 | THREEDQUERY Status: C (Authentication challenge) AUTH Error code: 0 – Ok |
| DISCOVER | 6599999900000446 | |
| MASTERCARD | 5591390000000561 | |
| VISA | 4900490000000550 | |
|
(3DSv2) Test Case 14: Timeout on Step-Up 3-D Secure Authentication & Successful Authorisation (with methodurl). |
||
| Card type | v2.2.0 | Handling the response |
| AMEX | 340000000004175 | THREEDQUERY Status: C (Authentication challenge) AUTH Error code: 0 – Ok |
| DISCOVER | 6599999900000453 | |
| MASTERCARD | 5591390000000561 | |
| VISA | 4900490000000550 | |
Displaying the test ACS page
For Payment Pages:
With 3-D Secure enabled on your site reference, process a payment using one of the card numbers listed above and your browser will display an authentication prompt with instructions.
For JavaScript Library implementations:
After your payment form has been updated to reference our JavaScript library, process a payment using one of the card numbers listed above and your browser will display an authentication prompt with instructions.
For Mobile SDK implementations:
You must test Mobile SDK implementations using Cardinal Commerce test card details rather than those listed above.
The authentication prompt will only be displayed for non-frictionless test card details
Frictionless cards will bypass authentication. In this case, the payment will be processed immediately (without being prompted by the browser for information).
Follow the instructions displayed within the authentication prompt to complete the payment:
Testing AVS and security code checks
If you haven’t already, please read our AVS and Security code documentation before testing.
The following tables list test details that can be submitted to obtain different responses from the AVS and Security Code Checks. These details can be used with most major payment types.
Only the billing premise, billing postcode and security code field values dictate the outcome of the AVS and security code checks performed. As such, entering any details into the other address fields will not affect the outcome of these checks.
Premise
| Billing premise | Security response | Security response caption |
| No 789 | 2 | Matched |
| No 123 | 4 | Not Matched |
| No 333 | 1 | Not Checked |
| Leave blank | 0 | Not Given |
Postcode / ZIP code
| Billing postcode | Security response | Security response caption | |
| UK | US | ||
| TR45 6ST | 55555 | 2 | Matched |
| TR12 3ST | 12345 | 4 | Not Matched |
|
TR33 3ST
|
33333 | 1 | Not Checked |
| Leave blank | Leave blank | 0 | Not Given |
Security code
| Security code | AMEX security code | Security response | Security response |
| 123 | 1234 | 2 | Matched |
| 214 | 2144 | 4 | Not Matched |
| 333 | 3333 | 1 | Not Checked |
| Leave blank | Leave blank | 0 | Not Given |
