Sandbox: Difference between revisions

From Barion Documentation
Jump to navigation Jump to search
 
(20 intermediate revisions by 7 users not shown)
Line 1: Line 1:
__NOTOC__
__NOTOC__
{{PageTitle|title=Setting up the Sandbox environment and testing payments}}
{{PageTitle|title=Setting up the Sandbox environment and testing payments}}
{| style="margin-left:2em;" align="right"
| __TOC__
|}


=Sandbox server=
=Sandbox server=
Although Barion payments are super easy to integrate, we strongly advise all developers to use the sandbox server for development and testing, before going live.  
Although Barion payments are very easy to integrate, we strongly advise all developers to use our Sandbox server for development and testing before going live.  


There are many advantages of using the sandbox server for testing:
There are numerous advantages of using the sandbox server for testing:
*Sandbox is available 7/24/365, you can even start working at night or during weekends (many developers do just that, but please note that except for the Facebook group, [[Support|support]] is only available durig working hours)
*Sandbox is always available, you can even start working at night or during weekends. However, keep in mind that except for the Facebook group, [[Support|support]] is only available during working hours.
*Sandbox is totally self-service, no contract or NDA needed to use it
*Sandbox is totally self-service, no contract or NDA needed to use it
*No approvals required
*No transaction fees are spent during development and testing
*No transaction fees are spent during development and testing
*The two systems are completely separated, so the same e-mail address can be used in both systems (warning: easy to mix them up!)
*The live and the sandbox systems are completely separated, so you can use the same email address in both (careful, do not mix up the enviroments).


=Limitations in functionality=
=Limitations in functionality=
The sandbox server is a copy of the live Barion servers, with some minor differences:
The sandbox server is a copy of the live Barion servers, with some minor differences:


*From the developers perspective, the only difference is the URL
*From the developer perspective, the only difference is the URL
*No real money in the sandbox, all transactions are using "test" money that has no real value
*No real money in the sandbox, all transactions are using "test" money that has no real value
*Since the sandbox is not using real money, withdrawal to bank accounts is not possible  
*Since the sandbox is not using real money, withdrawal to bank accounts is not possible  
*Real bank cards do not work, we provide a test card
*Real bank cards do not work, we provide a test card
*Top-up is only possible with test card
*Top-up is only possible with a test card
*Shops are automatically approved
*The servers are of smaller capacity
*The servers are of smaller capacity
*Simple SSL certificates are used
*Simple SSL certificates are used
Line 28: Line 30:


=Registering accounts=
=Registering accounts=
Just as in the live server, a simple online form is needed to register a Barion account. Each merchant needs a Barion account, or Wallet, as we call it. Payments are credited onto this account, immediately after payment. Note: It is easy to mix up the live and sandbox accounts, so please always double check before calling support.  
Just as in the live server, a simple online form is needed to register a Barion account. Each merchant needs a Barion account, or Wallet, as we call it. Payments are credited to this account immediately after payment.  
'''Note''': Always double-check your environment before calling support.  


https://secure.test.barion.com/Registration
https://secure.test.barion.com/Registration
Line 35: Line 38:


=Opening a shop=
=Opening a shop=
Opening a shop in the sandbox is the same as opening one in the live server. The only difference is that the sandbox is wired to automatically approve all changes, while the live server requires a human compliance officer to approve the shop. Prepare for questions and some minor paperwork when switching from sandbox to live.
Opening a shop in the sandbox is the same as opening one in the live server. The only difference is that the sandbox is wired to automatically approve all changes, while the live server requires a human compliance officer to approve the shop.  
'''You still have to <u>send the shop for approval</u> using the shop creating/editing form or the link in the shop grid.'''
Also, prepare for questions and some minor paperwork when switching from sandbox to live.


=API URL=
=API URL=
The base URL for the Barion API is the same as the live, with the word "test" added.
The base URL for the Barion API is the same as the live one, with the word "test" added.


https://api.test.barion.com
https://api.test.barion.com


=HTTPS and Certificates=
=HTTPS and Certificates=
All communication with the Barion system must be done using TLS v1.1 / 1.2 - former encryption standards (SSLv3, TLS1.0 etc.) are not allowed. You can test your solution on the Sandbox server, where TLS 1.0 has already been disabled.
All communication with the Barion system must be done using TLS v1.2 / 1.3 - earlier encryption standards (SSLv3, TLS1.0, etc.) are not allowed. You can test your solution on the Sandbox server.
 
Our sandbox server is using more economical certificates, than the live server. Standard HTTPS certificate is used, instead of Extended Validation (EV), and a less well known brand has been chosen. This does not effect security and development, and applies only to the sandbox.


{{NotificationBox|title=IMPORTANT|text=TLS 1.0 has been disabled on the Sandbox, switch to TLS 1.1 / 1.2 now, otherwise your Barion implementation will not work!|color=#FF7A3D}}
Our sandbox server is using more economical certificates, than the live server. A standard HTTPS certificate is used, instead of Extended Validation (EV), and a less well-known brand has been chosen. This does not affect security and development, and applies only to the sandbox.
{{NotificationBox|title=WARNING|text=TLS 1.0 will be switched off on the 31st of July 2018 on the live servers, switch to TLS 1.1 / 1.2 now!|color=#FF0000}}


=Test cards=
=Test cards=


The sandbox server is connected to a card acquirer, so all transactions using the test card reach out to that server. This can cause a variation in card processing time. Please note, that if you make many payments to a merchant, the account can reach a balance where another level of KYC is required, and the account will be temporarily suspended. Suspended accounts can initiate payments, but can not send or withdraw money. Try to avoid this, or in case you don't, drop a mail to support.
The sandbox server is connected to a card acquirer, so all transactions using the test card reach out to that server. This can cause a variation in card processing time. If you make several payments to a merchant, the account can reach a balance where another level of KYC is required, and the account is temporarily suspended. Suspended accounts can initiate payments, but can not send or withdraw money. Drop a mail to support if run into this, or cannot avoid it.
<br>Each test card is represented with a different value in the response of <code>GetPaymentState</code> (see <code>FundingInformation</code> -> <code>ProcessResult</code>)


{{NotificationBox|title=UPDATE|text=From 28th November 2017, the following test cards are available and previous ones do not work.|color=#1993c7}}
[[file:Test-card2.png]]
 
<br>
'''CARD 1''' - payments with this card will always SUCCEED
'''CARD 1''' - SUCCEED - the card transaction was successful
*BIN: '''4444 8888 8888 5559'''
*BIN: '''4444 8888 8888 5559'''
*Expiration date: '''any future date'''
*Expiration date: '''any future date'''
*CVC: '''any 3-digit number'''
*CVC: '''any 3-digit number'''


[[file:Test-card2.png]]
GetPaymentState result: <code>Successful</code>


'''CARD 2''' - payments with this card will always FAIL
<br>
'''CARD 2''' - FAIL - the card transaction was unsuccessful: card number, CVC or/and expiry is wrong.
*BIN: '''4444 8888 8888 4446'''
*BIN: '''4444 8888 8888 4446'''
*Expiration date: '''any future date'''
*Expiration date: '''any future date'''
*CVC: '''any 3-digit number'''
*CVC: '''any 3-digit number'''
GetPaymentState result: <code>ProblemWithCard</code>
<br>
'''CARD 3''' - FAIL - the card transaction was unsuccessful due to insufficient funds
*BIN: '''4444 8888 8888 9999'''
*Expiration date: '''any future date'''
*CVC: '''any 3-digit number'''
GetPaymentState result: <code>LowFunds</code>
<br>
'''CARD 4''' - FAIL - the credit card has been reported lost or stolen
*BIN: '''4444 8888 8888 1111'''
*Expiration date: '''any future date'''
*CVC: '''any 3-digit number'''
GetPaymentState result: <code>LostOrStolenCard</code>
<br>
'''CARD 5''' - FAIL - the payment card was declined by the acquirer
*BIN: '''4444 8888 8888 3331'''
*Expiration date: '''any future date'''
*CVC: '''any 3-digit number'''
GetPaymentState result: <code>Declined</code>
<br>
'''CARD 6''' - FAIL - Due to potentially fraudulent transaction, the monitoring system declined the transaction
*BIN: '''4444 8888 8888 6664'''
*Expiration date: '''any future date'''
*CVC: '''any 3-digit number'''
GetPaymentState result: <code>FraudulentTransaction</code>
<br>
'''CARD 7''' - FAIL - the card transaction failed due to the card system
*BIN: '''4444 8888 8888 7779'''
*Expiration date: '''any future date'''
*CVC: '''any 3-digit number'''
GetPaymentState result: <code>CardSystemError</code>
<br>
'''CARD 8''' - FAIL - the payment card did not support SCA at the time of the transaction
*BIN: '''4444 8888 8888 0006'''
*Expiration date: '''any future date'''
*CVC: '''any 3-digit number'''
[[3DS_FAQ#What_is_a_soft_decline.3F|What is a soft decline?]]<br/>
'''If you are not sending an exemption the charge will succeed.'''<br/>
GetPaymentState result: <code>ScaSoftDeclined</code>


=Payment GUI=
=Payment GUI=
The payment GUI in the sandbox server is the same as in the live, with some exceptions:
The payment GUI in the sandbox server is the same as in the live environment, with the following exceptions:
*A black bar is present at the top, with a message saying "sandbox server"
*A black bar is present at the top, displaying the "sandbox server" message
*The Comodo Site Authority is missing, since the sandbox server uses a different SSL certificate
*The Comodo Site Authority is missing, since the sandbox server uses a different SSL certificate
*The URL has the word "test" in it
*The URL has the word "test" in it
*It only accpets the test card, no real cards can be used
*It only accepts test cards, no real cards can be used
*All payments are with "test" money, not real money
*All payments are with "test" money, not real money


Line 79: Line 136:




{{NotificationBox|title=IMPORTANT|text=Confirmation e-mails are actually sent out in the Sandbox environment as well, so DO NOT use any real e-mail address that does not belong to you. Please use your own personal or development e-mail address, or if you do not care about the e-mail itself, use the @example.com e-mail domain.
{{NotificationBox|title=IMPORTANT|text=Confirmation emails are actually sent out in the Sandbox environment as well, so DO NOT use any real email address that does not belong to you. Use your own personal or development email address, or if you do not care about the email itself, use the @example.com email domain.
|color=#1993c7}}
|color=#1993c7}}


=Using the Barion Web App in Sandbox mode=
=Using the Barion Web App in Sandbox mode=
You can log into the Barion Web App on the same URL, with the word "test" added. A black bar is shown on top of each screen to help differentiate from the live server.
You can log into the Barion Web App on the same URL, with the word "test" added. A black bar is shown on top of each screen to help differentiate it from the live server.
https://secure.test.barion.com/
https://secure.test.barion.com/


Line 89: Line 146:


= Using the Barion Mobile App in Sandbox mode =
= Using the Barion Mobile App in Sandbox mode =
You can also use the Barion Mobile App with the sandbox server by entering <tt>test#</tt> before the e-mail address when logging into the app. The title bar of the app turns green to help differentiate from live accounts. You can download the app from Google Play or from the App Store.
You can also use the Barion Mobile App with the sandbox server by entering <tt>test#</tt> before the email address when logging into the app. The title bar of the app turns green to help differentiate it from live accounts. You can download the app from Google Play or from the App Store.


<source lang="html4strict">
<source lang="html4strict">
</source>
</source>
=Limitations of the Barion Mobile App=
Current version of the Barion Mobile App supports HUF payments only. If you do not have an HUF currency set up in your wallet, the mobile app login will fail.

Latest revision as of 10:22, 19 October 2023

Setting up the Sandbox environment and testing payments

Sandbox server

Although Barion payments are very easy to integrate, we strongly advise all developers to use our Sandbox server for development and testing before going live.

There are numerous advantages of using the sandbox server for testing:

  • Sandbox is always available, you can even start working at night or during weekends. However, keep in mind that except for the Facebook group, support is only available during working hours.
  • Sandbox is totally self-service, no contract or NDA needed to use it
  • No transaction fees are spent during development and testing
  • The live and the sandbox systems are completely separated, so you can use the same email address in both (careful, do not mix up the enviroments).

Limitations in functionality

The sandbox server is a copy of the live Barion servers, with some minor differences:

  • From the developer perspective, the only difference is the URL
  • No real money in the sandbox, all transactions are using "test" money that has no real value
  • Since the sandbox is not using real money, withdrawal to bank accounts is not possible
  • Real bank cards do not work, we provide a test card
  • Top-up is only possible with a test card
  • The servers are of smaller capacity
  • Simple SSL certificates are used
  • Sandbox servers are updated regularly without notice (we are doing our best not to lose any data)

Registering accounts

Just as in the live server, a simple online form is needed to register a Barion account. Each merchant needs a Barion account, or Wallet, as we call it. Payments are credited to this account immediately after payment. Note: Always double-check your environment before calling support.

https://secure.test.barion.com/Registration

This URL is identical to https://test.barion.com/Registration, the word "secure" can be omitted.

Opening a shop

Opening a shop in the sandbox is the same as opening one in the live server. The only difference is that the sandbox is wired to automatically approve all changes, while the live server requires a human compliance officer to approve the shop. You still have to send the shop for approval using the shop creating/editing form or the link in the shop grid. Also, prepare for questions and some minor paperwork when switching from sandbox to live.

API URL

The base URL for the Barion API is the same as the live one, with the word "test" added.

https://api.test.barion.com

HTTPS and Certificates

All communication with the Barion system must be done using TLS v1.2 / 1.3 - earlier encryption standards (SSLv3, TLS1.0, etc.) are not allowed. You can test your solution on the Sandbox server.

Our sandbox server is using more economical certificates, than the live server. A standard HTTPS certificate is used, instead of Extended Validation (EV), and a less well-known brand has been chosen. This does not affect security and development, and applies only to the sandbox.

Test cards

The sandbox server is connected to a card acquirer, so all transactions using the test card reach out to that server. This can cause a variation in card processing time. If you make several payments to a merchant, the account can reach a balance where another level of KYC is required, and the account is temporarily suspended. Suspended accounts can initiate payments, but can not send or withdraw money. Drop a mail to support if run into this, or cannot avoid it.
Each test card is represented with a different value in the response of GetPaymentState (see FundingInformation -> ProcessResult)


CARD 1 - SUCCEED - the card transaction was successful

  • BIN: 4444 8888 8888 5559
  • Expiration date: any future date
  • CVC: any 3-digit number

GetPaymentState result: Successful


CARD 2 - FAIL - the card transaction was unsuccessful: card number, CVC or/and expiry is wrong.

  • BIN: 4444 8888 8888 4446
  • Expiration date: any future date
  • CVC: any 3-digit number

GetPaymentState result: ProblemWithCard


CARD 3 - FAIL - the card transaction was unsuccessful due to insufficient funds

  • BIN: 4444 8888 8888 9999
  • Expiration date: any future date
  • CVC: any 3-digit number

GetPaymentState result: LowFunds


CARD 4 - FAIL - the credit card has been reported lost or stolen

  • BIN: 4444 8888 8888 1111
  • Expiration date: any future date
  • CVC: any 3-digit number

GetPaymentState result: LostOrStolenCard


CARD 5 - FAIL - the payment card was declined by the acquirer

  • BIN: 4444 8888 8888 3331
  • Expiration date: any future date
  • CVC: any 3-digit number

GetPaymentState result: Declined


CARD 6 - FAIL - Due to potentially fraudulent transaction, the monitoring system declined the transaction

  • BIN: 4444 8888 8888 6664
  • Expiration date: any future date
  • CVC: any 3-digit number

GetPaymentState result: FraudulentTransaction


CARD 7 - FAIL - the card transaction failed due to the card system

  • BIN: 4444 8888 8888 7779
  • Expiration date: any future date
  • CVC: any 3-digit number

GetPaymentState result: CardSystemError


CARD 8 - FAIL - the payment card did not support SCA at the time of the transaction

  • BIN: 4444 8888 8888 0006
  • Expiration date: any future date
  • CVC: any 3-digit number

What is a soft decline?
If you are not sending an exemption the charge will succeed.

GetPaymentState result: ScaSoftDeclined

Payment GUI

The payment GUI in the sandbox server is the same as in the live environment, with the following exceptions:

  • A black bar is present at the top, displaying the "sandbox server" message
  • The Comodo Site Authority is missing, since the sandbox server uses a different SSL certificate
  • The URL has the word "test" in it
  • It only accepts test cards, no real cards can be used
  • All payments are with "test" money, not real money


IMPORTANT
Confirmation emails are actually sent out in the Sandbox environment as well, so DO NOT use any real email address that does not belong to you. Use your own personal or development email address, or if you do not care about the email itself, use the @example.com email domain.

Using the Barion Web App in Sandbox mode

You can log into the Barion Web App on the same URL, with the word "test" added. A black bar is shown on top of each screen to help differentiate it from the live server. https://secure.test.barion.com/

This URL is identical to https://test.barion.com/, the word "secure" can be omitted.

Using the Barion Mobile App in Sandbox mode

You can also use the Barion Mobile App with the sandbox server by entering test# before the email address when logging into the app. The title bar of the app turns green to help differentiate it from live accounts. You can download the app from Google Play or from the App Store.