Card testing
Last updated: August 4th 2023, @ 3:10:00 am
Test your card integration in the sandbox environment by simulating:
- Successful payments for advanced checkout integrations using test card numbers.
- Card error scenarios by using rejection triggers.
- 3D Secure authentication scenarios.
- Recommended use cases for advanced checkout integration.
Tip: Use the credit card generator to generate test credit cards for sandbox testing.
Simulate successful payments
To simulate a successful card capture with advanced checkout integration in sandbox:
- Ensure the integration is in sandbox mode, with a sandbox client ID, and connected to
api-m.sandbox.paypal.com
endpoints. - Use a test card number with a future expiration date and a 3-digit CVV, or a 4-digit CVV for American Express.
Test static card numbers
Test card numbers
Test advanced checkout payments and saved payment method use cases with these test card numbers:
Tip: Enter a future expiration date and a 3-digit CVV, or 4-digit CVV for American Express, to proceed.
Test number | Card type |
---|---|
371449635398431 | American Express |
376680816376961 | American Express |
36259600000004 | Diners Club |
6304000000000000 | Maestro |
5063516945005047 | Maestro |
Test generated card numbers
Credit card generator
Generate additional credit cards for sandbox testing and Standard payments. You can add generated credit cards to a PayPal sandbox account or use them to test credit card payments.
Simulate card error scenarios
Enter a rejection trigger in the First Name or Name on Card to simulate credit card error scenarios in advanced checkout integrations.
Note: Test using a Visa card number, such as 4012 8888 8888 1881, with a future expiration date and any 3-digit CVV.
Rejection triggers
Rejection test simulations show a response_code
that changes based on the test trigger you use. Rejection trigger values are case-sensitive.
Note: All rejection scenarios return the AVS code as globally unavailable and the CVV code as not processed.
Test name | Trigger | Processor response code | Code description |
---|---|---|---|
Card refused | CCREJECT-REFUSED | 0500 | DO_NOT_HONOR |
Fraudulent card | CCREJECT-SF | 9500 | SUSPECTED_FRAUD. Try using another card. Do not retry the same card. |
Card expired | CCREJECT-EC | 5400 | EXPIRED_CARD |
Luhn Check fails | CCREJECT-IRC | 5180 | INVALID_OR_RESTRICTED_CARD. Try using another card. Do not retry the same card. |
Insufficient funds | CCREJECT-IF | 5120 | INSUFFICIENT_FUNDS |
Card lost, stolen | CCREJECT-LS | 9520 | LOST_OR_STOLEN. Try using another card. Do not retry the same card. |
Card not valid | CCREJECT-IA | 1330 | INVALID_ACCOUNT |
Card is declined | CCREJECT-BANK_ERROR | 5100 | GENERIC_DECLINE |
CVC check fails | CCREJECT-CVV_F | 00N7 | CVV2_FAILURE_POSSIBLE_RETRY_WITH_CVV |
Sample response
The response shows that the order is successfully created, but because a refusal was passed, the card payment status
is DECLINED
:
- Line 18 shows
status=DECLINED
. The card was refused. - Line 51 shows
avs_code=G
. The card is globally unavailable. - Line 52 shows
cvv_code=P
. The card wasn't processed. - Line 53 shows
response_code=5400
. The card is expired.
1{2 "id": "3M049991JF5624929",3 "status": "COMPLETED",4 "payment_source": {5 "card": {6 "last_digits": "6889",7 "brand": "VISA",8 "type": "CREDIT",9 },10 },11 "purchase_units": [12 {13 "reference_id": "default",14 "payments": {15 "captures": [16 {17 "id": "2FB04508RA686960W",18 "status": "DECLINED",19 "amount": {20 "currency_code": "USD",21 "value": "500.00",22 },23 "final_capture": true,24 "disbursement_mode": "INSTANT",25 "seller_protection": { "status": "NOT_ELIGIBLE" },26 "seller_receivable_breakdown": {27 "gross_amount": { "currency_code": "USD", "value": "500.00" },28 "paypal_fee": { "currency_code": "USD", "value": "13.44" },29 "net_amount": { "currency_code": "USD", "value": "486.56" },30 },31 "links": [32 {33 "href": "https://api-m.sandbox.paypal.com/v2/payments/captures/2FB04508RA686960W",34 "rel": "self",35 "method": "GET",36 },37 {38 "href": "https://api-m.sandbox.paypal.com/v2/payments/captures/2FB04508RA686960W/refund",39 "rel": "refund",40 "method": "POST",41 },42 {43 "href": "https://api-m.sandbox.paypal.com/v2/checkout/orders/3M049991JF5624929",44 "rel": "up",45 "method": "GET",46 },47 ],48 "create_time": "2022-08-09T22:20:05Z",49 "update_time": "2022-08-09T22:20:05Z",50 "processor_response": {51 "avs_code": "G",52 "cvv_code": "P",53 "response_code": "5400",54 },55 },56 ],57 },58 },59 ],60 "links": [61 {62 "href": "https://api-m.sandbox.paypal.com/v2/checkout/orders/3M049991JF5624929",63 "rel": "self",64 "method": "GET",65 },66 ],67}
Processor response and error codes
To understand why a card payment was declined, review the Orders v2 processor response object in the Orders API response.
For more information about card payment decline reasons and possible values, see:
- Card decline errors.
- Error responses for CVV and AVS.
- Processor response codes for non-PayPal payment processors.
Simulate 3D Secure card payments
Use 3D Secure to authenticate cardholders through card issuers. When your customer submits their card details on your website for processing, you can trigger 3D Secure. When triggered, customers are prompted by their card-issuing bank to complete an additional verification step to enter a one-time or static password, depending on the issuer's method.
For more information about including 3D Secure authentication in your payment flow, see:
- Learn more about 3D Secure for advanced checkout using the Orders API.
- Simulate 3D Secure-supported scenarios using 3D Secure test cards to verify your card integration.
Test integration
Test the recommended use cases for advanced checkout integration before you go live.
Accept payment
Test a successful card payment:
- Go to the checkout page for your integration.
- Choose a test card from this list.
- Enter the card details in the hosted field, including the name on the card, billing address, and 2-character country code. Then submit the order.
- Confirm that the order was processed.
- Log in to your merchant sandbox account and navigate to the activity page to ensure the payment amount shows up in the account.
Decline payment
Decline a test card payment from the checkout page:
- Go to the checkout page for your integration.
- Choose a test card from this list.
- Select a rejection trigger from this list and enter it in the card's name field.
- Enter the other card details in the card fields, including the card number, billing address, and a 2-character country code.
- Submit the order.
- Verify that the declined payment error message shows up.
Authorize payment
Test authorization and capture of a card payment:
- Make a create order call with intent as
AUTHORIZE
that includes apayment_source
object with a valid card number. - Authorize the order.
- Complete the authorized order using capture authorized payment call.
- Confirm that the capture status is
COMPLETED
in the authorization response.
See also
Test additional positive and 4xx
error conditions.
Use API request headers to trigger negative responses.
Explore error messages supported by the Orders API.