< Back to Case Studies

No code API testing to implement Secure Remote Commerce (SRC) – Click2Pay

download this case study
download-icon

In 2019, EMVCo introduced Secure Remote Commerce specifications to secure eCommerce transactions. All the global payment schemes are a part of this initiative and have started to roll out their solutions.

Our customer, one of the world's largest payment schemes, launched their SRC solution, Click2Pay, about a year ago.

The customer's SRC rollout - overview

Payhuddle worked with the payment scheme to help them roll out the SRC solution by testing compliance with EMVCo specifications and proprietary requirements of the scheme.

EMVCo provides open specifications, whereas the payment scheme defines the optional and conditional scope of the specifications.

When the scheme began its SRC implementation, it focused on product development and end-to-end testing, not Type Approval. Some of the challenges they had were:

  1. The specifications were new, and their interpretations varied among stakeholders.
  2. There were no customer-specific requirements.
  3. They had a lightweight reference app to initiate transactions and manually check their logs.
  4. The development team used test cases with different objectives and coverage.
  5. The scheme specifications went through various versions starting with v0.32 and running up to v0.47 during the project. It had several cascading impacts on the implementation, and the scope was revised multiple times per the versions of the specifications.

Objective

Develop the test plan and platform to validate the merchant SDK against EMVCo and the scheme specifications.

The expected output was a single test report that would provide confidence to comply with specifications.

PayHuddle solution

PayHuddle customized its No Code API test platform, Stratos, to automate testing and validate merchant SDK against EMVCo and scheme specifications. Some of the activities that we did as a part of our solution include:

  • We wrote all the test cases that ensure compliance with EMVCo specifications and scheme requirements.
  • The scheme's certification team can use Stratos to certify the SDK before being given to the merchants.
  • Stratos was used to perform format validation, data validation, and function flow validation of the APIs.
  • We built a responsive, independent reference app with extensive configuration capabilities and flexible log searching across different browsers. The reference app simulated the SRCi. It can be independently used and integrated with the test platform Stratos.
  • The reference app initiates transactions and simulates test scenarios – positive, negative, and test data configurations.

The reference app is currently available as a web application, but our reference app can also be used on mobile with minimal changes to it.

Benefits

  • Automated testing with robust validation. It can crash the testing time from 1.5 days to 1.5 hours.
  • Flexible design to accommodate new modules and improvisations.
  • Confidence in ensuring solution compliance to EMVCo and scheme specifications.
  • Debugging before testing through independent reference applications for other teams inside and their development partners.
  • Removed manual debugging and qualification effort.
  • Faster onboarding of merchants.

Additional Features

While the solution has rolled out into the market, we are carrying out the following improvements:

  • Displaying reference app, logs, and linked test case results on a single screen. This is partially done and can be enhanced
  •  Issuer SDK implementation
  •  Import additional test scripts with support for machine-readable test scripts
  •  Response validation
  •  Back-end testing
  • Leverage the platform for performance testing and security testing needs
  • Include more functionalities in the reference app
  • 3rd party onboarding and certification
  • 3rd party SRCi to test and leverage the system
  • Comprehensive reporting
  • Improved UI/UX

What did we do right?

We ensured futuristic design thinking in customizing our No Code API test platform, Stratos. This comes integrated with the reference application and test cases. All the testing activities are entirely automated and robust.

As the specifications were relatively new, and very few rollouts had happened, it was challenging for both the scheme and us. We worked closely with the scheme's product owner to ensure that the SRC solution is rolled with confidence in compliance with EMVCo and their specifications.

Note: We have not mentioned our client's name in this case study for confidentiality reasons. However, if there is a need as a part of the evaluation process, we can introduce you to the client.

Contact Us

Want to know more?

Just fill some information and you will hear from us within the next few hours, and we will get you started

customer-support-cartoon

We are here to help!

We will not spam you with thousands of emails or calls.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Phone:
+91 80 43943434
Email:
info@payhuddle.com

Regd. Office Address

427/ 14, First and Second Floor,
9th Main, 5th Block,
Jayanagar,
Bangalore - 560041.

google-maps-iconLocate us on Google Maps
Payment Schemes
Payment Schemes
Products
Tecto®TropoLithos®Stratos®MantleRigel®Merchant Test CardsTSEC Editor®
Solutions
Acquirers / ProcessorsIssuersTerminal VendorsMobile Payment Apps
Services
DPAS E2E CertificationDiscover ConsultingVisa CVESOutsourced Product DevelopmentTest Tool DevelopmentConsulting
Resources
blogCase StudiesVideosNewsEbooks
Contact Us
Subscribe to our newsletter
© 2024 PayHuddle Solutions Pvt. Ltd.
Terms of Use
Privacy Policy