The purpose of this test is to see when (and if) new authentication methods are triggered. The new authentication standards (PSD2 and 3DS) for Credit and Debit card purchases are currently being rolled out across Europe. However, authentication is triggered due to different reasons. We want to see if this is done in the correct manner and if the authentication triggers work by making purchases through different scenarios.
Which authentication methods can you expect?
It is unknown until you make the purchase which authentication will happen. There are several authentication methods used by different banks and eCommerce shops such as:
- Biometric: fingerprint, face recognition
- Bank mobile app: need to connect to bank mobile app to validate payment
- Bank Authentication mobile app: need to connect to a specific app outside of standard bank mobile app to validate payment
- SMS OTP: code sent to mobile via SMS
- Static Password: pre-defined password, password built of a specific character to take out of a pre-defined list of characters
- Dynamic Password: Code dynamically generated and unique for the transaction
Your Participation
Officially the test will start in August 2019, however, the banks that will be participating will be tested in batches. The majority of the work will be completed before the end of this year
.
With your credit/debit card, you will have to execute different test cases at different eCommerce shops/merchant. There will be a max of 49 purchases that you will have to perform. As part of the testing, we will want to see your documentation of the various steps and processes related to the card and potential authentications.
Test Cases and Duration
Once your bank is ready to test you will have to perform each test case multiple times (at different merchants). Each test will reflect one of the Test Case scenarios outlined below. You will have 1 week to complete all 49 purchases (this week could be anywhere starting in August until December 2019). There are also some special test cases that might need to be performed but you will recieve a seperate invitation for this if you would want to earn some extra.
Test Case 1:
For certain eCommerce Merchants communicated to you:
- You will be asked to perform 4 to 6 consecutive payments. Either on your desktop and/or on your mobile phone
- Each payment should be between €20 and €25
- Use Bug Report Forms to document each individual payment
- Screenshot documentation of:
- The purchase process
- Merchant communication of accepted payment methods
- Merchant communication of any authentication required
- Purchase details: time, date, eCommerce shops/merchants, credit/debit card details, the authentication method used.
- Translation of important information shown in each step into English.
- You will need to cancel each purchase yourself.
Test Case 2:
For certain eCommerce Merchants communicated to you:
- You will be asked to perform a payment either on your desktop and/or on your mobile phone
- Each payment should be above €550
- Use Bug Report Forms to document each individual payment
- Screenshot documentation of:
- The purchase process
- Merchant communication of accepted payment methods
- Merchant communication of any authentication required
- Purchase details: time, date, eCommerce shops/merchants, credit/debit card details, the authentication method used.
- Translation of important information shown in each step into English.
- You will need to cancel each purchase yourself.
Test Case 3:
For certain eCommerce Merchants communicated to you:
- You will be asked to register your Card for a Card on File test.
- Perform payments at merchants either on your desktop and/or on your mobile phone
- Each payment should be between €0 and €30
- Use Bug Report Forms to document each individual payment
- Screenshot documentation of:
- The purchase process
- Merchant communication of accepted payment methods
- Merchant communication of any authentication required
- Purchase details: time, date, eCommerce shops/merchants, credit/debit card details, the authentication method used.
- Translation of important information shown in each step into English.
- You will need to cancel each purchase yourself.
Test Case 4:
For certain eCommerce Merchants communicated to you:
- You will be asked to perform payments.
- The payment should be between €30 and €50
- Use Bug Report Forms to document each individual payment
- Screenshot documentation of:
- The purchase process
- Merchant communication of accepted payment methods
- Merchant communication of any authentication required
- Purchase details: time, date, eCommerce shops/merchants, credit/debit card details, the authentication method used.
- Translation of important information shown in each step into English.
- You will need to cancel the purchase yourself.
RomCard Testing:
On a designated secure test environment you will need to:
- You will be asked to perform 9 payments similar to the test cases above.
- The payments will be between €25 and €40
- Use Bug Report Forms to document each individual payment
- Screenshot documentation of:
- The purchase process
- Merchant communication of accepted payment methods
- Merchant communication of any authentication required
- Purchase details: time, date, eCommerce shops/merchants, credit/debit card details, the authentication method used.
- Translation of important information shown in each step into English.
- Although this will be performed in a test environment you will still need to cancel the purchase yourself.