Forum Stats

  • 3,874,411 Users
  • 2,266,724 Discussions


Credit card password hack - Tricky testing with 3DS

694235 Member Posts: 16
edited Jun 4, 2009 7:25AM in QA/Testing
Right folks - Just wondering if anyone has a bright way of getting through 3DS for an ecom site. Basically I am trying to test deposit from a payment card, but good ol 3Dsecure from Visa kicks in and asks for a 3 digit combination from your password. Doh, problem is that it randomises what it asks for.
Ya I am pretty sure I can not automate this... but worth asking the forum.


  • IHodgetts
    IHodgetts Member Posts: 264
    Hmmmm? Should you really be automating that? Generally the banks don't like you testing their actual 'live' systems (even their test systems). Particularly if you're thinking of incorporating this into a performance test!

    1) Test against a 'stub' instead of the actual bank MPI (that way you will know the correct responses).
    2) Don't test 3DS at all (use a card that isn't registered for 3DS) presumably it's YOUR app you want to test, not the banks'?

    I suppose if OpenScript is based on Java, you could program a test to 'read'/interpret the question (but that's probably going a bit far?) It would be best to have a minimal length SecureCode (to minimise the number of permutations).
  • 694235
    694235 Member Posts: 16
    thanks Hodgetts,

    We are automating our main flows.
    As it is important to know that all our flows are working on live. That's why I was hoping to automate.

    Thanks for replying mate. I think I will leave this one to a manual test and automate a deposit test on QA bypassing 3Ds

  • Alex
    Alex Member Posts: 799

    I came across something similar not long ago, what i ended up doing (with OpenScript) was getting the number from the html page using a regex then using that number to get the correct character form the password (which was retrieved from a databank) using the java charAt(); method; e.g

    String firstChar = password.charAt(1);

    You can build the regex using the OpenScript UI


This discussion has been closed.