Testing 3D Secure 2 authentication

Test 3D Secure 2 authentication with your integration and troubleshoot issues before it goes live.

Test your integration to make sure that you can handle 3D Secure 2 authentication scenarios.

When prompted for 3D Secure 2 text challenges:

  • For web and mobile browser integrations, use password: password.
  • For native mobile (app-based) integrations, use password: 1234.

If you want to test failed scenarios, use the wrong password (any value other than password provided) to fail the authentication challenge.

Test Cards

These cards are enrolled in 3D Secure.

Make test payments with the following cards to make sure your integration can handle 3D Secure 2 authentication scenarios.

Card TypeCard NumberExpiry DateSecurity Code (CVC/CVV/CID)
American Express3714 4963 5398 43103/20307373
Bancontact / Maestro6703 4444 4444 444903/2030Not applicable
Bancontact / Visa4871 0499 9999 991003/2030737
Cartes Bancaires / Visa Debit4035 5014 2814 630003/2030737
Cartes Bancaires4360 0000 0100 000503/2030737
China UnionPay (Credit)6250 9470 0000 001403/2030123
China UnionPay (Debit)6250 9460 0000 001603/2030123
Diners3056 9309 0259 0403/2030737
Discover6011 1111 1111 111703/2030737
Maestro5000 5500 0000 002903/2030Not applicable
Mastercard5454 5454 5454 545403/2030737
Mastercard Credit2222 4000 1000 000803/2030737
Visa4917 6100 0000 000003/2030737
Visa Classic4166 6766 6766 674603/2030737

Mobile app integration

On mobile, shoppers can get different types of 3D Secure 2 authentication challenges. Use the following payment details to make test payments and test specific scenarios.

When prompted for 3D Secure 2 text challenge for native mobile (app-based) integrations, use password: 1234. If you want to test failed scenarios, use the wrong password (any value other than 1234) to fail the authentication challenge.

Card TypeCard NumberExpiry DateSecurity Code (CVC/CVV/CID)Scenario
Mastercard5201 2855 6567 231103/2030737Basic text authentication
Mastercard5201 2874 9905 200803/2030737Basic single select
Mastercard5201 2815 9233 163303/2030737Basic multi select
Mastercard5201 2888 2269 697403/2030737Basic out-of-band (OOB) authentication
Mastercard5201 2895 0084 326803/2030737HTML out-of-band (OOB) authentication
Mastercard5201 2861 5377 146503/2030737App single select and text authentication

Use the following test cards to test scenarios returning ARes (Authentication Response) with different transStatus values:

  • Y: Authentication / account verification successful.
  • N: Not Authenticated / account not verified. Transaction denied.
  • A: Authentication / verification was attempted but could not be verified.
  • U: Authentication / account verification could not be performed.
  • R: Authentication / account verification rejected by the Issuer.
Card TypeCard NumberExpiry DateSecurity Code (CVC/CVV/CID)Scenario
Mastercard5201 2815 0512 973603/2030737Return ARes with transStatus=Y
Mastercard5201 2812 6243 526803/2030737Return ARes with transStatus=N
Mastercard5201 2850 9382 359203/2030737Return ARes with transStatus=A
Mastercard5201 2828 2836 635103/2030737Return ARes with transStatus=U
Mastercard5201 2864 9681 658903/2030737Return ARes with transStatus=R
Mastercard5201 2846 7071 753303/2030737Return ARes with transStatus=U and transStatusReason =06

Use the following test cards to test other advanced 3D Secure 2 scenarios.

Card TypeCard NumberExpiry DateSecurity Code (CVC/CVV/CID)Scenario
Mastercard5201 2829 9900 551503/2030737Timeout error
Mastercard5201 2886 9531 584303/2030737Connection failure error
Mastercard5201 2858 9491 280003/2030737Version number not supported error
Mastercard5201 2852 4062 461203/2030737Access denied error
Mastercard5201 2859 4986 516903/2030737MCC not valid error
Mastercard5201 2829 4084 971403/2030737Invalid endpoint error