Publication Date: April 2023
Testing and certification are an important and integral part of any new technology deployment, and EMV® contact and contactless deployments are no different. EMV offers end users a great deal of flexibility and options. At the same time, the EMV contactless kernels provided by the global payment networks have some fundamental differences, which makes EMV testing and certification more challenging than that of traditional magnetic stripe readers (MSRs).
Currently there are two types of testing:
- EMV certification required by the payment networks, which focuses mainly on the proper use of cryptograms and transaction processing. While EMV certification test plans do cover the foundation for proper acceptance at the Point of Sale (POS) and subsequent processing, EMV test plans do not cover all aspects of transaction processing.
- User Acceptance Testing (UAT), which takes a certified solution and implements it in a merchant environment. UAT focuses on additional aspects of transaction processing that are not tested through the EMV certification process. For example, Store & Forward, tip, and incremental transactions are not subject to EMV L3 certification, may require further attention and testing to avoid issues in production and may be part of UAT.
This white paper from the U.S. Payments Forum is intended to provide guidance for UAT with the purpose of reducing production issues or avoiding unnecessary acceptance issues after the deployment of POS Solutions. As such, the white paper addresses all UAT stakeholders, including acquirers/processors, developers, EMV test card vendors, host providers/test simulators, independent software vendors (ISVs)/value-added resellers (VARs), merchants, and 3rd party test vendors.
The objective of this white paper is not to create test script(s) but rather to suggest transaction scenarios that may assist in UAT of newly implemented certified solutions, ensuring that the POS operates as expected in the production environment. The paper includes:
- A suggested list of preliminary questions and guidelines to help understand the alignment between the POS solution features and functions and the merchant environment, as well as explore what to test
- Suggested general UAT considerations that are best utilized when reviewed before, during, and after testing with applicable test stakeholders, covering solution setup, handling of changes, UAT script development, testing Certificate Authority Public Key (CAPK) update processes and options for POS solution rollout
- A review of 20 transaction types commonly encountered in the payments industry, covering how they work, their unique characteristics, whether they are included in EVM L3 testing, their impact on UAT, issues to watch for and the interaction between the merchant, processor and solution functionality
- Additional industry-specific considerations and scenarios that have arisen as issues once in production, including healthcare, specialty card programs, petroleum and transit/transportation
The U.S. Payment Forum’s Testing and Certification working committee collaborated to develop this white paper. While the transaction scenarios, tips and cautions provided are by no means comprehensive, the white paper serves to outline the most common pitfalls and issues gathered over five years of EMV implementation experience in the U.S. Although this document cannot be considered a substitute for a robust and comprehensive L3 test plan, it presents a context of considerations for UAT nuances and can ease the way to smoother and faster deployments.
All stakeholders interested in User Acceptance Testing and ensuring correct processing of payment transactions in all scenarios are strongly encouraged to consult with the relevant industry stakeholders, including but not limited to processors, acquirers and payment brands, as well as their own professional and legal advisors.
To download the full white paper, please fill out the form below:
If you are a member, the white paper can be download on the members only page here: https://protected.uspaymentsforum.org/point-of-sale-user-acceptance-testing-uat-considerations/
Please note: The information and materials available on this web page (“Information”) is provided solely for convenience and does not constitute legal or technical advice. All representations or warranties, express or implied, are expressly disclaimed, including without limitation, implied warranties of merchantability or fitness for a particular purpose and all warranties regarding accuracy, completeness, adequacy, results, title and non-infringement. All Information is limited to the scenarios, stakeholders and other matters specified, and should be considered in light of applicable laws, regulations, industry rules and requirements, facts, circumstances and other relevant factors. None of the Information should be interpreted or construed to require or promote the establishment of any solution, practice, configuration, rule, requirement or specification inconsistent with applicable legal requirements, any of which requirements may change over time. The U.S. Payments Forum assumes no responsibility to support, maintain or update the Information, regardless of any such change. Use of or reliance on the Information is at the user’s sole risk, and users are strongly encouraged to consult with their respective payment networks, acquirers, processors, vendors and appropriately qualified technical and legal experts prior to all implementation decisions.