Test your integration
When you sign up for a sandbox account, Airwallex applies a default configuration so you can start testing quickly. See Sandbox settings for what is enabled automatically and what still requires manual setup. Use the test cases and card numbers on this page to validate your integration in sandbox. When validation is complete, see Go live to switch to production.
Validate your integration in the sandbox environment
Run every required test case for your integration type, and any conditional test case that applies to your implementation. All required test cases should pass in sandbox, and your production code path should match the logic you validated in sandbox.
Before you begin
- Run the test cases for your integration type in the tabs below:
- Airwallex.js/Elements for Hosted Payment Page, Drop-in Element, Card Element, and Split Card Element.
- Native API for fully custom checkout built with the Payments API.
- For conditional controls (for example force/skip 3DS or skip risk), confirm the feature is enabled for your account before testing.
- Record evidence for each test case, including
payment_intent_id,payment_attempt_id(if available), relevant screenshots/recordings, and webhook delivery logs.
Test cases
Use the tables below to run required and conditional tests for your integration type. For additional card numbers and triggers, see the reference sections later on this page.
For each scenario, confirm all of the following:
- The shopper experience is correct, including any success, failure, or 3DS prompts.
- The API response or PaymentIntent status matches the expected outcome.
- The expected webhook is received and your endpoint returns HTTP 200 to Airwallex.
Run every Required test case below. Run Conditional test cases only when that capability applies to your integration.
| Test case | Required | How to test | What to verify |
|---|---|---|---|
| Payment success | Yes | Use card 4035501000000008 with any amount. | Shopper sees a success message and you receive payment_intent.succeeded. |
| Payment failure: 3DS authentication failed | Yes | Use card 4012000300000013. | Airwallex default failure message: "Your card issuer has declined the transaction. Please contact them or try a different payment method." Receive the expected failure webhook payment_attempt.authentication_failed. You can customize the shopper-facing failure message except for Hosted Payment Page. |
| Payment failure: Authorization failed (insufficient funds) | Yes | Use card 5307837360544518 with amount 80.51. For other issuer decline scenarios, use the cards and amounts in Test cards. | Airwallex default failure message: "This card doesn't have sufficient funds or credit. Please try a different card." Receive the expected failure webhook payment_attempt.authorization_failed. You can customize the shopper-facing failure message except for Hosted Payment Page. |
| Refund success | Yes | Refund a successful payment using Create a Refund API. | Refund API returns HTTP 200 with status RECEIVED, and you receive refund.accepted. |
| Refund failure: Refund creation failed | Yes | Create a refund with an amount greater than the original captured payment amount using Create a Refund API. | Refund creation fails with the expected API error response. You do not receive refund.accepted. |
| Refund failure: Refund does not meet Airwallex refund conditions | Yes | Attempt a refund against a payment that does not meet Airwallex refund conditions (for example, a payment that has already been fully refunded). | Refund is rejected with the expected error response or you receive refund.failed, depending on the scenario. |
| Risk data collection | Yes | Use card 4035501000000008 and send the required customer and billing data through your integration. | Payment succeeds and required risk-related fields are submitted with the payment. |
| Force 3DS | Conditional | Use card 4035501000000008 and trigger your force-3DS flow. Confirm this capability is enabled for your account before testing. | A mock 3DS window appears and the payment succeeds (payment_intent.succeeded webhook). |
| Skip 3DS | Conditional | Use card 4012000300000088 after approval to skip 3DS. Confirm this capability is enabled for your account before testing. | three_ds_action: SKIP_3DS appears in the Create a PaymentIntent response or webhook data. |
| Skip Airwallex risk | Conditional | Use card 4035501000000008 after approval to skip Airwallex risk processing. Confirm this capability is enabled for your account before testing. | skip_risk_processing: true appears in the Create a PaymentIntent response or webhook data. If you also use TRA exemption, set tra_applicable: true. |
| Site info collection | Conditional | Use card 4035501000000008 and include site_info in the payment request if you support multiple channels. Run one test without site_info and one with site_info. | site_info appears in the Create a PaymentIntent response metadata when sent. |
Run every Required test case below. Run Conditional test cases only when that capability applies to your integration.
| Test case | Required | How to test | What to verify |
|---|---|---|---|
| Payment success | Yes | Use card 4035501000000008 with any amount when confirming the PaymentIntent. | PaymentIntent status is SUCCEEDED and you receive payment_intent.succeeded. |
| Payment failure: Authorization failed (Do not Honor) | Yes | Use card 5307837360544518 or 2223000010181375 with amount 80.05 to trigger issuer response code 05. | PaymentIntent remains non-succeeded, you receive payment_attempt.authorization_failed, and the API response reflects an issuer decline. |
| Payment failure: Authorization failed (insufficient funds) | Yes | Use card 5307837360544518 with amount 80.51 to trigger issuer response code 51. | PaymentIntent remains non-succeeded, you receive payment_attempt.authorization_failed, and the API response reflects an issuer decline. |
| Payment failure: Authorization failed (Suspected fraud) | Yes | Use card 4012000300001003 with amount 80.59 to trigger issuer response code 59. For other issuer decline scenarios, use the cards and amounts in Test cards. | PaymentIntent remains non-succeeded, you receive payment_attempt.authorization_failed, and the API response reflects an issuer decline. |
| 3DS success | Yes | Use 4012000300000005 for frictionless flow, or 4012000300000088 with OTP 1234 for challenge flow. See 3DS authentication scenarios for additional trigger conditions. | Payment completes successfully, the 3DS flow is handled correctly, and you receive payment_intent.succeeded. |
| 3DS failure | Yes | Use card 4012000300000070. See 3DS authentication scenarios for additional failure triggers. | You receive payment_attempt.authentication_failed. If you retrieve the intent, the PaymentIntent returns to REQUIRES_PAYMENT_METHOD and the latest attempt is FAILED with authentication_failed. |
| Refund success | Yes | Refund a successful payment using Create a Refund API. | Refund API returns HTTP 200 with status RECEIVED, and you receive refund.accepted. |
| Refund failure: Refund creation failed | Yes | Create a refund with an amount greater than the original captured payment amount using Create a Refund API. | Refund creation fails with the expected API error response. You do not receive refund.accepted. |
| Refund failure: Refund does not meet Airwallex refund conditions | Yes | Attempt a refund against a payment that does not meet Airwallex refund conditions (for example, a payment that has already been fully refunded). | Refund is rejected with the expected error response or you receive refund.failed, depending on the scenario. |
| Risk data collection | Yes | Use card 4035501000000008 and send the required customer and billing data, plus device_id and ip_address. | Payment succeeds and required risk-related fields are submitted with the payment. |
| Force 3DS | Conditional | Use card 4035501000000008 and trigger your force-3DS flow. Confirm this capability is enabled for your account before testing. | three_ds_action: FORCE_3DS appears and the PaymentIntent moves to REQUIRES_CUSTOMER_ACTION. |
| Skip 3DS | Conditional | Use card 4012000300000088 after approval to skip 3DS. Confirm this capability is enabled for your account before testing. | three_ds_action: SKIP_3DS appears in the payment response or webhook data. |
| Skip Airwallex risk | Conditional | Use card 4035501000000008 after approval to skip Airwallex risk processing. Confirm this capability is enabled for your account before testing. | skip_risk_processing: true appears in the payment response data. If you also use TRA exemption, set tra_applicable: true. |
| Site info collection | Conditional | Use card 4035501000000008 and include site_info in the payment request if you support multiple channels. Run one test without site_info and one with site_info. | site_info appears in the payment response metadata when sent. |
| BIN lookup | Conditional | Call Retrieve BIN Info API using PAN 4309190045824, then run a second request with a clearly invalid or unsupported PAN format. | Valid lookup returns card metadata for supported PANs. Invalid or unsupported PANs return expected validation behavior, including invalid_pan where applicable. |
| CIT | Conditional | Run a subsequent customer-initiated payment with an existing Customer and verified PaymentConsent where next_trigger_by=customer. See Registered user checkout scenarios. | customer_id and payment_consent_id appear in the confirm response and the PaymentIntent succeeds. |
| MIT | Conditional | Run a subsequent merchant-initiated payment with an existing Customer and verified PaymentConsent where next_trigger_by=merchant. See Registered user checkout scenarios. | For successful MIT, sca_exemption: MIT appears and the PaymentIntent succeeds. For failed MIT, handle the decline without endlessly retrying the payment. |
Go live
After sandbox validation passes, set up your production account and switch your integration to live traffic.
- API keys: Generate production API keys and your client ID in the production Airwallex web app . Use separate production API keys for multi-region deployments.
- Account configuration: Contact your Airwallex Account Manager to replicate your sandbox account settings on your production account.
- Web app configuration: Configure risk settings and webhooks on the production web app. Follow the getting started with webhooks guide and review online payments webhook events.
- Integration: Update your integration to use the production API URL
https://api.airwallex.com/api/v1/. Replicate the transaction types you validated in sandbox using a real card and nominal amounts (for example, $1), including forced 3DS if your integration supports it. After synchronous payments, call Retrieve a PaymentIntent API and confirm the status matches the outcome. - Webhooks: Verify subscribed webhook events are received and your endpoint returns HTTP
200to Airwallex. - Reporting: If you download reports programmatically, use the production API URL. See transaction reports and settlement reports.
Test cards
These cards numbers will simulate payments with different response codes in your test environment.
Amounts following the format $8x.xx are generally used to trigger error cases. Airwallex does not recommend using those amounts when expecting a successful transaction. The CVC (or CVV) and the expiry year can be anything.
| PAN | Card Brand | Card Type | Issuer Country | Amount | Issuer Response Code | Issuer Response Description | Internal Error Code | Error Message |
|---|---|---|---|---|---|---|---|---|
| 4035 5010 0000 0008 | Visa | Debit | US | Any - This card will always make successful payments regardless of amounts | - | - | - | - |
| 4012 0003 0000 1003 | Visa | Credit | RU | 80.59 | 59 | Suspected fraud | issuer_declined | The issuer declined this transaction. |
| 4012 0003 0000 1003 | Visa | Credit | RU | 80.07 | 07 | Pick up Card | issuer_declined | The issuer declined this transaction. |
| 4646 4646 4646 4644 | Visa | Credit | US | Any | N/A | N/A | risk_declined | Declined by fraud risk engine |
| 2223 0000 4841 0010 | Mastercard | Credit | US | Any - This card will always make successful payments regardless of amounts | - | - | - | - |
| 5354 5631 3425 7854 | Mastercard | Debit | US | Any - This card will always make successful payments regardless of amounts | - | - | - | - |
| 2223 0000 1018 1375 | Mastercard | Debit | US | 80.05 | 05 | Do not Honor | issuer_declined | The issuer declined this transaction. |
| 5307 8373 6054 4518 | Mastercard | Credit | US | 80.05 | 05 | Do not Honor | issuer_declined | The issuer declined this transaction. |
| 2223 0000 1018 1375 | Mastercard | Debit | US | 80.14 | 14 | Invalid Card Number | issuer_declined | The issuer declined this transaction. |
| 5307 8373 6054 4518 | Mastercard | Credit | US | 80.14 | 14 | Invalid card number | issuer_declined | The issuer declined this transaction. |
| 2223 0000 1018 1375 | Mastercard | Debit | US | 80.51 | 51 | Insufficient Funds | issuer_declined | The issuer declined this transaction. |
| 5307 8373 6054 4518 | Mastercard | Credit | US | 80.51 | 51 | Insufficient Funds | issuer_declined | The issuer declined this transaction. |
| 3706 3680 3809 394 | American Express | Credit | US | Any - This card will always make successful payments regardless of amounts | - | - | - | - |
| 3703 5368 7686779 | American Express | Credit | US | 81.00 | 100 | Deny | issuer_declined | The card issuer declined this transaction. |
| 3569 5999 9909 7585 | JCB | Credit | TH | Any - This card will always make successful payments regardless of amounts | - | - | - | - |
| 6580 0700 0000 0008 | Discover | Credit | US | Any - This card will always make successful payments regardless of amounts | - | - | - | - |
| 36 0007 0000 0001 | Diners | Credit | US | Any - This card will always make successful payments regardless of amounts | - | - | - | - |
| 6250 9410 0652 8599 | UnionPay | Debit | PK | Any - This card will always make successful payments regardless of amounts | - | - | - | - |
| 6252 4701 4444 4939 | UnionPay | Credit | PK | Any - This card will always make successful payments regardless of amounts | - | - | - | - |
| 1111 1111 1111 1111 | Invalid | Any | N/A | Any | - | - | validation_error | The card number is invalid. |
Registered user checkout scenarios
Use the following test scenarios to verify your integration:
| Scenario | Card number |
|---|---|
| Initial CIT payment | Any test card |
| Subsequent CIT | Any test card already saved |
| Initial MIT payment | Any test card |
| Subsequent MIT | Any test card already saved on the customer for MIT payment |
| Initial MIT with 3DS due to SCA mandate | 5100013455636697 |
| Subsequent MIT with 3RI | 5100013455636697 |
| New MIT on payment method saved for CIT | Any test card already saved on the customer for CIT payment |
| CIT on payment method saved for MIT | Any test card already saved on the customer for an MIT payment |
3DS authentication scenarios
Use these test details to simulate various 3D Secure (3DS) authentication scenarios.
| Stage | Scenario | Trigger Condition | HTTP status code | Message |
|---|---|---|---|---|
| Payment Success | Frictionless mode success without device data collection | card: 4012000300000005 | 200 | |
| Payment Success | Challenge mode success without device data collection | card: 4012000300000062 (OTP input 1234) | 200 | |
| Payment Success | Frictionless mode success with device data collection | card: 4012000300000021 | 200 | |
| Payment Success | Challenge mode success with device data collection | card: 4012000300000088 (OTP input 1234) | 200 | |
| Payment Fail (authentication failed) at 3DS | Frictionless mode (NOT ENROLLED), fail at confirm API call | card: 4012000300000013 | 400 | { "code": "authentication_declined", "message": "User failed 3DS authentication." } |
| Payment Fail (authentication failed) at 3DS | Frictionless Mode (NOT ENROLLED), fail at confirm API call | card: 4012000300000047 | 400 | { "code": "no_3ds_liability_shift", "message": "Declined due to no 3DS liability shift." } |
| Payment Fail (authentication failed) at 3DS | Challenge mode, fail at the second confirm_continue (after user input OTP code) | card: 4012000300000070 | 400 | {"code": "authentication_declined", "message": "User failed 3DS authentication." } |
| Payment Fail (authorization failed) at authorization | Frictionless mode (NOT ENROLLED), fail at confirm API call | card: 4012000300000039 amount: 88.88 | 400 | { "code": "authentication_declined", "message": "User failed 3DS authentication." } |
| Payment Fail (authentication failed) at 3DS | Challenge mode, fail at the second confirm_continue (after user input OTP code) | card: 4012000300000070 amount: 88.88 | 400 | {"code": "authentication_declined", "message": "User failed 3DS authentication." } |
| Payment Fail (authentication failed) at 3DS | Challenge Mode, fail at the second confirm_continue (after user input OTP code) | card: 4012000300000104 amount: 88.88 | 400 | { "code": "no_3ds_liability_shift", "message": "Declined due to no 3DS liability shift." } |
| Payment Fail rejected at 3DS | Fail at confirm API call, rejected by 3ds | card: 5582464537874128 (Mastercard anonymous card) | 400 | { "code": "3ds_not_supported", "message": "3DS is required but not supported by this card." } |
| Payment Fail rejected at 3DS | Fail at confirm API call, rejected by 3ds | create intent with force3ds parameter. card: 4012000300000138 (Visa anonymous card) | 400 | { "code": "3ds_not_supported", "message": "3DS is required but not supported by this card." } |
Apple Pay payment scenarios
Airwallex enables you to test your Apple Pay integration on web/mobile using a real card and demo API keys. Airwallex will recognize that you are in demo environment and will return a successful test card token for you to test the end-to-end Apple Pay process.
Apple Pay transaction processing involves various steps as detailed in the Apple Pay guide. Follow the instructions below to simulate various errors in those processing steps.
You can use your own cards in your wallet along with the trigger condition mentioned in the table to simulate the exact scenario. Note that your card will be mapped to following cards according to their card brand:
- Visa: 4035501000000008
- Mastercard: 5354563134257854
- UnionPay: 6252470144444939
- JCB: 3569599999097585
- American Express: 370636803809394
| Scenario | Environment | Trigger Condition | Error code | Error message | Error stage |
|---|---|---|---|---|---|
| Transaction success | iOS & Web | Any card number and amount combination apart from special conditions mentioned below | N/A | N/A | After Confirm PaymentIntent API |
| Transaction declined by issuer | iOS & Web | Transaction amount : 80.51 | issuer_declined | The card issuer declined this transaction. Please refer to the original response code. | After Confirm PaymentIntent API |
| Domain not registered | Web | Use an unregistered domain to collect Apple Pay payment | validation_error | The transaction failed because you have not registered your web domain or iOS certificate for Apple Pay | After Start Session API(see step 2) |
| Incorrect merchant certificate | iOS | Use a different payment processing certificate from the certificate already uploaded to Airwallex | configuration_error | Invalid request against merchant configuration. Please contact your Account Manager. | After Confirm PaymentIntent API |
| Transaction blocked by the Airwallex risk system | iOS & Web | Transaction currency: AUD; Amount: 20.41 | risk_declined | The transaction is blocked because of risk concern. | After Confirm PaymentIntent API |
Testing is not possible if your country doesn't support Apple Pay, please see this list for supported countries. Apple Pay on the web only works on Safari web browsers, both desktop and mobile. Airwallex does not support Apple Pay's sandbox environment.
Google Pay payment scenarios
Airwallex enables you to test your Google Pay integration on web/mobile using a real card and demo API keys. For more information, see Google Pay's test environment setup for web or for Android . Payments made using real cards on demo environment will not be charged.
Google Pay transaction processing involves various steps as detailed in the Google Pay guide. Follow the instructions below to simulate various errors in those processing steps.
You can use your own cards in your wallet along with the trigger condition mentioned in the table to simulate the exact scenario. Note that your card will be mapped to following cards according to their card brand:
- Visa: 4035501000000008
- Mastercard: 5354563134257854
- JCB: 3569599999097585
- American Express: 370636803809394
| Scenario | Environment | Trigger Condition | Error code | Error message | Error stage |
|---|---|---|---|---|---|
| Transaction success | Mobile & Web | Any card number and amount combination apart from special conditions mentioned below | N/A | N/A | After Confirm PaymentIntent API |
| Transaction declined by issuer | Mobile & Web | Transaction amount: 80.51 | issuer_declined | The card issuer declined this transaction. Please refer to the original response code. | After Confirm PaymentIntent API |
| Incorrect payment token encryption | Mobile & Web | Provide wrong encrypted_payment_token in Confirm PaymentIntent API request. | validation_error | Invalid Google Pay token | After Confirm PaymentIntent API |
| Authentication declined in frictionless mode | Mobile & Web | Transaction currency: AUD; Amount: 20.42 | authentication_declined | N/A | After Confirm PaymentIntent API and 3DS processing |
| Authentication declined in challenge mode | Mobile & Web | Transaction currency: AUD; Amount: 20.43 | authentication_declined | N/A | After Confirm PaymentIntent API and 3DS processing |
| Transaction blocked by Airwallex risk system | Mobile & Web | Transaction currency: AUD; Amount: 20.41 | risk_declined | The transaction is blocked because of risk concern. | After Confirm PaymentIntent API |
Google Pay supports different processing modes: PAN_ONLY (when the card is saved on google account like Youtube or similar products) and CRYPTOGRAM_3DS (when the card is saved on the Android device wallet with 3DS cryptogram). You can switch between your Google account and the Android wallet to simulate the processing modes mentioned above. Google Pay PAN_ONLY mode can be tested together with Airwallex internal 3DS. When 3DS is triggered for your Google Pay test transaction, it will go through successfully under challenge mode. UnionPay cards are not supported on Google Pay.
AVS scenarios
Use these test details to simulate various AVS (Address Verification Service) results. See AVS codes for a full list of response codes that you might receive when AVS is performed.
| PAN | Amount | AVS Code |
|---|---|---|
| 2223000010181375 | 20.23 | Y |
| 5185540000000019 | 99.99 | N |
| 2223000010181375 | 20.20 | U |
Suggested shopper-facing messages for payment failures
When a payment fails, the issuing bank returns a failure code to Airwallex according to the card scheme. Airwallex passes that code to you in the payment response or webhook. Each code indicates why the payment failed—for example, 51 means insufficient funds. Map these codes to clear shopper-facing messages and suggest next steps (such as trying another card), which improves the payment experience and can help increase successful order rates.
The table below lists Airwallex's suggested shopper-facing messages for common payment failures. You can customize these messages in your integration, except on Hosted Payment Page.
| code | message | provider_original_response_code | Reason | Suggested prompt statement to shopper |
|---|---|---|---|---|
| validation_error | invalid pan | N/A | The card used by shopper is not in Airwallex card bin base | Invalid card number/account, please check all information entered and try again. |
| card_brand_not_supported | The card brand xxx is not supported. | N/A | This card brand is not yet configured on Airwallex account | Invalid card number/account, please check all information entered and try again. |
| risk_declined | The transaction is blocked because of risk concern. | N/A | Airwallex risk declined | Payment failed. Please try with another card or another payment method. |
| authentication_decline | The user failed authentication. | N/A | 3DS authentication failed | Transaction authentication failed, please review payment information and try again or select a different payment method. |
| issuer_declined | The card issuer declined this transaction. Please refer to the original response code. | 12 or 06 | Unknown issue/no response | Unable to confirm the card information. Please try again using another card or payment method. If this error persists, please provide error screenshots & order number and we will do further checking. |
| issuer_declined | The card issuer declined this transaction. Please refer to the original response code. | 61 or 51 | Insufficient fund/over credit limit | Insufficient funds/over credit limit, please use other cards or other methods and try again. |
| issuer_declined | The card issuer declined this transaction. Please refer to the original response code. | 82 | CVV security code input by shopper is not correct | The CVC/CVC2 (security code) was invalid, please check and try again. |
| issuer_declined | The card issuer declined this transaction. Please refer to the original response code. | 54 | Card expired | Card was expired or the expiry date you input is incorrect. Please check or try with another card. |
| issuer_declined | The card issuer declined this transaction. Please refer to the original response code. | 63, 93, 05 or 57 | Some general codes used by issuing bank | The card issuer refused this transaction. Please try another card or use another payment method. For further confirmation, please contact the issuer bank. |
| issuer_declined | The card issuer declined this transaction. Please refer to the original response code. | 15 or 14 | Invalid card number | Invalid card number/account, please check all information entered and try again. |
| issuer_declined | The card issuer declined this transaction. Please refer to the original response code. | 91 | Error | A temporary error occurred during the authorization process. Please try again. If this error persists, please contact the issuer bank. |
| issuer_declined | The card issuer declined this transaction. Please refer to the original response code. | 41 or 07 | Fraud/restricted card | The issuing bank has declined the transaction as the credit card has some restrictions. Please use other cards or other methods and try again. For further confirmation, please contact issuing bank. |
| issuer_declined | The card issuer declined this transaction. Please refer to the original response code. | 59 | Suspected fraud | Unable to confirm the card information. Please try again using another card or payment method. For further assistance, please contact issuing bank. |
| issuer_declined | The card issuer declined this transaction. Please refer to the original response code. | 79 | — | Unable to confirm the card information. Please use other cards or other methods to try again. |
| issuer_declined | The card issuer declined this transaction. Please refer to the original response code. | 78 | Card is not active | The card is not active, please activate it and try again later. |
| issuer_declined | The card issuer declined this transaction. Please refer to the original response code. | 13 | Invalid amount | Unable to process payment. Please review your payment information and try again or select a different payment method. |
See also
Was this page helpful?