Skip to main content
This guide covers critical requirements and verification steps before going live with GEFT.

Critical Testing Requirements

Important: For every connection and funding flow, the session information used to initiate the journey must match the user profile returned by the financial institution.

Name Matching Rules

  • Use exact first and last names provided for each test user
  • Any mismatch causes session to become invalid
  • Flow stops immediately at validation stage
  • No transaction or agreement should be created
  • User must see clear generic error message

Identity Validation Testing

Test identity validation with these scenarios:
  1. Correct Information: Use exact names from test scenarios
  2. Name Mismatch: Create session with incorrect firstName/lastName
  3. Partial Match: Test with slight variations (e.g., “Bob” vs “Robert”)
  4. Special Characters: Test names with apostrophes, hyphens, accents
Expected behavior for mismatches:
  • Session status becomes Failed with EFT0403
  • User sees generic error message
  • No PAD agreement is created
  • No funds are moved

Status Code Testing

Test different status responses using various scenarios:
StatusStatusDetailsTest ScenarioDescription
InitiatedEFT0101Any scenario before user startsSession created, awaiting user start
CompletedEFT0301Happy1, Happy2, Happy3Transaction scheduled, session fully completed
CompletedEFT0302Interrupt before PAD signatureBank account validated, awaiting PAD signature
FailedEFT0401Use incorrect credentialsLogin failed - invalid credentials
FailedEFT0402Unhappy1 (Joe Fails)Eligibility failed - no guarantee offered
FailedEFT0403Wrong name in session creationIdentity failed - user info mismatch
CanceledEFT0501Call /cancel endpointSession canceled by API request
ExpiredEFT0601Leave session inactiveSession timed out

Status Testing Checklist

  • Verify all status codes return correctly
  • Test status polling handles each terminal state
  • Confirm statusDetails provide sufficient information
  • Validate proper error messages for each failure type

Pre-Production Checklist

Complete this checklist before going live:

1. Integration Testing

  • Test all happy path scenarios successfully
    • Happy1: Standard success flow
    • Happy2: Next best offer flow
    • Happy3: French language flow
  • Test all unhappy path scenarios and error handling
    • Unhappy1: Guarantee failure
    • Unhappy2-6: Additional failure scenarios
  • Verify event handling for all scenarios
    • All events fire correctly
    • Event sequence matches expected flow
    • Terminal events properly handled

2. Technical Validation

  • Test session status polling and timeouts
    • Polling handles all terminal states
    • Timeout handling works correctly
    • Error recovery implemented
  • Validate proper name matching implementation
    • Exact name matches work
    • Name mismatches fail gracefully
    • Error messages are user-friendly
  • Test amount handling (with/without preset amounts)
    • Preset amounts prevent user modification
    • User-entered amounts work correctly
    • Min/max limits enforced

3. User Experience

  • Verify proper error messaging for users
    • Generic error for identity mismatch
    • Clear guidance for guarantee failures
    • Helpful messages for technical errors
  • Test alternative payment method flows
    • Graceful fallback when guarantee fails
    • Proper handling of user cancellation
    • Alternative options presented clearly

4. Security and Compliance

  • API key management implemented securely
    • API keys stored securely (not hardcoded)
    • No sensitive data in logs
  • PAD agreement handling compliant
    • Proper consent flow
    • Agreement storage if required
    • Rejection handling implemented

5. Monitoring and Observability

  • Logging implemented for key events
    • Session creation/completion
    • Error conditions
    • Performance metrics
  • Error tracking configured
    • Failed transactions monitored
    • Alert thresholds set
    • Escalation procedures defined

Environment Transition

From Sandbox to Production

  1. Update base URLs:
    • Sandbox: https://payments-uat.flinksapp.com
    • Production: https://payments.flinksapp.com
  2. Replace credentials:
    • Use production credentials provided during onboarding
    • Verify credentials work with authentication endpoint
  3. Update configuration:
    • Switch to production environment variables
    • Update any hardcoded test references
    • Remove debug logging if applicable

Production Environment Differences

  • Real bank connections: Actual financial institution authentication
  • Real funds movement: Transactions involve actual money
  • Different performance: Production may have different response times
  • Monitoring: Enhanced logging and monitoring capabilities

Support and Escalation

When to Contact Support

  • Authentication issues with production credentials
  • Unexpected status codes not covered in documentation
  • Performance issues affecting user experience
  • Integration questions not covered in guides

Support Channels

  • Technical Account Manager: Primary contact for technical issues
  • Client Dashboard: Monitor transactions and view logs
  • Support Documentation: Reference specific test scenarios when reporting issues

Information to Provide

When contacting support, include:
  • Session ID of problematic transaction
  • Reference ID used in session creation
  • Timestamp of issue occurrence
  • Error messages received
  • Expected vs actual behavior

Compliance Considerations

PAD Agreement Requirements

  • Ensure proper consent collection
  • Store agreements as required by regulations
  • Provide clear terms and conditions
  • Handle agreement rejections appropriately

Data Security

  • Encrypt sensitive data in transit and at rest
  • Follow PCI DSS guidelines if applicable
  • Implement proper access controls
  • Regular security audits and updates

Record Keeping

  • Maintain transaction logs for required periods
  • Store session data for reconciliation
  • Keep audit trails for compliance reviews
  • Document any data retention policies

Performance Optimization

Best Practices

  • Implement connection pooling for API calls
  • Use appropriate timeouts for network calls
  • Implement retry logic with exponential backoff

Monitoring Metrics

Track these key metrics in production:
  • Session success rate: Percentage of completed transactions
  • API response latency: Time for API responses
  • Session creation time: Time from request to session ID
  • Error rates: Frequency of different error types
  • User abandonment: Where users exit the flow

Next Steps

Once you’ve completed this checklist:
  1. Schedule go-live with your Technical Account Manager
  2. Plan gradual rollout if possible (percentage of traffic)
  3. Monitor closely during initial production period
  4. Have rollback plan ready if issues occur