Certification process
Understand the quality and security certification process.
Last updated
Understand the quality and security certification process.
Last updated
Here, you'll find an overview and a of the commerce connector quality and security certification review process.
During the review, you'll need to provide an eCommerce front end, created in your ecosystem, that demonstrates how the connector functions. More specifically, the front-end must:
Include a test commerce site
Contain an admin interface for conducting configurations and customer service
Allow orders to be placed using all available payment methods in the
Execute a minimal scenario set provided by Digital River that demonstrates evidence of your connector's health
Provide access to a source code wrapping SDK that enables the eCommerce workflow
You'll also need to supply us with credentials for both the admin portal and a test account in the customer portal.
To help you work through these commerce connector quality and certification requirements, we've organized them into five phases:
: Planning and prerequisites
: Tool development and test site validation by ecosystem partner
: Security validation by Digital River
: Front-end test site validation by Digital River
: Production payment validation by Digital River
Phase 1 consists of project planning. When you start this phase, we assume you're currently working with Digital River and ready to build a connector. The main goals of phase 1 are to create function specs, documents, schedules, test scenarios, team assignments, and the defect triage matrix.
Deploying a working storefront that acts as a front-end test environment
Finalizing test cases and workflows
Accounting for all applicable Digital River use cases
Your ultimate goal in phase 2 is to present your complete integrated tool on the PTE test site and demonstrate that you've accounted for all priority 1 defects.
The following provides a high-level overview of these three phases:
Phase 3: We perform security and automated validation scans on your tool and its source code
Phase 4: Our QA teams run test scenarios against your PTE test site
Phase 5: Using live payment systems, our QA teams verify the integrity of all payment methods
You can find a more detailed explanation of the certification process, along with a diagram outlining the sequences, in the following documents:
Since each end site that uses your tool is treated as a separate entity, it must be deployed independently. Individual end sites must obtain a unique Digital River API account. These accounts provide the client with API keys for use in test and production environments.
During phase 2, you create a working test environment and update Digital River on your development status. During this phase, most of the development work is performed in the Digital River . This is in preparation for the initial certification tests you must pass, which consist of:
Refer to the Priority Matrix section in the for more information on how defects are prioritized.
In phases 3 through 5, Digital River performs manual and automated validations of your tool in the test site. We also help you resolve any defects and compliance issues before proceeding further in the certification process.
At the end of phase 5, your tool is certified and ready to be deployed on your clients' .
After your tool is certified, you can implement multiple end sites. The end sites you implement, however, are not part of the tool certification process. These sites must undergo a separate .
The Digital River API is versioned based on that require you to modify your workflow. Our implementation of versioning allows you to remain on your current version until you're ready to . When you decide to update your version, we provide .
We also release that require no modification of your code, regardless of your version.