--- title: "Go-live checklist" description: "Follow this checklist before you start accepting live payments." url: "https://docs.adyen.com/online-payments/go-live-checklist" source_url: "https://docs.adyen.com/online-payments/go-live-checklist.md" canonical: "https://docs.adyen.com/online-payments/go-live-checklist" last_modified: "2025-11-06T12:03:00+01:00" language: "en" --- # Go-live checklist Follow this checklist before you start accepting live payments. [View source](/online-payments/go-live-checklist.md) The setup from your [test Customer Area](https://ca-test.adyen.com/) is not copied over to your [live Customer Area](https://ca-live.adyen.com/), so you need to configure live settings for: * [Account](#account) * [Finance](#finance) * [Risk and compliance](#risk-and-compliance) * [API communication](#api-communication) * [Webhooks](#webhooks) After you have configured your [live Customer Area](https://ca-live.adyen.com/), [test your integration by making real payments](#end-to-end-testing). ## Account ### Set up your live account structure * [Create additional merchant accounts](/account/manage-account-structure) if needed for your business. ### Give team members access to the live environment * [Create a separate user](/account/users#create) for each team member who needs to access your [live Customer Area](https://ca-live.adyen.com/). * Give each user the [roles](/account/user-roles) and account access required to perform their tasks. * [Set up Customer Area notifications](/account/notification-center) to be notified of important events such as chargebacks. * Consider setting up [two-factor authentication](/account/two-factor-authentication) for increased account security. ### Set up payment methods ![The most commonly used payment methods are: Visa, Mastercard, American Express, Alipay, iDEAL, Apple Pay, Union Pay, Boleto, Google Pay, Klarna, SEPA](/user/pages/docs/02.online-payments/09.go-live-checklist/sample-pms.svg?decoding=auto\&fetchpriority=auto) Discover popular ways to pay with our [payment methods explorer](https://www.adyen.com/payment-methods). * [Add all the payment methods](/payment-methods/add-payment-methods) that you want to offer to your shoppers. * Make sure that payments appear correctly on the shopper's bank statement. Configure the `shopperStatement` field when making a payment or when creating a payment session. ## Finance ### Receive payouts from Adyen * [Add information about the bank accounts](/account/manage-payout-account-details) where you want to receive the payouts from Adyen, if you haven't done so [as part of your application](/get-started-with-adyen/application-requirements#bank-statement). * [Review and change how you get paid](/account/getting-paid#change-how-you-get-paid), if required. ### Use reports for reconciliation * Set up [automatic generation of reports](/reporting/automatically-get-reports). * Use the [Settlement details report](/reporting/settlement-detail-report) to reconcile your accounts on a transaction level. * Consider [automating your reconciliation process](/reporting/settlement-reconciliation). ### (Optional) Set up a Reserve * Consider setting up a [Reserve](/account/balances/reserve): this is used for refunds and other operational expenses in case of insufficient [in-process funds](/account/balances). ## Risk and compliance ##### Risk webinar To learn more about risk management with Adyen, [sign up for one of our upcoming webinars](https://help.adyen.com/academy). By default, your Adyen account has a risk profile based on industry standards. * Review and [customize](/risk-management) your risk profile. * [Set up Customer Area notifications](/account/notification-center) about [Fraudulent Payments (NOF)](/risk-management/understanding-disputes/dispute-process-and-flow#dispute-process) and [Chargebacks (NOC)](/risk-management/understanding-disputes/dispute-process-and-flow#dispute-process). * Make sure that you know how risk rules are triggered by the information that you send in your payment request. Some fields are strongly recommended to include because they are [required](/risk-management/configure-manual-risk/required-risk-field-reference) for specific risk checks. * Include the correct information on your receipts for [online card payments](/payment-methods/cards/card-receipts) and/or [in-person payments](/point-of-sale/basic-tapi-integration/generate-receipts), depending on your integration. * Confirm that you have completed the [Payment Card Industry Data Security Standards (PCI DSS)](/online-payments/pci-dss-compliance) requirements. We strongly recommend that you protect your integration against [card testing attacks](https://help.adyen.com/en_US/knowledge/risk/fraud-score/how-can-i-prevent-bin-attacks), also known as [BIN](/get-started-with-adyen/adyen-glossary/#bank-identification-number-bin) attacks. ### Compliance Make sure that your integration supports [3D Secure](/online-payments/3d-secure), so that you can apply SCA for transactions in scope of [PSD2 SCA](/online-payments/psd2-sca-compliance-and-implementation-guide) and other [local regulations](/online-payments/3d-secure-for-regulation-compliance#overviewofexistingregulations). ### 3D Secure Note that for Mastercard, the enrollment for [3D Secure](/online-payments/3d-secure) can take up to 12 hours. This means that you might not be able to offer [3D Secure](/online-payments/3d-secure) to your shoppers immediately after your [live Customer Area](https://ca-live.adyen.com/) has been activated. * Configure your own rules for [Dynamic 3D Secure](/risk-management/dynamic-3d-secure), to have more control over which transactions are processed with [3D Secure](/online-payments/3d-secure). * Make sure that you know how the 3D Secure flow is triggered by the information that you send in your payment request. For more information, refer to our [3D Secure integration guides](/online-payments/3d-secure/native-3ds2). ## API communication Before you can make live API requests to Adyen, you need to: * In your [live Customer Area](https://ca-live.adyen.com/): * Generate an [API key](/development-resources/api-credentials#generate-api-key) and use it in your live integration. * If you have enabled `additionalData` in your API responses, go to **Developers** > **Additional data** to configure the additional data included in your live responses. We recommend that you use the same settings as your test Customer Area. * Make sure that your live API credentials have the required [API permissions](/development-resources/api-credentials#manage-api-permissions). * Update the Adyen endpoints to your [live endpoints](/development-resources/live-endpoints). ## Webhooks * In your [live Customer Area](https://ca-live.adyen.com/): * Set up [webhooks](/development-resources/webhooks). * If you have enabled `additionalData` in your webhooks, configure the additional data settings for your live webhooks. We recommend that you use the same settings as your test Customer Area. * Make sure that you [acknowledge webhook events](/development-resources/webhooks/configure-and-manage#accept-webhooks) with a [successful HTTP response status code](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status#successful_responses), for example **202**, to [prevent events being queued](/development-resources/webhooks/troubleshoot#retry-queue). * Make sure that you are receiving all [webhook event types](/development-resources/webhooks/webhook-types#event-codes) needed for your integration. ## End-to-end testing Thorough testing ensures a seamless and secure experience for all shoppers. To make sure your integration can handle the entire [payment lifecycle](/account/payments-lifecycle), you need to test possible scenarios with real payment details. When testing, make sure to: * Test on real mobile devices. Emulating a mobile device in a desktop browser is useful for checking layouts, but it does not simulate real touch events. Our checkout relies on touch events for correct operation. Always test on physical iOS and Android devices to verify the user experience. * Test in a secure context. Some payment methods require a secure browser context to function correctly. * For local development, use `http://127.0.0.1`, `http://localhost`, or `http://{your-subdomain}.localhost` (for example `http://dev.localhost`). These are treated as secure by browsers. * For custom domains (for example, dev.myshop.com), serve the page over HTTPS. Payments with real details incur fees. To have enough funds available for refunds, consider setting up a [Reserve](#reserve). * For each payment method that you offer, make a successful payment using real details. * Make a payment with `resultCode`: **Refused**, for example by entering incorrect card details. * Make a payment with `refusalReason`: **FRAUD**, by triggering multiple risk checks to achieve a risk score above **100**. * Make a [refund](/online-payments/refund), and a [partial refund](/online-payments/refund#refund-a-payment). ### Capture * If using manual capture, [capture](/online-payments/capture#manual-capture) a payment. * If using manual capture or a capture delay of 1-7 days, [cancel](/online-payments/cancel) a payment before it has been captured. * If using [multiple partial captures](/online-payments/capture#partial-capture), [capture](/online-payments/capture#capture-a-payment) a part of the authorised amount, and make sure that the remaining amount is not automatically cancelled. ### Redirect payment methods Redirect payment methods require the shopper to be redirected to another website or app to complete the payment. This is the payment flow for most wallets, online banking. We also support a redirect [3D Secure](/online-payments/3d-secure) flow. If you implemented any redirect payment methods, test the following scenarios: * After being redirected, wait for more than five minutes to complete the payment. * Select the **Cancel**/**Back** button on the redirected page, to cancel the payment. * Close the browser when on the redirected page, to simulate the shopper abandoning the session. ### 3D Secure * Make a successful payment with 3D Secure authentication, and verify that the flow that you chose to implement (either [redirect](/online-payments/3d-secure/redirect-3ds2) or [native 3D Secure 2](/online-payments/3d-secure/native-3ds2)) is triggered correctly. * Make a 3D Secure payment where the shopper fails to complete the challenge. * Make sure that [3D Secure](/online-payments/3d-secure) is triggered correctly according to your risk settings ([Dynamic 3D Secure](/risk-management/dynamic-3d-secure) and your [risk profile](/risk-management/create-and-use-risk-profiles)). * Check your Content Security Policy (CSP). A strict Content Security Policy (CSP) can prevent native 3D Secure 2 challenges from being loaded on your website, because loading 3D Secure 2 interface requires adding more URLs to your CSP. Adyen does not maintain a list of all URLs. You can use the redirect flow if you do not want to adjust your CSP. ### Tokenization If you implemented [tokenization](/online-payments/tokenization), follow the checklist below: * Make sure that you receive the [recurringProcessingModel](https://docs.adyen.com/api-explorer/Checkout/70/post/payments#request-recurringProcessingModel) in your payment response. * Enable receiving the [Recurring tokens life cycle events](/development-resources/webhooks/webhook-types#other-webhooks) webhook to receive the `storedPaymentMethodId` field in a webhook. * Create a token when making a payment. * Use the token to make a payment. * If you want to validate card details before processing payments, make a zero-auth transaction. If you implemented 3D Secure, also make a zero-auth transaction with [3D Secure](/online-payments/3d-secure). ## Next steps Once you have completed the above checklist, you are ready to accept live payments! ###### [Managing your live account](/account) [Learn how to manage your Adyen account after your integration is live.](/account) ###### [Risk management](/risk-management) [Use our risk management solution to minimize fraud and maximize auth rates.](/risk-management)