Moneybag
Testing

Going Live

Complete checklist and guide for launching your Moneybag integration in production

Going Live

Ready to move from sandbox to production? This comprehensive guide will walk you through everything you need to launch your Moneybag integration successfully.

Pre-Launch Requirements

Before you can go live with Moneybag, ensure you have completed these essential requirements:

Business Verification

Account Approval Required

Production access requires business verification. Start this process early as it can take 2-3 business days.

Required Documents:

  • Business registration/trade license
  • NID/Passport of authorized signatory
  • Bank account details
  • Website/app URL for verification
  • Terms of service and privacy policy URLs

Application Process:

  1. Complete application at moneybag.com.bd/apply
  2. Upload required documents
  3. Wait for verification (2-3 business days)
  4. Receive production credentials via email

Going Live Checklist

Use this comprehensive checklist to ensure a smooth production launch:

✅ Development & Testing

  • Complete sandbox testing - All payment scenarios tested successfully
  • Test error scenarios - Payment failures, timeouts, and edge cases handled
  • Load testing completed - System tested with expected transaction volume
  • Integration review - Code reviewed by senior developer
  • Documentation updated - Internal docs reflect production configuration

✅ Code Changes

  • Update API endpoints

    // Change from sandbox
const API_URL = 'https://sandbox.api.moneybag.com.bd/api/v2';

// To production
const API_URL = 'https://api.moneybag.com.bd/api/v2';

  • Switch to production API keys

    // Update environment variables
MONEYBAG_API_KEY=sk_live_your_production_key_here
MONEYBAG_WEBHOOK_SECRET=whsec_live_your_production_secret

  • Remove test code

    • Remove test card numbers
    • Remove debug console.log statements
    • Disable verbose error messages
    • Remove development-only features

  • Update webhook URLs

    • Change webhook endpoints to production URLs
    • Ensure HTTPS is used
    • Verify endpoints are publicly accessible

✅ Security Implementation

  • API key security

    • Keys stored in environment variables
    • Never exposed in client-side code
    • Different keys for different environments

  • HTTPS enforcement

    • All pages using payment served over HTTPS
    • SSL certificate valid and not expiring soon
    • HTTP to HTTPS redirect configured

  • Webhook signature verification

    // Implement signature verification
function verifyWebhookSignature(payload, signature, secret) {
  const expectedSignature = crypto
    .createHmac('sha256', secret)
    .update(payload)
    .digest('hex');
  
  return `sha256=${expectedSignature}` === signature;
}

  • PCI compliance

    • Never store card details
    • Use Moneybag's hosted checkout
    • Implement proper data handling

✅ Error Handling & Monitoring

  • Comprehensive error handling

    try {
  const payment = await processPayment(data);
} catch (error) {
  // Log error for monitoring
  logger.error('Payment failed', { error, orderId });
  
  // Show user-friendly message
  showErrorMessage('Payment could not be processed. Please try again.');
  
  // Notify admin if critical
  if (error.critical) {
    notifyAdmin(error);
  }
}

  • Logging configured

    • Transaction logs stored
    • Error tracking enabled
    • Audit trail maintained

  • Monitoring setup

    • Payment success rate tracking
    • Response time monitoring
    • Alert system for failures

✅ User Experience

  • Payment flow tested

    • Smooth checkout experience
    • Clear error messages
    • Success/failure pages working

  • Mobile responsiveness

    • Checkout works on mobile devices
    • Touch-friendly interface
    • Fast loading times

  • Customer communication

    • Order confirmation emails
    • Payment receipts
    • Support contact visible

✅ Business Operations

  • Staff training

    • Support team knows payment flow
    • Refund process documented
    • Troubleshooting guide prepared

  • Legal compliance

    • Terms updated for payments
    • Privacy policy includes payment data
    • Refund policy published

  • Financial setup

    • Bank account verified
    • Settlement schedule understood
    • Accounting integration ready

Migration Steps

Step 1: Final Testing

Before switching to production:

// Test with small amount first
const testPayment = await createPayment({
  amount: 10.00, // Minimum amount
  test_mode: false // Use production mode
});

// Verify it works
const verification = await verifyPayment(testPayment.id);
assert(verification.status === 'SUCCESS');

Step 2: Gradual Rollout

Recommended approach:

  1. Start with 10% of traffic
  2. Monitor for 24 hours
  3. Increase to 50% if stable
  4. Full rollout after 48 hours
// Feature flag example
const useProduction = () => {
  const random = Math.random();
  return random < rolloutPercentage;
};

const apiUrl = useProduction() 
  ? 'https://api.moneybag.com.bd'
  : 'https://sandbox.api.moneybag.com.bd';

Step 3: DNS & Infrastructure

  • Update DNS records if using custom domains
  • Configure load balancers
  • Set up failover systems
  • Test disaster recovery

Step 4: Go Live

  1. Deploy production code

    # Tag the release
git tag -a v1.0.0 -m "Production release"
git push origin v1.0.0

# Deploy to production
npm run deploy:production

  2. Monitor closely

    • Watch real-time logs
    • Check payment success rate
    • Monitor response times
    • Track error rates

  3. Be ready to rollback

    # If issues arise
npm run rollback:production

Post-Launch Tasks

First 24 Hours

  • Monitor all transactions
  • Check webhook delivery
  • Verify settlements
  • Review error logs
  • Test customer support flow

First Week

  • Analyze payment metrics
  • Optimize based on data
  • Gather customer feedback
  • Fine-tune error handling
  • Document any issues

Ongoing

  • Regular security audits
  • Performance optimization
  • Feature updates
  • Staff training updates
  • Compliance reviews

Common Production Issues

Issue: High failure rate

Solutions:

  • Check API key validity
  • Verify customer data validation
  • Review amount limits
  • Check for service issues

Issue: Slow response times

Solutions:

  • Implement caching
  • Optimize database queries
  • Use connection pooling
  • Consider CDN for assets

Issue: Webhook failures

Solutions:

  • Verify endpoint accessibility
  • Check signature validation
  • Review firewall rules
  • Implement retry logic

Production Best Practices

1. Always Verify Payments

// Never trust client-side data
app.post('/payment/callback', async (req, res) => {
  const { transaction_id } = req.body;
  
  // Always verify with API
  const verification = await verifyPayment(transaction_id);
  
  if (verification.verified && verification.status === 'SUCCESS') {
    await fulfillOrder(verification.order_id);
  }
});

2. Implement Idempotency

// Prevent duplicate processing
const processedTransactions = new Set();

async function handlePayment(transactionId) {
  if (processedTransactions.has(transactionId)) {
    return { duplicate: true };
  }
  
  processedTransactions.add(transactionId);
  // Process payment...
}

3. Handle Rate Limits

// Implement exponential backoff
async function apiCallWithRetry(fn, retries = 3) {
  for (let i = 0; i < retries; i++) {
    try {
      return await fn();
    } catch (error) {
      if (error.code === 'RATE_LIMIT' && i < retries - 1) {
        await sleep(Math.pow(2, i) * 1000);
        continue;
      }
      throw error;
    }
  }
}

4. Maintain Audit Logs

// Log all payment events
function logPaymentEvent(event) {
  const log = {
    timestamp: new Date().toISOString(),
    event: event.type,
    transaction_id: event.transaction_id,
    amount: event.amount,
    customer_id: event.customer_id,
    ip_address: event.ip_address,
    user_agent: event.user_agent
  };
  
  auditLogger.info(log);
}

Support During Launch

Priority Support

Production accounts get priority support during launch:

Launch Support Hours:

  • Sunday - Thursday: 9 AM - 8 PM BST
  • Saturday: 10 AM - 6 PM BST
  • Emergency hotline available

Contact:

Resources

Success Metrics

Track these KPIs after going live:

MetricTargetHow to Measure
Payment Success Rate> 95%Successful / Total Attempts
Average Response Time< 2sAPI response monitoring
Webhook Delivery Rate> 99%Delivered / Total Webhooks
Customer Complaints< 1%Support tickets / Transactions
Settlement Accuracy100%Reconciliation reports

Next Steps

After successfully going live:

  1. Optimize Performance - Analyze metrics and improve
  2. Add Features - Implement saved cards, subscriptions
  3. Expand Payment Methods - Add more payment options
  4. International Expansion - Multi-currency support
  5. Advanced Integration - Marketplace, split payments

Need Help?

Our team is here to support your production launch:

📞 Launch Support

Priority assistance during go-live

Contact Launch Team →

📊 Health Check

Free integration review before launch

Request Review →

Remember: A successful go-live is about preparation. Take your time, test thoroughly, and don't hesitate to ask for help!

WooCommerce Plugin

Official WooCommerce Payment Gateway plugin for Moneybag

Test Scenarios

Comprehensive testing guide for Moneybag payment integration