diff --git a/tests/paybylink/paybylink.spec.js b/tests/paybylink/paybylink.spec.js
index 4ba06a1..db71143 100644
--- a/tests/paybylink/paybylink.spec.js
+++ b/tests/paybylink/paybylink.spec.js
@@ -22,7 +22,7 @@ test('Pay By Link', async ({ page }) => {
     await page.waitForLoadState('networkidle');
 
     // Ensure the link with `uniqueReference` is created
-    await expect(page.getByText(uniqueReference)).toBeVisible();
+    await expect(page.getByText(uniqueReference).first()).toBeVisible();
 
     const link = await page.locator('text=/PL/').first();
     await link.click();
diff --git a/tests/paybylink/webhook-failure.spec.js b/tests/paybylink/webhook-failure.spec.js
new file mode 100644
index 0000000..7a2b157
--- /dev/null
+++ b/tests/paybylink/webhook-failure.spec.js
@@ -0,0 +1,43 @@
+// @ts-check
+const { test, expect } = require('@playwright/test');
+
+// test webhook is rejected (invalid HMAC signature)
+test('Webhook Notification', async ({ request }) => {
+    const notifications = await request.post(`/api/webhooks/notifications`, {
+        data: {
+            "live": "false",
+            "notificationItems":[
+                {
+                    "NotificationRequestItem":{
+                        "additionalData":{
+                            "hmacSignature":"INVALID_HMAC_SIGNATURE",
+                            "paymentLinkId":"PL1234567890" // note: add paymentLinkId for Pay by Link
+                        },
+                        "eventCode":"AUTHORISATION",
+                        "success":"true",
+                        "eventDate":"2019-06-28T18:03:50+01:00",
+                        "merchantAccountCode":"YOUR_MERCHANT_ACCOUNT",
+                        "pspReference": "7914073381342284",
+                        "merchantReference": "YOUR_REFERENCE",
+                        "amount": {
+                            "value":24999,
+                            "currency":"EUR"
+                        }
+                    }
+                }
+            ]
+        }
+    });
+
+    /// Verify notification is not accepted (invalid HMAC)
+
+    // Status code not 404 (verify webhook is found)
+    expect(notifications.status()).not.toEqual(404);
+
+    // Status code not 200 (verify webhook does not accept the notification ie HMAC invalid)
+    expect(notifications.status()).not.toEqual(200);
+
+    // Body response does not contain [accepted]
+    notifications.text()
+        .then(value => {expect(value).not.toEqual("[accepted]");} );
+});
diff --git a/tests/paybylink/webhook.spec.js b/tests/paybylink/webhook.spec.js
index 5264171..5add7e2 100644
--- a/tests/paybylink/webhook.spec.js
+++ b/tests/paybylink/webhook.spec.js
@@ -1,42 +1,47 @@
 // @ts-check
 const { test, expect } = require('@playwright/test');
+const utilities = require('../utilities');
 
+// test webhook is successfully delivered
 test('Webhook Notification', async ({ request }) => {
+
+    var notificationRequestItem = {
+        "eventCode":"AUTHORISATION",
+        "success":"true",
+        "eventDate":"2019-06-28T18:03:50+01:00",
+        "merchantAccountCode":"YOUR_MERCHANT_ACCOUNT",
+        "pspReference": "7914073381342284",
+        "merchantReference": "YOUR_REFERENCE",
+        "amount": {
+            "value":1130,
+            "currency":"EUR"
+        }
+    };
+
+    // calculate signature from payload
+    const hmacSignature = await utilities.calculateHmacSignature(notificationRequestItem);
+    // add hmacSignature to 'additionalData'
+    // note: add paymentLinkId for Pay by Link
+    notificationRequestItem["additionalData"] = 
+    {"hmacSignature" : ""+hmacSignature+"", paymentLinkId : "PL1234567890"}
+
+    // POST webhook
     const notifications = await request.post(`/api/webhooks/notifications`, {
         data: {
             "live": "false",
             "notificationItems":[
                 {
-                    "NotificationRequestItem":{
-                        "additionalData":{
-                            "hmacSignature":"+JWKfq4ynALK+FFzGgHnp1jSMQJMBJeb87dlph24sXw=",
-                            "paymentLinkId":"PLXXXXXXXXXXXX"
-                        },
-                        "eventCode":"AUTHORISATION",
-                        "success":"true",
-                        "eventDate":"2019-06-28T18:03:50+01:00",
-                        "merchantAccountCode":"YOUR_MERCHANT_ACCOUNT",
-                        "pspReference": "7914073381342284",
-                        "merchantReference": "YOUR_REFERENCE",
-                        "amount": {
-                            "value":1000,
-                            "currency":"EUR"
-                        }
-                    }
-                }
+                    "NotificationRequestItem": notificationRequestItem    
+                }           
             ]
         }
     });
 
-    /// Verify notification is not accepted (invalid HMAC)
+    // Verify status code 
+    expect(notifications.status()).toEqual(200);
 
-    // Status code not 404 (verify webhook is found)
-    expect(notifications.status()).not.toEqual(404);
-
-    // Status code not 200 (verify webhook does not accept the notification ie HMAC invalid)
-    expect(notifications.status()).not.toEqual(200);
-
-    // Body response does not contain [accepted]
+    // Verify body response 
     notifications.text()
-        .then(value => {expect(value).not.toEqual("[accepted]");} );
+        .then(value => {expect(value).toEqual("[accepted]");} );
 });
+