PayPal Payments Pro - Direct Payment: Getting Started
Download a demo project.
Note PayPal Payments Pro (Direct
Payment) is known as Website Payments Pro in Canada and the UK.
This guide presents the following to quickly get you up and running with this service.
Overview
PayPal Payments Pro enables the merchant to take both direct card information and
PayPal payments.
Key Concepts
You can make calls in these formats:
Request method, format Response format HTTP GET Name/value pairs JSON HTTP POST SOAP (1.1, 1.2) SOAP
Making Your First Call
The following example calls
DoDirectPayment in
the Sandbox to make a direct card payment via the specified app (signified by combo
of USER, PWD, SIGNATURE).- Obtain the endpoint for the service and environment you are addressing.
https://api-3t.sandbox.paypal.com/nvp
This is the endpoint for making calls in name/value pair style in the Sandbox. For the SOAP endpoint, see API endpoints. - Provide the authentication. For the sample DoDirectPayment call below, these are
set via parameters you pass to the call.
// Sandbox API credentials for the API Caller account USER : // user id PWD : // password SIGNATURE : // signature VERSION : // the release version of the API
- Provide parameters needed by the specific call being made (for this example, see
also the DoDirectPayment reference
and Test Credit Card Account
Numbers).
METHOD : DoDirectPayment PAYMENTACTION : SALE AMT : // price // credit card details ACCT, CREDITCARDTYPE, CVV2, FIRSTNAME, LASTNAME, STREET, CITY, STATE, ZIP, COUNTRYCODE, EXPDATE
You are now ready to make a call. - Make the call. (For an example, see Try It, below.)
- Evaluate the response.
For the Try It example below, you might get something like the following (which has been split to multiple lines for readability). TRANSACTIONID represents the AuthorizationID for use with authorization and capture APIs.
ACK=Success &CURRENCYCODE=USD&AVSCODE=X&CVV2MATCH=M // the AuthorizationID for use with authorization and capture APIs &TRANSACTIONID=61K41112Y6568602S // additional artifacts of a job run &TIMESTAMP=2011-08-11T00:14:22Z&CORRELATIONID=1e931819365cfVERSION=78&BUILD=2031893&AMT=5.00
(If it fails with an ACK value of Failure, consider the details in the the error message. It may be necessary, for example, to replace the expiration date (EXPDATE) for the fictitious credit card. Note that you can also create and use your own "bank-approved" or verified credit card in the Sandbox web pages.)
Introducing PayPal Payments Pro (Direct Payment)
Note: PayPal Payments Pro (Direct Payment) is known as Website
Payments Pro in Canada and the UK.
Important: PayPal Payments Pro (Direct
Payment) differs from PayPal Payments Pro (Payflow Edition). See the PayPal Payments Pro (Payflow
Edition) documentation for Payflow integration information.
You can accept credit and debit cards and PayPal payments directly on your website
using 2 API-based solutions: Direct Payment and Express Checkout. You must integrate
with both Direct Payment and Express Checkout to use PayPal Payments Pro (Direct
Payment), known as Website Payments Pro outside the U.S.
Note: PayPal Payments Pro (Direct Payment) is known as Website
Payments Pro in Canada and the UK.
Important: PayPal Payments Pro (Direct
Payment) differs from PayPal Payments Pro (Payflow Edition). See the PayPal Payments Pro (Payflow
Edition) documentation for Payflow integration information.
You can accept credit and debit cards and PayPal payments directly on your website
using 2 API-based solutions: Direct Payment and Express Checkout. You must integrate
with both Direct Payment and Express Checkout to use PayPal Payments Pro (Direct
Payment), known as Website Payments Pro outside the U.S.
Getting Related Information
All PayPal documentation is available on developer.paypal.com -
Classic APis, including video demos and developer resources.
- For information about administrative tasks you can perform
from your PayPal account such as adding users, setting up custom page styles, and
managing multiple currency balances, see the Merchant
Setup and Administration Guide.
- If you use the Payflow API to process transactions with
PayPal as your internet merchant account, see Gateway
Developer Guide and Reference.
All PayPal documentation is available on developer.paypal.com -
Classic APis, including video demos and developer resources.
- For information about administrative tasks you can perform from your PayPal account such as adding users, setting up custom page styles, and managing multiple currency balances, see the Merchant Setup and Administration Guide.
- If you use the Payflow API to process transactions with PayPal as your internet merchant account, see Gateway Developer Guide and Reference.
PayPal Payments Pro (Direct Payment) Overview
PayPal Payments Pro (Direct Payment) includes Direct Payment, Express Checkout,
and additional PayPal solutions and tools, such as Virtual Terminal, Fraud Management
Filters, and reference transactions.
- Direct Payment enables you to accept both debit and credit
cards directly from your site.
- Express Checkout enables you to accept payments from PayPal
accounts in addition to debit and credit cards.
The following diagram shows the relationship between Direct Payment and Express
Checkout to a buyer.
From your shopping cart, a buyer can either checkout with Express Checkout, starting
from the Checkout with PayPal button on your Shopping Cart page,
or pay directly by credit or debit card using Direct Payment.
If a buyer pays using Express Checkout, PayPal provides a checkout experience that
streamlines checkout. Even if buyers do not pay using Express Checkout, they can
still pay by credit or debit card using Direct Payment. In this case, buyers might
need to enter payment, billing, and shipping information. In both cases, buyers
stay on your website or are sent to the page of your choice.
You must implement both an Express Checkout flow and a Direct Payment flow to use
PayPal Payments Pro (Direct Payment). You implement the Express Checkout flow by
calling PayPal's Express Checkout API operations, which guides a buyer through the
checkout process. You implement the Direct Payment flow using your own code, for
which PayPal provides an API operation to process the credit or debit card payment.
Note: Purchases through Direct Payment are not covered by
the PayPal Seller Protection Policy.
PayPal Payments Pro (Direct Payment) includes Direct Payment, Express Checkout,
and additional PayPal solutions and tools, such as Virtual Terminal, Fraud Management
Filters, and reference transactions.
- Direct Payment enables you to accept both debit and credit cards directly from your site.
- Express Checkout enables you to accept payments from PayPal accounts in addition to debit and credit cards.
The following diagram shows the relationship between Direct Payment and Express
Checkout to a buyer.
From your shopping cart, a buyer can either checkout with Express Checkout, starting
from the Checkout with PayPal button on your Shopping Cart page,
or pay directly by credit or debit card using Direct Payment.
If a buyer pays using Express Checkout, PayPal provides a checkout experience that
streamlines checkout. Even if buyers do not pay using Express Checkout, they can
still pay by credit or debit card using Direct Payment. In this case, buyers might
need to enter payment, billing, and shipping information. In both cases, buyers
stay on your website or are sent to the page of your choice.
You must implement both an Express Checkout flow and a Direct Payment flow to use
PayPal Payments Pro (Direct Payment). You implement the Express Checkout flow by
calling PayPal's Express Checkout API operations, which guides a buyer through the
checkout process. You implement the Direct Payment flow using your own code, for
which PayPal provides an API operation to process the credit or debit card payment.
Note: Purchases through Direct Payment are not covered by
the PayPal Seller Protection Policy.
Additional Features of PayPal Payments Pro (Direct Payment)
PayPal Payments Pro (Direct Payment) consists of APIs for accepting credit card,
debit card, and PayPal payments; these payments can be immediate, authorized for
later capture, and they can be recurring payments. PayPal Payments Pro (Direct Payment)
also includes standalone applications for accepting payments.
In addition, PayPal Payments Pro (Direct Payment) includes Fraud Management Filters
for automatic review and management of risk
PayPal Payments Pro (Direct Payment) consists of APIs for accepting credit card,
debit card, and PayPal payments; these payments can be immediate, authorized for
later capture, and they can be recurring payments. PayPal Payments Pro (Direct Payment)
also includes standalone applications for accepting payments.
In addition, PayPal Payments Pro (Direct Payment) includes Fraud Management Filters
for automatic review and management of risk
Introducing Direct Payment
Direct Payment lets buyers who do not have a PayPal account use their credit cards
without leaving your website. PayPal processes the payment in the background.
Direct Payment lets buyers who do not have a PayPal account use their credit cards
without leaving your website. PayPal processes the payment in the background.
The Direct Payment User Experience
Direct Payment enables buyers to pay by credit or debit card during your checkout
flow. You have complete control over the experience; however, you must consider
PCI compliance.
When buyers choose to pay with a credit or debit card, they enter their card number
and other information on your website. After they confirm their order and click Pay,
you complete the order in the background by invoking the DoDirectPayment API
operation. Buyers never leave your site. Although PayPal processes the order, buyers
aren't aware of PayPal's involvement; PayPal will not even appear on the buyer's
credit card statement for the transaction.
The following diagram shows a typical Direct Payment flow:
The numbers in the diagram correspond to the following implementation steps:
- On your checkout pages, you need to collect the following information from a buyer
to be used in the
DoDirectPayment request:
- Amount of the transaction
- Credit card type
- Credit card number
- Credit card expiration date
- Credit card CSC value
- Cardholder first and last name
- Cardholder billing address
The following example shows the collection of credit card information from a US
buyer after the transaction amount has been determined:
Note: In some cases, the billing address and CSC value may
be optional. You must also identify debit on your PCI compliant
checkout page when you reference a direct card checkout image.
- You must also retrieve the IP address of the buyer's browser and include this with
the request.
- When a buyer clicks the Pay button, invoke the
DoDirectPayment API
operation.
- The PayPal API server executes the request and returns a response.
- Ack code (Success, SuccessWithWarning, or Failure)
- Amount of the transaction
- AVS response code
- CSC response code
- PayPal transaction ID
- Error codes and messages (if any)
- Correlation ID (unique identifier for the API call)
- If the operation is successful, you send the buyer to an order confirmation page.
The Ack code determines whether the operation is a success.
- If successful, you should display a message on the order confirmation page.
- Otherwise, you should show the buyer information related to the error. You should
also provide an opportunity to pay using a different payment method.
Direct Payment enables buyers to pay by credit or debit card during your checkout
flow. You have complete control over the experience; however, you must consider
PCI compliance.
When buyers choose to pay with a credit or debit card, they enter their card number
and other information on your website. After they confirm their order and click Pay,
you complete the order in the background by invoking the
DoDirectPayment API
operation. Buyers never leave your site. Although PayPal processes the order, buyers
aren't aware of PayPal's involvement; PayPal will not even appear on the buyer's
credit card statement for the transaction.
The following diagram shows a typical Direct Payment flow:
The numbers in the diagram correspond to the following implementation steps:
- On your checkout pages, you need to collect the following information from a buyer
to be used in the
DoDirectPaymentrequest:- Amount of the transaction
- Credit card type
- Credit card number
- Credit card expiration date
- Credit card CSC value
- Cardholder first and last name
- Cardholder billing address
The following example shows the collection of credit card information from a US buyer after the transaction amount has been determined:
Note: In some cases, the billing address and CSC value may be optional. You must also identify debit on your PCI compliant checkout page when you reference a direct card checkout image. - You must also retrieve the IP address of the buyer's browser and include this with the request.
- When a buyer clicks the Pay button, invoke the
DoDirectPaymentAPI operation. - The PayPal API server executes the request and returns a response.
- Ack code (Success, SuccessWithWarning, or Failure)
- Amount of the transaction
- AVS response code
- CSC response code
- PayPal transaction ID
- Error codes and messages (if any)
- Correlation ID (unique identifier for the API call)
- If the operation is successful, you send the buyer to an order confirmation page.
The Ack code determines whether the operation is a success.
- If successful, you should display a message on the order confirmation page.
- Otherwise, you should show the buyer information related to the error. You should also provide an opportunity to pay using a different payment method.
User Interface Recommendations for Direct Payment Checkout
Your checkout pages must collect all the information you need to create the DoDirectPayment request.
The request information can be collected by your site's checkout pages.
The following recommendations help process requests correctly and make it easier
for buyers to provide necessary information:
Important: You
are responsible for processing card industry (PCI) compliance for protecting cardholder
data. For example, storing the Card Security Code (CSC) violates PCI compliance.
For more information about PCI compliance, see PCI Security
Standards Council.
- Provide a drop-down menu for the state or province fields
for addresses in countries that use them. For U.S. addresses, the state must be
a valid 2-letter abbreviation for the state, military location, or U.S. territory.
For Canada, the province must be a valid 2-letter province abbreviation. For the
UK, do not use a drop-down menu; however, you may need to provide a value for the state in
your
DoDirectPayment request.
- Ensure buyers can enter the correct number of digits for the Card Security Code
(CSC). The value is 3 digits for Visa, MasterCard, and Discover. The value is 4
digits for American Express.
- Show information on the checkout page that shows where to find the CSC code on the
card and provide a brief explanation of its purpose.
- Configure timeout settings to allow for the fact that the
DoDirectPayment API
operation might take as long as 60 seconds to complete, even though completion in
less than 3 seconds is typical. Consider displaying a "processing transaction"
message to the buyer and disabling the Pay button until the transaction
finishes.
- Use the optional Invoice ID field to prevent duplicate charges. PayPal ensures that
an Invoice ID is used only once per account. Duplicate requests with the same Invoice
ID result in an error and a failed transaction.
To view normal Paypal integration check here
To view normal Paypal adaptive payment integration click here
Download a demo project.
Your checkout pages must collect all the information you need to create the
DoDirectPayment request.
The request information can be collected by your site's checkout pages.
The following recommendations help process requests correctly and make it easier
for buyers to provide necessary information:
Important: You
are responsible for processing card industry (PCI) compliance for protecting cardholder
data. For example, storing the Card Security Code (CSC) violates PCI compliance.
For more information about PCI compliance, see PCI Security
Standards Council.- Provide a drop-down menu for the state or province fields
for addresses in countries that use them. For U.S. addresses, the state must be
a valid 2-letter abbreviation for the state, military location, or U.S. territory.
For Canada, the province must be a valid 2-letter province abbreviation. For the
UK, do not use a drop-down menu; however, you may need to provide a value for the state in
your
DoDirectPaymentrequest. - Ensure buyers can enter the correct number of digits for the Card Security Code (CSC). The value is 3 digits for Visa, MasterCard, and Discover. The value is 4 digits for American Express.
- Show information on the checkout page that shows where to find the CSC code on the card and provide a brief explanation of its purpose.
- Configure timeout settings to allow for the fact that the
DoDirectPaymentAPI operation might take as long as 60 seconds to complete, even though completion in less than 3 seconds is typical. Consider displaying a "processing transaction" message to the buyer and disabling the Pay button until the transaction finishes. - Use the optional Invoice ID field to prevent duplicate charges. PayPal ensures that an Invoice ID is used only once per account. Duplicate requests with the same Invoice ID result in an error and a failed transaction.
To view normal Paypal integration check here
To view normal Paypal adaptive payment integration click here
Download a demo project.
By, Akash Roy, CEO, JPR Infoserve, http://jprinfoserve.com
No comments:
Post a Comment