When a user enters invalid payment information in our payflow checkout screen, they get the following message:
Some required information is missing or incorrect. Please correct the fields below and try again.
Error: Your transaction was approved! However, a communication with the merchant's site occurred. The transaction has been voided. please contact the merchant.
This isn't very descriptive. A customer was trying to submit a payment and the card kept getting declined (RESULT 12). The customer only figured out the payment was declined by contacting us - we had to look at the transaction history. Is there a way to return something more descriptive, such as invalid CC number, invalid CC expiration date, etc. ?
I could've sworn the error message was more detailed in the past. Not sure what has changed. I also browsed our settings and could not find anything off.
This is most likely a security feature. If Paypal were to specify which fields were invalid, then an attacker could infer which fields were valid, and by this method, gather information about their database through many attempts to guess different fields. For example, they could discover valid credit card numbers in the DB by trying different combinations of fields and noting when no error was displayed regarding the number.
Related
I have the following flow with Paypal:
I create a payment with intent "order", and I redirect the user to Paypal's website.
Once the user returns, I execute the payment.
Then, I authorize the order.
At this point, I can still look up the payment or the order and I get expected result.
Finally, I capture the order.
After I capture the order, I can't lookup the payment with /v1/payments/payment/PAY-XYZ or retrieve the order with /v1/payments/orders/O-ABC. I get a 500 Internal Service Error.
Before you tell me to send debug id to Paypal because I stumbled upon their bug: I tried, but they are not responding. I had them on the phone, sent support requests, etc. I got no reply from them, so I have to turn to community.
After capture, I can still lookup a payment by listing payment resources. Since I store paypal's create time, I send a GET request that looks like:
/v1/payments/payment?start_time=2016-06-21T09:08:56Z&end_time=2016-06-21T09:08:58Z
Sure enough, I can get the payment object back, but that looks awfully hacky to me.
The reason why I need the entire payment object is because I need a definitive information about the status of the payment. E.g. I can stumble upon a network error when I send a capture request and I won't get capture ID, so I can't check what's going on. Or I can miss a webhook event (for any reason, e.g. bug in my code), and the payment can become refunded without me knowing, so it would be ver nice to be able to fetch a payment.
I noticed the REST API documentation here https://developer.paypal.com/docs/api/payments/#payment_get says that I should use that endpoint for incomplete payments, but I don't understand why I can't check the order, or why list payment resources works, but fetching a single payment doesn't.
Retrieving the payment used to work though, so I could look up related_resources of transactions of the response (like I can do now with listing all payments by date).
My question is: what is the recommended way to get the definitive information about a payment?
Also, if someone from Paypal is reading this, here are some debug_id's so you can perhaps look into it: 3ffa3007a7561 (result of https://api.sandbox.paypal.com/v1/payments/orders/O-3PA36862ST053572T) or 85576d66784cd (response from https://api.sandbox.paypal.com/v1/payments/payment/PAY-7N237030X85089344K5UQIKI)
This happens on both sandbox and live.
Thanks,
Dejan
I am using payflow pro. When I use currency code 'USD' all payment flow's works fine. But when I change currency code to 'CAD' it will return error with result code 06 which means Invalid or unsupported currency code. How to solve this problem?
This is not problem with your code.
Following https://developer.paypal.com/docs/classic/api/currency_codes/
Payment Receiving Preferences
If you have a PayPal Premier or Business account, configure your Payment
Receiving Preferences to handle payments automatically. You can convert
any payment into your primary currency or block certain types of payments.
You can set the following:
Block or unblock payments from U.S. customers who don’t have a confirmed address.
Block or unblock payments sent to you in a currency you don’t hold.
Block or unblock payments for duplicate invoice IDs.
Block or unblock payments from customers who have non-U.S. PayPal accounts.
Block or unblock payments from Student Account holders.
Log in to your PayPal business account at www.paypal.com. Click the
profile icon (Profile menu) on the top right side of the page. From the
Business Profile menu, select Profile and Settings.
Note: If you do not see the profile icon on the top right, select
Profile which appears in the top menu when the My Account tab is selected.
From the left menu, click My selling tools.
In the Getting paid and managing my risk section, click the Update link
for the Block Payments item.
Update your settings and click Save.
Just happened to hit this problem with Magento 2.3.1, when paying with credit card against PayPal Payflow Pro. Our default currency for the store is "CAD".
The support team is super, after our several failed transactions they managed to figure our the problem, let me share their reply here:
Thanks for reaching out today. Happy to help.
It looks as though this is an issue with the currency code you're passing. Right now it appears you're trying to pass USD in on the $0.00 verification call, but CAD on the actual 2.20 transaction itself. When you verify a card, the transaction you attempt against that verification must use the same currency. Try passing the subsequent transaction with USD, or create the verification in CAD and then run the transaction against it using CAD. See https://developer.paypal.com/docs/classic/payflow/integration-guide/#submitting-account-verifications for more on verifications. That's a great resource for Payflow in general as well.
That should resolve the issue you're seeing, but please let us know if you run into any other issues.
I hope that helps. Let us know if you have any questions.
That says for two API calls from our server (Magento 2.3.1) to PayPal need to specify the same currency code. While our first API call which sending amt=0 field doesn't have separate currency field there, so I guess the default value was assigned which is "USD". While the second API call which sending the real amt number had currency=CAD field, that might confused the API and eventually refused by it.
For Magento 2.3.1 the fix is to add the currency filed for the first API call, which the same idea may apply to other conditions as well.
Here is the Magento fix in case you are interested.
I am setting up my IPN for PayPal its been tested using a send box account and the site worked.
Now that I have gone live I am testing using real money and the ipn set up is
www.mysite.co.uk/XXXXXXXXX
However when I make the payment I notice in the url reply on my browser and when I check the IPN history on Paypal it says www.mysite.co.uk.co.uk. The.co.uk` appears twice. I assume this is the reason I am not getting the orders finalised on my backend.
There are two places you can specify the IPN listener URL:
your PayPal profile, or
with your transaction
It's very likely to be caused by mis-configuration in either of the two places.
If you specified it with your transaction, depending on the product you use, you may be able to find it in a parameter similar to "notify_url" or "PAYMENTREQUEST_0_NOTIFYURL". You'd need to refer to the documents of the product you are using.
We are using the secure token method to process credit card payments with PayPal hosted pages. We generate the secure token by providing the required information
[TRXTYPE=S, AMT=xxx, TENDER=C, ORDERID=xxxxxxxxxxxx, CURRENCY=USD, CREATESECURETOKEN=Y, SECURETOKENID=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx, PARTNER=Paypal, VENDOR=xxxxxx, USER=xxxxxx, PWD=xxxxxx]
We get the success result as follows:
{"RESULT"=>"0", "SECURETOKEN"=>"xxxxxxxxxxxxxxxxxxxxxxxxx", "SECURETOKENID"=>"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "RESPMSG"=>"Approved"}
We then send this back to PayPal where the user can choose to pay with credit card and or PayPal.
When someone pays with credit card, all is fine, when someone chooses to pay using "PayPal" it asks user for PayPal credentials and once provided it shows another screen to accept the charges. Once the user accepts, we get the following error message:
{"TYPE":"S","RESPMSG":"Original transaction ID not found: xxxxxxxxxxxx","TAX":"0.00","PNREF":"xxxxxxxxxxxx","TENDER":"P","AVSDATA":"XXN","METHOD":"P","SECURETOKEN":"xxxxxxxxxxxxxxxxxxxxxxxxx","AMT":"1.00","SECURETOKENID":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","TRANSTIME":"2014-01-02 06:09:02","ORDERID":"xxxxxxxx36U1","RESULT":"19","DUPLICATE":"2","TRXTYPE":"S","action":"create","controller":"payment_notifications"}
The help I got from PayPal folks says "Looking at the logs it seems like the transaction was declined with the result code 19 which means that the transaction ID you entered for this transaction is not valid. When searched for the original transaction, I could not find any. So, it seems like the original transaction is not valid. Provide an valid original transaction ID and it should go through fine."
However nowhere in their documentation do they suggest to send this "transaction ID" variable and without it we have been processing Credit Card payments just fine.
My question:
What do i need to change in my process that I can accept Credit Card and PayPal payments?
Any help will be greatly appreciated.
It seems the issue was on PayPal side and they have yet to come back to us with an answer. Once thing which they do not openly advertise is that they have the ability to remove the Pay with PayPal button form the hosted pages so if someone else runs across the same issue they should ask PayPal to remove the Pay with PayPal button from their end, made sure to confirm that you are not disabling the service from express checkout just hiding the button.
I'm getting this intermittent message on checkout in BigCommerce.
Your financial institution has indicated that it could not successfully authenticate this transaction. To protect against unauthorized use, this card cannot be used to complete your purchase. You may complete the purchase by selecting another form of payment or use a different card.
My API is correct with Paypal Payments Pro, Check out works and then doesn't work. Tried a few cards, sometimes the card worked, and sometimes it didn't. Here is the error message.
Your financial institution has indicated that it could not successfully authenticate this transaction. To protect against unauthorized use, this card cannot be used to complete your purchase. You may complete the purchase by selecting another form of payment or use a different card.
I have the same account setup on another BigCommerce site and never had a problem.
If you have another BigCommerce site and are using the PayPal account, make sure that your starting invoice numbers are far enough apart, otherwise you will be sending duplicate invoice numbers to PayPal and end they'll return an error. I was getting the same error, and I just set had to set one of my store's starting invoice number (under store settings/misc) to a really high number. This fixed the problem. Thanks BigCommerce tech support guy!
(You should be able to see what error you are getting by going through your store logs)