Is it possible to reject / auto refund after receiving IPN message with COMPLETED status but the txn_id is duplicated or the price value is incorrect?
Or manual investigation need to be done to refund
If you are verifying your IPN calls with PayPal, this should (in theory) be impossible. PayPal never duplicates transaction IDs.
Is it possible to reject / auto refund after receiving IPN message with COMPLETED status but the txn_id is duplicated or the price value is incorrect?
You can't reject the transaction with IPN. You aren't in a transaction. You're getting notification that a transaction has already occurred.
You may be able to use another API to reverse the transaction, as suggested by #geewhiz.
Related
I'm using Express Checkout, and the response from DoExpressCheckout returns the following parameters:
PAYMENTINFO_0_PAYMENTTYPE = INSTANT
PAYMENTINFO_0_PAYMENTSTATUS = COMPLETED_FUNDS_HELD
PENDINGREASON = NONE
REASONCODE = NONE
HOLDDECISION = PAYMENTHOLD
However, the IPN that's sent along doesn't make any reference to the funds being held. The payment_status is set as Completed and there's no mention of a parameter that might signify an issue in the documentation for the IPN values.
How can I ensure that I only react once the payment has been taken out of review, and is no longer being held?
(Note: I need to resolve how to handle this in the IPN, not the underlying problem with the account, as this is a historical issue that I need to prevent from happening again for any reason)
IPN are showing the transaction status during the time it was happen, in your case, the payment are done, completed which means, the money was initiated from the buyer account into your account, but due to some issues/reasons the transfer of the said money was pending. Some security check has caused the transaction funds being held
In IPN payment status, it was showing that COMPLETED_FUNDS_HELD which means there is a money come into your account but then it was held due to some reason where only PayPal knows.
This payment will be release in a few days, and until that time, if you handling the payment carefully from your website dashboard order, it shouldn't be any issue because normally PayPal only hold it for a few days.
Until this time, I written this, PayPal hasn't got any solution for this type of held because it was an account related issue where IPN are not feed to the get the update.
After one has created a monthly billing agreement with a customer; how do I verify that the customer has paid (and not cancelled the agreement) at the next bill statement?
Would I use GetRecurringPaymentsProfileDetails for this information? Basically, I want to automate cancellations/etc.
In your ipn end point a subscr_cancel txn_type is sent when this happens. Then you can update a record in your database to account for this.
Ipn messages when enabled send post requests for all kinds of actions such when a Payment is made or a subscription is cancelled. When you receive a message you need to validate the message, determine what message it is, and then perform an action in your application
Ipn info
https://developer.paypal.com/docs/classic/products/instant-payment-notification/
I am currently working on a project using PayPal. When I made a transaction, the payment status in the IPN received was 'Pending' and reason was Payment review. I found out that it will take 24 hours for the review process. So I want know if I will get an IPN when the review process is over?
You should get an IPN notification when the transaction changes status. For example, PayPal sends you an IPN notifying you of a pending payment. PayPal later sends you a second IPN telling you that the payment has completed.
Because of security reasons you may get the first IPN with payment status pending But when the payment review is over You will get another IPN with payment status as completed.You can can transfer your stuffs then.The payment review will take maximum 24 hours.
At the end of the IPN docs it says the following:
Important: After you have authenticated an IPN message (that is, received a VERIFIED response from PayPal), you must perform these important checks before you can assume that the IPN is both legitimate and has not already been processed:
1.Check that the payment_status is Completed.
2.If the payment_status is Completed, check the txn_id against the previous PayPal transaction that you processed to ensure the IPN message is not a duplicate.
3.Check that the receiver_email is an email address registered in your PayPal account.
4.Check that the price (carried in mc_gross) and the currency (carried in mc_currency) are correct for the item (carried in item_name or item_number).
What are you supposed to do if one of these checks fails? Are we supposed to call a PayPal API somehow to 'reject' the transaction'?
Most shops would mark an order / transaction that fails these checks as "Possible Fraud" or something along these lines.
The order status should raise awareness with the employee working the orders - a closer look should show which check has failed and further actions can be initiated.
This may range from refunding the transactions to contacting PayPal for possible fraud attempts. In any case, the order should be checked and not just treated as any other "Completed" order.
Sample scenario:
You're using unencrypted Website Payments Standard, HTML Forms to receive payments.
A fraudulent buyer finds out and starts modifying the price of an item through editing the submitted form
You receive the order as PAID and don't check the value of the order within your shop against the transaction
An employee doesn't spot this and an item worth 200$ is sent out for a payment of 0.01$
I have done some scouring but cannot find a definitive answer for this!
I get "VERIFIED" and "Pending" so i can put my orders from "placed" to "in-progress" but need the complete / failed so i can then transfer to "paid" and "cancelled".
Anyone have anything definitive on this, or is it a waiting game until test payments are complete (not using sandbox).
If the payment has a “Pending” status, you receive another IPN when the payment clears, fails, or is denied.
Also, here are some good things to check once you receive Payment_staus=completed
Check that the "txn_id" is not a duplicate to prevent a fraudster
from using reusing an old, completed transaction
Validate that the "receiver_email" is an email address registered in
your PayPal account, to prevent the payment from being sent to a
fraudster's account
Check other transaction details such as the item number and price to
confirm that the price has not been changed
You get another IPN (not a 'resend'), same txn_id, with payment_status='Completed'.