I'm using Paypal Pro API to process my purchase. It works well with card number, expire date and security code but I need to validate the address and the owner name of the card as well.
Is there any parameters or functions in the API to do this? I didn't found anything in the docs. Or maybe it is an additional option in the Paypal developer control panel?
Assuming that we're talking about the Payflow Gateway API (for PayPal Payments Pro and other things), it appears you can do address verification--see the section entitled Using Address Verification Service. Notice the note there that says it doesn't check street names, in case that's a deal-breaker for you.
As for name validation, I can't find anything about that other than that it's typically passed in the sale transaction itself (section: Typical Sale Transaction Parameter String). Whether it's then validated by the banks as part of their end of the transaction, I couldn't say.
Hope that gets you a bit further. I haven't worked with any of this stuff myself.
Related
I'm testing a PayPal integration on the sandbox using cmd=_express-checkout
(https://www.sandbox.paypal.com/cgi-bin/webscr?cmd=_express-checkout&useraction=commit&=token=..)
The store I'm working on calcs shipping costs from delivery address before initialising the PayPal transaction, so we need to display the shipping address as entered on our client's site and not the default address held by PayPal for the buyer.
I've tried sending address_override=1 along with the address parameters specified here (https://developer.paypal.com/docs/classic/paypal-payments-standard/integration-guide/Appx_websitestandard_htmlvariables/) but the [Ship To] displayed is still that of the test account default address.
address_override=1
useraction=commit
token=XXXX
address1=XXXX
city=XXXX
state=CA
country=US
zip=XXXXX
first_name=XXX
last_name=XXX
Am I missing something obvious or should I be doing it differently?
Thanks.
Looks like you have set NOSHIPPING=0.
Please change your request and set NOSHIPPING=2
NOSHIPPING
Determines whether PayPal displays shipping address fields on the PayPal pages. For digital goods, this field is required, and you must set it to 1. Value is:
0 — PayPal displays the shipping address on the PayPal pages.
1 — PayPal does not display shipping address fields and removes shipping information from the transaction.
2 — If you do not pass the shipping address, PayPal obtains it from the buyer's account profile.
Another one thing is for Express checkout integration you need to refer the documentation in here:
https://developer.paypal.com/docs/classic/api/merchant/SetExpressCheckout_API_Operation_NVP/
The link that you have provided earlier is for paypal payment standard integration.
This will requires us to pull the log.
Kindly create an MTS ticket at our Technical Portal (https://www.paypal-techsupport.com/) and provide the EC token for further checking.
I have looked at Paypal's HTML Variables for PayPal Payments Standard very closely
and looked all over the web for an answer. And I'm pretty sure I already know the answer to my own question, but it seems too absurd. So I'm asking just to make sure I'm not missing anything.
I realize this is basically a duplicate to this question, but he was given one stupid answer.
(Update: The stupid answer has been removed, and now there is a very good answer by another user)
I am collecting the customer's billing and shipping addresses on my site. I can send the billing address, but not the shipping address to PayPal.
The reason I want to send the shipping address is to use PayPal's shipping label service.
I realize that I could set the no_shipping variable to 2 to have PayPal prompt for and require a shipping address, but I am using the address they input on my site to calculate shipping costs with USPS' API. So I need to prompt on the site, and I don't want to make the customer fill in their address a SECOND time on PayPal.
So is there a way to make this work?
I need to:
Calculate shipping costs
Print labels
Keep the checkout process simple and fast
The document you reference does actually answer your question, although admittedly it is hard to pull out the specific answer you are looking for from all the possibilities. Look specifically here:
https://developer.paypal.com/docs/classic/paypal-payments-standard/integration-guide/formbasics/#id08A6F0SJ04Y
... under the heading "Overriding Addresses Stored With PayPal."
Or at least, that is the section for passing in a shipping address for PayPal account holders. If you are using PayPal account optional then it's even more complicated, see here:
https://developer.paypal.com/docs/classic/paypal-payments-standard/integration-guide/Appx_BillingShippingAddress/#id08A9BM00A5Z
Short answer: you can't pass in two separate addresses, but the address you pass is (usually, depending upon several related variables & conditions) treated as shipping address.
Part of the reason this is so complicated is that there are so many variants of checkout flows. PayPal recommends/prefers that you let them collect the buyer's shipping (and billing, where/if required) on their page and they will pass it back to you. (And this is by far the best for PayPal accountholders since they probably have the address(es) on file already with PayPal and thus don't have to type them at all.) But PayPal knows that isn't how every merchant wants to do it so the product is flexible -- to the point of being so complex it is almost incomprehensible at times.
Using the PayPal REST API, have the credit card form configured and processing correctly. Noticed that in sandbox mode the card validation is very loose, you can pretty much enter whatever you want for the payer details, as long as the card number is essentially valid.
I assume that once I change to live mode, using live credentials, the validation will be more strict.
I run a test, using a valid card number, but intentionally use a bogus name, address, expiration date, and cvv (the cvv I provide is only 3 digits, it should be 4 for AMEX).
The payment is processed successfully!
I scratch my head and make sure the site is really using the live credentials. It is. I check with my non sandbox PayPal account, it has actually received the payment.
What gives?
The amount was for $1. My assumption is that PayPal passed all the details along to AMEX (in this case) and AMEX saw that it was only $1, and didn't verify any other details? Fine, but wow, to me that's crazy! Talk about fraud waiting to happen.
Any insight would be appreciated.
Depending on how your account is vetted when you first open it up, PayPal may or not may give you full access to fraud filters. It sounds like you do have full access, which means it's going to accept payments even if AVS or CVV2 responses come back as a failure.
If you want to stop this, login to your PayPal account and go into your profile. Look for Fraud Management Filters, Risk Controls, or something along those lines. It's different depending on what version of PayPal account you have.
Once you're in those settings you should see lots of options for security filters you can set including AVS and CVV2 (card code).
Now, that would apply for the name, address, and cvv2, but it shouldn't apply for the expiration date. Are you sure the test you ran included an invalid expiration date? My guess is the card number and expiration were good, but you just used a bogus address and card code..??
In the example for accepting payments by credit card (link) the billing address information is not present. However, the payment appears to go through. What are the circumstances that require me to include this data?
In the classic API, the address fields are required. I can't find a field reference for REST, oddly enough. I suppose you could omit them and try a sandbox call to see if it fails, but omitting the address means no address verification (done against the zip code). It opens you up some to fraud.
Problem: I've implemented "partial authorizations" (pg 72) but whenever I try to run a transaction that could use it, the result is a decline.
Setup: I'm handling transactions with the API with PayPal Payment Pro Payflow Edition (aka, PayFlow Pro Gateway & PayPal Merchant Account).
Cards use in Transaction: Visa Gift Card & American Express Gift Card. This feature was made for gift cards and other prepaid products. Gift Cards are specifically cited in PayPal's documentation example.
Transaction Logs:
Here is the log for a declined partial authorization. The original amount requested is $25.00, even though this visa gift card only had $2.00 on it. I should have received a response with an approved amount for $2.00. Instead I got a decline.
-> PARTIALAUTH:Y TENDER:C ACCT:**** VERBOSITY:HIGH TRXTYPE:A EXPDATE:0618 AMT:25.00
<- RESULT:12 CARDTYPE:0 PROCAVS:G IAVS:N PROCCVV2:I EXPDATE:0618 RESPMSG:Declined: 15005-This transaction cannot be processed. LASTNAME:NotProvided ACCT:**** AMT:25.00 PNREF:************ AVSZIP:X AVSADDR:X HOSTCODE:15005 TRANSTIME:2012-12-14 12:43:04 CVV2MATCH:X
For comparison, when I run the same card for an amount that is less than what's on the card, it goes through no problem:
-> TENDER:C VERBOSITY:HIGH ACCT:**** AMT:.11 TRXTYPE:A EXPDATE:0618 PARTIALAUTH:Y
<- AMT:0.11 AVSZIP:X PPREF:***************** ACCT:**** AUTHCODE:111111 TRANSTIME:2012-12-14 12:41:46 LASTNAME:NotProvided IAVS:N PROCAVS:G RESPMSG:Approved PNREF:************ RESULT:0 EXPDATE:0618 PROCCVV2:I CARDTYPE:0 AVSADDR:X CVV2MATCH:X CORRELATIONID:*************
-> TENDER:C ORIGID:************ TRXTYPE:D
<- RESULT:0 PENDINGREASON:completed PNREF:************ FEEAMT:0.11 PAYMENTTYPE:instant RESPMSG:Approved PPREF:************ CORRELATIONID:*************
I believe the API calls should be and in fact are the same in both cases. The point of Partial Authorizations is that you don't know when you need it, so if you want it, it should be enabled for all transactions -- meaning you always append the two extra parameters of VERBOSITY=HIGH and and PARTIALAUTH=Y.
Any ideas why this isn't working. The feature is very important to my application and is one of the main reasons I'm using PayPal.
I hope I'm missing something simple, like a setting in manager.paypal.com.
From what I can see you're doing everything correctly. When something like this happens the only thing you can do is contact PayPal directly.
You can do so via www.paypal.com/mts or if you login to your PayPal account and go into the contact by phone section you should see a separate phone number for tech support directly.
I would recommend submitting a ticket to MTS and then also calling, but when you call, refer them to your ticket. They're going to want you to post one anyway, but if that's all you do it probably won't get answered for awhile, unfortunately. I've had good luck catching them on the phone, though, and can get things done much more quickly that way.
The only thing I can think of that might be an issue here is that you're using the PayFlow gateway with PayPal as your merchant. While the PayFlow gateway supports this, PayPal may not. It may only work if you're using a 3rd party merchant account on the PayFlow gateway.
That's something they will need to confirm or deny as I haven't specifically tested this myself, but again, I don't see that you're doing anything incorrectly.