Does PayPal recycle PayerIds? I'm linking private information to PayerIds - paypal

I'm changing my online store right now. I decided to remove accounts altogether... so that the users can go straight to paypal express checkout and just pay.
I'm doing the paypal part first, then i redirect back to my site to let them fill in a shipping address, billing address, and then review the information before submitting the order.
So far i noticed that Paypal always sends back the same PayerID if you are logging into a paypal account. Also, if you don't log into a paypal account (and just punch in your credit card), it will return the same payerID for that credit card in the future.
Is it safe for me to keep track of shipping address in order to create an address book and link them to the payerID? That way, returning paypal customers will be able to select a saved address...
Does paypal recycle these IDs... or are they always going to be unique and there is no fear of me showing someone elses information to another customer...
Thanks.

No, PayerID's are unique to each account. They won't ever change for the same account.

Related

Paypal Xclick URL to send payment now requires login?

The following link used to allow our customers to pay for an item, or amount due, without an account. We use this when we need to re-evaluate shipping costs and send an automated email to let the customer know and pay the balance due-
https://paypal.com/xclick/business=paypal#ourbusiness.com&item_name='Ordernumber'&amount='amount'
(There are values populating the ' '. )
This link now brings us to a sign in page for Paypal. After sign in, sending payment works fine. There is no "Use Credit Card Option"
The issue is allowing those without Paypal to pay.
In our business account settings we have enabled the "Paypal Account Optional" but it doesn't seem to have any effect on the URL method.
There are other link structures that work similarly. Some are noted in help documents, some from other users-
https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=...
https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=...
Donations aren't what we're going for, but it does allow for payment without an account.
So what's the new URL structure to allow customers to use a credit card to pay for an item without making an account?
Is this still possible?

Verify Paypal id is valid or not inserted by user

I want to verify that whether user has entered valid Paypal id or not. If not than user can't do registration. I've also visited this [1]: How can I verify a PayPal ID? question but it doesn't help me :(
You can't find a direct answer because "valid PayPal ID" doesn't have a single fixed meaning. You will need to be more specific as to what you are trying to discover. Then there may or may not be a way to accomplish what you want, since PayPal protects some aspects of their customers' account and identity information for their protection (and for business reasons).
A bit of background that may help you clarify your question, if not necessarily answer it:
Any email (or phone number) can be configured to receive PayPal payments, in many cases even if the email was not attached to a PayPal account at the time the payment was sent. However, not all PayPal products can function in this way (e.g. you cannot make API calls as an account that has not been set up and has not generated API credentials). Are you asking about receiving money, and if so with which product(s)?
Most people can pay through PayPal if sent to a PayPal page, whether they are accountholders or not (depending upon the PayPal product being used). In addition to guest payments and/or direct credit card payments through PayPal, people can set up PayPal accounts when they arrive and immediately pay with them. So collecting email first and refusing to go forward if there is no PayPal account attached to that email would loose you potential customers. It would also "let through" many customers who could not pay, such as people who know an email address but don't own the attached PayPal account. PayPal also intentionally declines to easily answer questions about whether an email has an associated PayPal account in order to make it harder for bad actors to accumulate lists of PayPal accounts (often with associated personal information) for spear phishing campaigns. There are some APIs that allow you to get limited information about a PayPal account but there are limits associated with these APIs; see e.g. GetVerifiedStatus documentation at:
https://developer.paypal.com/docs/classic/api/adaptive-accounts/GetVerifiedStatus_API_Operation/
Note also that Verified has a particular technical meaning in PayPal, and is NOT AT ALL THE SAME as "able to pay you."
If you want to know if someone can log into their PayPal account, and then use that PayPal account to get information about the user (as well as potentially pay you), that's easy: use Login with PayPal. That's what it's for. Naturally this requires the user to login and assent to your use of their information.
If you want to know if someone can take a particular action (e.g. make a payment), at this moment, the only way to be certain is to actionally request that action. You have options short of actually requesting money; if you want to ensure the user has funds and reserve them for you to collect shortly you can request an authorization rather than a sale. If you want to make sure the user can log in, has payment mechanisms and generally looks ready to pay you (but WITHOUT reserving and guaranteeing funds) you can request an Order.
Hopefully one of these things is what you are asking for?
If you have a PayPal AccountID (a PayPal-generated ID rather than an externally-generated identifier like email or phone number) you can pass it to certain APIs (such as the GetVerifiedStatus), so many of the same options above apply.

PayPal IPN - What if website email address differs from PayPal account email address?

I am about to set up an IPN script after users make a purchase from my site but I just had a thought, what if the email address they signed up to my site with differs from the email address they signed up to PayPal with?
i.e. they sign up to my site with forename.surname#domain.com but their PayPal account login is surname.forename#domain.com.
The PayPal IPN will send back surname.forename#domain.com and I have no way to identify who has just made that purchase.
I realise in this simple case it may be possible to find an email address similar to that in the database but in the real world people have crazy email addresses and that isn't always going to be possible.
Has anyone solved this problem before?
It may be best to use a different identifier such as an invoice number or pass a custom value to PayPal for the payment. PayPal will return this via IPN and can be used to link the payment to the customer's account on your website.
This way you pass a value to PayPal that is linked back to that customer's account regardless of their PayPal account details.
Hope this helps!
I suggest that you should force the customers log in before placing an order, then you can get the email they used in Paypal from the return value, and combine the two emails in some way or even just leave them.

Paypal Payments - What to store from them?

I was wondering, if you have coded a website which uses paypal payments as a payment method (the kind of payments where you get redirected to their site for payment, not web payment pro).
What kind of details can I store? Is it just their paypal email address that can get supplied to me or do other details regarding their paypal account also get sent to me via their API which can be stored on my site?
As already mentioned, you get the details of the transaction, so email address, name, delivery address and the contents of the shopping cart.
You can send custom parameters from your form though, such as phone number.
Paypal, by default doesn't ask users to provide a phone number and therefore usually doesn't send you one. However, it's often useful for retailers to have a customers phone number.
If your shopping cart is populated by your website and then customers are asked to complete a brief, name, phone number, email form before submitting to Paypals site you can send these extra form fields to Paypal and have them come back to your server for storage/checking.
However... I found it very erratic! There seemed to be a problem with my account when I did this and the PP technical team couldn't explain why it was only sometimes working! I gave up in the end and found a Payment gateway with credit card and Paypal integration, now all my payments come through the same channel and callback methods regardless of type.
http://www.securehosting.com I use now.
Mostly only the details pertaining to the transaction can be retrieved in the usual procedure, as it appears even when you see the transaction details in your paypal account when you receive payments. However, it would be helpful for you if you can provide more information on what you wish to look for.

PayPal Errors for Emails without a PayPal Account

I'm building a site where one user can use PayPal to buy an item from another user. I want the money to go directly from one to the other while I just handle the IPN and the interface. I've set up the encrypted button to use cmd = _s-xclick and for the encrypted data: cmd = _xclick, business = the email of the seller and email = the email of the buyer. I'm having some issues completing the transaction. For example, User A has a PayPal account, User B does not. Both have an item being purchased by the opposite user. Clicking the "Pay with PayPal" button for User A (to buy User B's item) yields:
"The merchant is not a business or premier PayPal account. This feature is only enabled for a business or a premier PayPal account holder."
Clicking the "Pay with PayPal" button for User B (to buy User A's item) yields:
We were unable to authorize the transaction. Please contact your merchant.
I'm assuming the first message is because User B does not have a PayPal account, but I thought that PayPal will still accept the payment and hold it in a temporary account until that user signs up.
I'm also assuming that the second message is also because the buyer (in this case User B) doesn't have a PayPal account. But I thought PayPal would just give them the option to create one right there or use a credit card to make the payment.
Am I missing something (e.g. is there a different variable I need passed)? Or do I have to somehow confirm that a user has a PayPal account before allowing them to buy/sell an item.
PS: I'm pretty sure, but I'll have to confirm, that it works if both parties have PayPal accounts and the seller is a business/premium account.
This way is not a great solution because you have no way to check or guarantee that both parties have a PayPal account. I recommend using Adaptive Payments (Chain Payments). This will allow you as the PayPal account holder to run each transaction and it will send the money to the appropriate seller PayPal account, or e-mail them to let them know they have money waiting if they do not have a PayPal account, so that they can sign up and claim the money.
We recently began receiving this extremely unhelpful error message and we had to contact Paypal Merchant Technical Support. After much back and forth received the following response:
Unfortunately, we PayPal are facing some difficulties with encrypted button currently and our developer team is resolving this issue as we speak. In the meantime if you don't mind could you create a secondary email in your account then set it as primary, next regenerate the button again and test it out. For now this is the only work around they provided if you require to use encrypted button, give it a try and see if its worked, let me know if there's anything else you need, I would be happily assist you. Sorry for the inconvenience caused.
Tried that and it worked. It made me want to curse at someone, but it worked.