I'm having some trouble choosing between PayPal's Instant Payment Notification (IPN) and Payment Data Transfer (PDT).
Basically, users buy a one-off product on my site, pay on PayPal, and return to my site. I understand how IPN works but I'm now seeing that I might be able to trigger the various actions that take place after a successful purchase more easily with PDT, as the data gets returned there and then (as opposed to needing a separate listener).
However, PayPal's PDT documentation contains this cryptic line: "PDT is not meant to be used with credit card or Express Checkout transactions." ... but I can't find anything further whatsoever on the topic.
Are credit cards REALLY not meant to be used with PDT? I would like more than a sentence.
Does that mean that a user must have/create a PayPal account to pay?
Does it mean that if I want to allow users to pay with their PayPal accounts AND/OR with credit cards directly, I must implement IPN?
Could anyone who's gone through this kindly shed some light?
The APIs for PDT and IPN are similar. The main difference is when you receive the notification. For that reason I would recommend implementing both.
With PDT you get the notification instantly and can do any additional processing required and show the user a confirmation page.
With IPN you are guaranteed to be notified that the payment was received even if the user's computer explodes before it can send you the PDT.
Implement both and get the best of both worlds. But if you're only doing one, IPN is the reliable one.
One catch: if you implement both then there's a chance your payments could be processed twice. Take care to ensure that doesn't happen. The application I wrote handles the PDT and IPN almost identically (the backend part is the same) and that code acquires a per-web-user lock in the database, so that if the same user tries to submit the exact same payment multiple times it can only be processed once. Once processed the result of that process is re-used for any subsequent attempts to process it.
Edit
One more thing: IPN carries more information than PDT. There are lots of different messages that you can receive from IPN, such as chargeback notification, etc, and thus you really should implement it.
PayPal's PDT system sends order confirmations to merchant sites that use PayPal Payments Standard and lets them authenticate this information. Such sites can then display this data locally in an "order confirmation" page.
When to Use PDT?
IPN provides the same capabilities described above. So, when should you choose PDT instead of IPN?
With PDT, your site is notified immediately when a customer completes payment. With IPN, however, there is a material lag between the time a customer completes payment and the time your site receives notification of this event.
So, use PDT if your site includes a feature that requires immediate payment notification.
For example, consider a digital music store. With PDT, this store can let customers download their purchases right away since PDT sends order confirmations immediately. With IPN, such immediate order fulfillment is not possible.
Advantages of IPN
PDT has a a major weakness: it sends order confirmations once and only once. As a result, when PDT sends a confirmation, your site must be running; otherwise, it will never receive the message.
With IPN, in contrast, delivery of order confirmations is virtually guaranteed since IPN resends a confirmation until your site acknowledges receipt. For this reason, PayPal recommends that you implement IPN rather than PDT.
Another advantage of IPN is that it sends many types of notifications, while PDT sends just order confirmations. So, using IPN, your site can receive, for example, chargeback notifications as well as order confirmations.
Note: If your site must be notified of payments immediately, you can implement both IPN and PDT. However, if you do, your site will receive two order confirmations for each sale. As a result, you must be careful to take action (say, ship a product) on just one copy of a given confirmation message.
Documentation Here
Re 1. PDT is meant to use with Auto Return for Website Payments feature. Auto Return redirects to PDT site after paying money to seller. Unfortunately it's not possible to use that feature along with PayPal Account Optional - used to enable Credit Card payment. Here is note from PayPal: 'If you have turned on Auto Return and have chosen to turn on PayPal Account Optional for new users, a new user will not be automatically directed back to your website, but will be given the option to return.'. User will have an option to go back to your site(PDT step) or stay on PayPal site. To sum it up when paying by Credit Card user can skip PDT step if user will not click 'return to store link'.
Re 2. It is up to you what paying options do you want to allow. If you want to allow paying without a PayPal Account you can enable Account Optional. If you want to allow only users with PayPal accounts disable that feature. There might be more options.
Re 3. In your case you need to trigger action after successful purchase. Recommended way would be to implement IPN. PDT doesn't work for all cases and doesn't guarantee message delivery. Here is link to doc covering that topic PDT vs IPN.
This is an old question, but my simple answer would be - Why not use both PDT and IPN? They will work fine for card transactions.
PDT can provide the immediate transaction status to your website, where you can quickly check the payment success or failure status and provide the user with appropriate message.
Meanwhile, you can await the full verification from IPN in the background. Once received, you can use this to further update your DB and process the order.
You can follow this step-by-step guide which I found to be very clear and helpful - and it's still valid in 2018.
https://www.codexworld.com/paypal-standard-payment-gateway-integration-php/
Related
With PayPal billing, with Auto Return and PDT enabled, when a user is returned to one's Return URL after a successful charge event, several parameters are appended by PayPal to the URL (e.g. "tx" for transaction id), which can then be used to identify the user.
However, if the user has just joined subscription with a free trial, no such information is appended and so the user is not identifiable at that point in time.
Since IPN is asynchronous, the IPN notification may arrive too late so one cannot rely on this.
Is there any way of identifying a user via the Return URL after they have entered a subscription with a free trial?
Similar Que: Implementation of free trial period with PayPal doesn't return any custom parameter
"If you are using PDT, then nothing will be sent back as no payment is taking place. Information will only be sent back if you are making a payment. I would recommend using IPN. Both the rm variable and PDT are dependent on the buyer returning back to your site. If the buyer does not return, such as their browser window unexpectedly crashes and closes, or they simply shut it no information will be sent back and it will be lost. This is why the rm variable and PDT are used more for creating dynamic receipts. IPN is more used for updating your system as it does not rely on the buyer returning back to your site. "
"Also with IPN you can resend the data to your system if you need to, and you can also view your IPN history from within your account. IPN usually takes place right after the payment is completed."
I am writing an IPN application for doing theater seat reservations. I place a temporary hold on the seats before going off to PayPal. When the IPN handler is called and detects a successful payment, the seats are reserved permanently.
The "return" parameter for my PayPal brings the customer back to the reservations application. Because the IPN handler may not have been called yet, the customer may or may not see his seats reserved (this is probably not the best application for IPN, but I am too cheap to spring for one of the non-free methods). So I am considering incorporating PDT. The "return" parameter would then specify a URL that would first complete the reservation processing in case the IPN handler has not already been called. Here are my questions:
My understanding is that if the customer does not have a PayPal account so that he instead uses his credit card to pay for the reservation, then PDT is inoperative (why this is unimaginable). What then does PayPal do so far as honoring the "return" URL? Does PayPal ignore it entirely or does it still return to that location but without passing the "tx' parameter? In the sandbox environment, of course, you always have a PayPal account and I am obviously unable to turn on PDT in my production environment production just to see what happens when one uses a credit card to make a payment, hence my post. However, I did specify in the sandbox that I wanted to use my (dummy) credit card to pay for the reservation and the "return" URL was invoked with the "tx" parameter. This was perplexing. So when PayPal says that PDT is not meant to be used with credit cards, will PDT work anyway as long as the customer is logged on to his PayPal account or is this just a peculiarity of the sandbox?
I am in the opposite position here, I have PDT implemented, but because the auto return doesn't work for my users without Paypal accounts, I am looking into adding IPN to my site to supplement PDT.
As I said, auto return does not work for customers/users who do not log into a PayPal account to make a payment. They can still make a payment if you have the "PayPal Account Optional" feature turned on in your Website Payment Preferences. They are given a link to your specified return page after their payment to return to your site, but are not automatically returned, so effectively, PDT doesn't work unless the user manually returns to your site (to the appropriate page) to initiate the PDT process. I have had problems with users not returning which prevents my registration process from completing, which is why I'm also going to be adding IPN.
PDT works with credit card payments as long as the user returns or is returned to your site after the payment to initiate PDT.
I have a site where my users can create invoices. I would like to offer my users the ability to have their invoices paid by their clients via PayPal. Each user on my site has their own paypal account.
I would like to use PDT so that the status of the invoice is updated to paid immediately after a payment is made via paypal. However, it would appear that this is not possible, because PDT requires that Auto Return is enabled (https://www.paypal.com/pdt) in the paypal account. Given that I don't have control of all my clients' paypal accounts (and I can't ask all of them to enable Auto Return), this doesn't seem to be feasible.
However, looking further into Standard Payments (https://cms.paypal.com/uk/cgi-bin/?cmd=_render-content&content_ID=developer/e_howto_html_formbasics), I can create a form variable called return (see Setting The Return URL on Individual Transactions). Does this mean that PDT data will be returned when using this method?
What you want is Instant Payment Notification (IPN). It is very similar to PDT except that it will be triggered regardless of whether Auto Return is enabled and whether or not the user actually makes it back to the site (which isn't guaranteed even with Auto-Return enabled).
The IPN system will POST transaction data to a listener on your web server in real-time. This can be used to update your own database, send email notifications, hit 3rd party web services, or anything else you'd like to automate.
IPN happens "behind the scenes". It's server-to-server communication, so it's not something that you'll see happening in the browser. It will do exactly what you're wanting, though.
PayPal states:
Note: If you have turned on Auto
Return and have chosen to turn on
PayPal Account Optional for new users,
a new user will not be automatically
directed back to your website, but
will be given the option to return.
But if some of the customers don't get "Auto Returned", how do I handle them programmatically?
Paypal does not guarantee autoreturn especially when Paypal Account - optional setting is on.
The right way to handle the integration is with Instant Payment Notification (IPN) option. Using IPN Paypal will make POSTS to your page notifying you of payment events. The following link explains the IPN process pretty well.
To summarize, you will write code that will trap posts from Paypal and then make sure to update your billing data accordingly.
Also, IPN messages might be slightly delayed.
Create a script (cron or what) that does check for such payments at paypal perodically (e.g. every hour).
Is this what you mean?
https://www.paypal.com/cgi-bin/webscr?cmd=p/mer/express_return_summary-outside
If not, you may need to be a little more specific with your question. Like - are you using paypal pro? How are your customers checking out? etc. And now that I read the answer below mine, I wonder if you are even talking about the payment process and not something else.
Can we assume that the payment is completed for a transaction when the customer is auto returned to our site?
Paypal advices us to use their IPN system for other types of payment, like an e-check, but also tells us to tell the customer something along the lines of "Thank you for your payment. Your transaction has been completed, and a receipt for your purchase has been emailed to you. You may log into your account at www.paypal.com/ca to view details of this transaction."
What are the downfalls of not using IPN, and just assuming the payment is completed when paypal auto-returns users to our site?
Thanks!
Relying solely on the return url is a pretty bad idea. It would be easy for a bad guy to skip payment and just visit your return url to complete the order.
There is a pretty comprehensive article about this here
No.
However, using the Auto Return option in your Paypal account in conjunction with Payment Data Transfer (Profile/My Selling Tools/Website preferences/Website Payment Preferences) will give you payment confirmation data in the URL you use for Auto Return, for example:
www.yourReturnURL.com?tx=9XV61416UY0043254&st=Completed&amt=9%2e00&cc=USD&cm= 9601&item_number=2
You need to verify this data (anyone could send a fake request) by sending the payment reference ("tx" parameter above) back to Paypal and waiting for a VERIFIED response.
This last step is identical as the one you take for the IPN (Instant Payment Notification) implementation.
With PDT you get the notification instantly. PDT has a a major weakness: it sends order confirmations once and only once. As a result, when PDT sends a confirmation, your site must be running; otherwise, it will never receive the message.
With IPN, in contrast, delivery of order confirmations is virtually guaranteed since IPN resends a confirmation until your site acknowledges receipt. For this reason, PayPal recommends that you implement IPN rather than PDT.
Note: If your site must be notified of payments immediately, you can implement both IPN and PDT.
More info here: https://developer.paypal.com/docs/classic/ipn/integration-guide/IPNPDTAnAlternativetoIPN/