3
votes

We are looking to replace our usage of Authorize.net. I've spent a good deal of time looking into the PayPal documentation but can't find a clear answer to my question:

Using the thousands tens of different PayPal APIs is it possible to have a checkout process that is hosted on our site, where we capture and process the credit card information from the customer without the customer ever leaving our site and without the customer ever having to see anything PayPal related (so PayPal is 100% invisible).

I'm confused by this PayPal documentation page: "Please note: Direct Payment API is not a stand-alone product. You are required to use Direct Payment API and Express Checkout together as part of the Website Payments Pro solution." as Express Checkout requires you to show PayPal logos, etc.

And this page makes it pretty clear that you have to offer the branded Express checkout option to use the Direct Payments API.

I guess I'm just looking for confirmation that there are people on SO that use PayPal in this way and have not had problems keeping PayPal 100% invisible to the customer?

6

6 Answers

5
votes

Yes you can.. We use PayPal on our website,PerqWorks and only allow payment by credit card. The PayPal product is Website Payments Pro. I did the integration, it was fairly easy, and the cost is low if your sales are under $10K a month..

EDIT:: I need to clarify this -- we received an exception from PayPal to allow us to not have the PayPal button on our site. I missed this information because someone else in my office actually made this arrangement. My advice is that you ask your PayPal Integration Account person, that is who made the exception for us..

3
votes

The only way I know of to fully integrate and take the PayPal branding out of the process is to use their Payflow Pro gateway service. I've used it before and it's pretty similar to dealing with any other payment gateway (such as Authorize.net).

However, this is entirely up to you but I've found that there are still some people who prefer to use their PayPal account. They might be afraid of the potential lack of security on small-ish or unknown e-commerce sites. Or perhaps they're ordering from another country, in which case a PayPal account offers abundant funding options and automatic currency conversion. So it's nice to at least offer the option of a PayPal Standard Checkout process, or something similar.

1
votes

I can't give you a definite no, but I'm fairly certain PayPal wouldn't allow it. They depend on revenue that comes from using a buyer's PayPal balance or bank account to pay for something and charging the merchant a percentage. The merchant's percentage doesn't do much more than cover the credit card issuer's charge.

Short of entering the users PayPal credentials on your site, it wouldn't be possible for them to use a funding source other than credit cards. The issue with that is that it would create a huge vulnerability to phishing attacks to have users become accustomed to entering their PayPal login information on a non-PayPal site.

You're basically talking about a standard credit card merchant account at that point.

0
votes

You can definitely use Paypal as a stand alone credit card processing. The paypal account has to be set up for paypal pro.

You can download the API DLLs from the paypal dev site.

paypal_base.dll
log4net.dll

Here is an example function on how to use it for VB.NET but you can convert to C# relatively easily:

Imports com.paypal.sdk.services
Imports com.paypal.soap.api
Imports com.paypal.sdk.profiles

  Private Function processCC() As Boolean


    Dim caller As New CallerServices
    Dim profile As IAPIProfile = ProfileFactory.createSignatureAPIProfile

    profile.APIUsername = AppSettings("APIUsername")
    profile.APIPassword = AppSettings("APIPassword")
    profile.APISignature = AppSettings("APISignature")
    profile.Environment = AppSettings("Environment")

    caller.APIProfile = profile

    Dim pp_Request As New DoDirectPaymentRequestType
    pp_Request.Version = "51.0"

    pp_Request.DoDirectPaymentRequestDetails = New DoDirectPaymentRequestDetailsType

    pp_Request.DoDirectPaymentRequestDetails.IPAddress = Request.ServerVariables("REMOTE_ADDR") 
    pp_Request.DoDirectPaymentRequestDetails.MerchantSessionId = Session.SessionID
    pp_Request.DoDirectPaymentRequestDetails.PaymentAction = PaymentActionCodeType.Sale

    pp_Request.DoDirectPaymentRequestDetails.CreditCard = New CreditCardDetailsType

    pp_Request.DoDirectPaymentRequestDetails.CreditCard.CreditCardNumber = Request("ccNumber")

    Select Case Request("ccType")
        Case "visa"
            pp_Request.DoDirectPaymentRequestDetails.CreditCard.CreditCardType = CreditCardTypeType.Visa
        Case "mastercard"
            pp_Request.DoDirectPaymentRequestDetails.CreditCard.CreditCardType = CreditCardTypeType.MasterCard
        Case "amex"
            pp_Request.DoDirectPaymentRequestDetails.CreditCard.CreditCardType = CreditCardTypeType.Amex
        Case "discover"
            pp_Request.DoDirectPaymentRequestDetails.CreditCard.CreditCardType = CreditCardTypeType.Discover
    End Select



    pp_Request.DoDirectPaymentRequestDetails.CreditCard.CVV2 = Request("CVV2")
    pp_Request.DoDirectPaymentRequestDetails.CreditCard.ExpMonth = Request("expMonth")
    pp_Request.DoDirectPaymentRequestDetails.CreditCard.ExpMonthSpecified = True
    pp_Request.DoDirectPaymentRequestDetails.CreditCard.ExpYear = Request("expYear")
    pp_Request.DoDirectPaymentRequestDetails.CreditCard.ExpYearSpecified = True



    pp_Request.DoDirectPaymentRequestDetails.CreditCard.CardOwner = New PayerInfoType
    pp_Request.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Payer = Request("email")
    pp_Request.DoDirectPaymentRequestDetails.CreditCard.CardOwner.PayerID = ""
    pp_Request.DoDirectPaymentRequestDetails.CreditCard.CardOwner.PayerStatus = PayPalUserStatusCodeType.unverified
    pp_Request.DoDirectPaymentRequestDetails.CreditCard.CardOwner.PayerCountry = CountryCodeType.US

    pp_Request.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address = New AddressType()
    pp_Request.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address.Street1 = Request("address1")
    pp_Request.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address.Street2 = Request("address2")
    pp_Request.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address.CityName = Request("city")
    pp_Request.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address.StateOrProvince = Request("state")
    pp_Request.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address.PostalCode = Request("zipcode")
    pp_Request.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address.CountryName = "USA"
    pp_Request.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address.Country = CountryCodeType.US
    pp_Request.DoDirectPaymentRequestDetails.CreditCard.CardOwner.Address.CountrySpecified = True

    pp_Request.DoDirectPaymentRequestDetails.CreditCard.CardOwner.PayerName = New PersonNameType()
    pp_Request.DoDirectPaymentRequestDetails.CreditCard.CardOwner.PayerName.FirstName = Request("firstname")
    pp_Request.DoDirectPaymentRequestDetails.CreditCard.CardOwner.PayerName.LastName = Request("lastname")
    pp_Request.DoDirectPaymentRequestDetails.PaymentDetails = New PaymentDetailsType()
    pp_Request.DoDirectPaymentRequestDetails.PaymentDetails.OrderTotal = New BasicAmountType()


    pp_Request.DoDirectPaymentRequestDetails.PaymentDetails.OrderTotal.currencyID = CurrencyCodeType.USD

    Dim myOrder As Order = CType(Session("currentOrder"), Order)
    pp_Request.DoDirectPaymentRequestDetails.PaymentDetails.OrderTotal.Value = FormatNumber(myOrder.grandTotal, 2)

    'pp_Request.DoDirectPaymentRequestDetails.PaymentDetails.ShippingTotal = New BasicAmountType()
    'pp_Request.DoDirectPaymentRequestDetails.PaymentDetails.ShippingTotal.currencyID = CurrencyCodeType.USD
    'pp_Request.DoDirectPaymentRequestDetails.PaymentDetails.ShippingTotal.Value = FormatNumber(myOrder.orderShippingTotal, 2)

    pp_Request.DoDirectPaymentRequestDetails.PaymentDetails.ItemTotal = New BasicAmountType()
    pp_Request.DoDirectPaymentRequestDetails.PaymentDetails.ItemTotal.currencyID = CurrencyCodeType.USD
    pp_Request.DoDirectPaymentRequestDetails.PaymentDetails.ItemTotal.Value = FormatNumber(myOrder.orderSubTotal, 2)


    '// Execute the API operation and obtain the response.
    Dim pp_response As New DoDirectPaymentResponseType()
    pp_response = CType(caller.Call("DoDirectPayment", pp_Request), DoDirectPaymentResponseType)

    Session("myResponse") = pp_response

    Dim rtn As Boolean = False

    Select Case pp_response.Ack
        Case AckCodeType.Failure
            rtn = False
        Case AckCodeType.FailureWithWarning
            rtn = False
        Case AckCodeType.Success
            Return True
        Case AckCodeType.SuccessWithWarning
            rtn = True
        Case AckCodeType.Warning
            rtn = False

    End Select

    Return rtn

End Function
0
votes

At one time I used Paypal Pro for this very purpose. In looking at your link, it does seem they require you to use both paypal checkout and regular checkout.
However, you can still achieve your purpose. What happens is that they can checkout and not know anything about it going through paypal OR they can click the paypal button and leave your web site. After payment, you can set up the 'thank you' return page back to your site. Other than that, you'd have to get them to approve an exception.

-2
votes

I can't tell you about the API of Paypal, but I have something burning inside me, reading your topic.

For me as a user it is highly ugly to just see a form of a random site that claims for my payment data. Having a hint on where my data is actually going is by far more better, but really positive it is only, if the site sends me to paypal, where I can let my payment data, inform me about paypal, verify that I'm sending my data to paypal, etc.

It a sort of security you take from your customers if you do it all behind the scenes - even if you write to them, that their payment data is only handled by paypal, there's no transparent way for them to check that.

I'd take the chance to make a poll under your customers for that, what they would prefer, before implementing something obscure.