PayPal recommended solution?

0
votes

I have to implement PayPal payments module(with both Direct Payment and express checkout) and I wonder what is the most up-to-date recommended solution to do this? I don't want to meet PCI compilance on my own so I've read Payflow gateway is the best solution. But I've also read that Paypal is retiring Payflow link in favor of Website Payments Standard and Pro (here How to create Payflow link sandbox account). I know that in future all APIs will be replaced with REST API but it doesn't help with PCI compilance atm(or maybe I didn't read something?). So is Payflow gateway worth implementing or it's a short term solution? Another question is about PCI compilance with Website payments Pro(Direct Payment), what does exactly take to meet PCI compilance with this solution(can't find anywhere any simple answer)? I know that I can't store any credit card holder data and SSL is a must-have but are there more requirments like passing some audits etc.?

Thanks in advance, Daniel

1
paypalpci-compliance

1 Answers

0
votes

As you know that REST API is the future, I would recommend you to make use of REST API as it supports Direct Card payments. If you use the PayPal REST APIs for accepting credit card payments, you handle card data directly and will need to ensure you are PCI compliant. Note: Don’t want to store credit cards on your servers? You can store credit card details with PayPal using the vault call. Learn more about how to store a credit card.

Alternatively, You can also use Payflow PRO. It does support PCI compliance with a feature called "Transparent Re-Direct"

If you use Website Payments Pro it means that you handle card data directly and will need to ensure you are PCI compliant. You can use one of our PCI compliant partners or register with Trustwave to help you become compliant. If you use Virtual Terminal, we strongly recommend you become compliant as part of your security best practice.