paypal technical showcase

Developing on the PayPal Platform25th June 2008

Confidential and Proprietary

Q104

Q204

Q304

Q404

Q105

Q205

Q305

Q405

Q106

Q206

Q306

Q406

Q107

Q207

Q307

Q407

Q108

149 Million

34%YoY

growth

• 149M PayPal accounts in 190 markets– Adding 8M+ accounts per quarter– Significant online payment mark

• US$14 B payment volume in Q1 2008 – 34% YoY growth!– 1 in 3 Internet Shoppers has a PayPal account– $3B in stored value that turns over every 2 weeks!– $1,834 transacted every second!– 12% of US ecommerce– 9% of global ecommerce

Why develop on PayPal?

Leading Global Brands Accept PayPal

http://rds.yahoo.com/_ylt=A0geu6IKhuRFxnAA9s5XNyoA;_ylu=X3oDMTByZjI2NjE4BGNvbG8DZQRzZWMDc2MEdnRpZANTUzAxXzEyOQ--/SIG=1j19u1868/EXP=1172690826/**http://images.search.yahoo.com/search/images/view?back=http://search.yahoo.com/search?p=American+Express+logo&toggle=1&cop=mss&ei=UTF-8&h=142&w=148&imgcurl=www.swindonweb.com/americanexpress/imgs/logo.jpg&imgurl=www.swindonweb.com/americanexpress/imgs/logo.jpg&size=5.5kB&name=logo.jpg&rcurl=http://www.swindonweb.com/americanexpress&rurl=http://www.swindonweb.com/americanexpress&p=american+express+logo&type=jpeg&no=1&tt=2,540&fr=yfp-t-501

http://www.harrods.com/Cultures/en-GB/Home/homepageindex.htm

http://welcome.hp.com/country/us/eng/welcome.html

Why developers are important to PayPal

Confidential and Proprietary 4

Key player in the decision process

Sole decisionmaker

44%45%

**Source: PayPal study 2006 of internal developers (one employer)

Level of Involvement in Selecting Payment Services**

Consulted but not involved in the final decision

11%

*Source: PayPal study 2006 of developers who were independent or work for a consulting firm

Level of Involvement in Selecting eCommerce Providers*

64%28%

7%

1%

Always involved

Sometimes involved

Often involved

Rarely/Never involved

Developers are Trusted Advisors

Confidential and ProprietaryConfidential and Proprietary 5

Website Payments Standard



How Merchants Benefit

► Complete – Accept credit cards, recurring payments and donations

► Great Value – Eliminate the need for a separate Internet Merchant Account

► Quick – Get up and running in a few minutes without dealing with the business credit approval process

► Simple – Avoid the liability of protecting shoppers' credit card data because this information is entered on secure PayPal pages

► Flexible – Enable merchants to take payments for products or services, donations, subscriptions requiring recurring payments, and gift certificates

How it Works

Technical skill level: Basic HTML

Customers shop on your site and click the payment button.

And return to your site after payment.

They pay on secure PayPal pages.

PayPal website



• Simple solution

• Basic HTML

• PayPalhosted checkout flow

• Process transaction up to $10,000 USD

<form action="https://www.paypal.com/cgibin/webscr" method="post">

<input type="hidden" name="cmd" value="_xclick">

<input type="hidden" name="business" value="[email protected]">

<input type="hidden" name="item_name" value=“Blue Shirt">

<input type="hidden" name="item_number" value=“1001">

<input type="hidden" name="amount" value="100.00">

<input type="hidden" name="no_shipping" value="2">

<input type="hidden" name="currency_code" value="USD">

<input type="hidden" name="bn" value="IC_Sample">

<input type="image" src="https://www.paypal.com/ en_US/i/btn/xclickbut23.gif" name="submit“>

<img alt="" src="https://www.paypal.com/en_US/i/scr/pixel.gif" width="1" height="1">

</form> Buy NowBuy Now

7


Flavors of Website Payments Standard

• Buy Now (singleitem)

• Donations

• Subscriptions

• PayPal Shopping Cart

Little known fact: Buyers without PayPal accounts can checkout with WPS by simply

entering credit card details.

Buy Now

Donate

Subscribe

Add to Cart

8


Returning to your Website after Payment

• Not Guaranteed, user can close the browser before we can redirect

• By default, PayPal uses HTTP GET to return buyer to merchant website

• To use HTTP POST, include the parameter rm=2• Variable included in POST are:

Variable Meaningtx Transaction ID

st Payment status

amt Payment amount

cc Currency code

9


Instant Payment Notification (IPN)

• Receive notifications in order to automate certain aspects of your business– New transactions– Updates to previous transactions– New complaints in Resolution Center

• Not Guaranteed

10


Instant Payment Notification (IPN)

• Servertoserver communication – PayPal passes a HTTP POST to a “Notify URL” you specify

• Enabled by turning on IPN in account profile

• URL is specified in account profile and/or on a pertransaction basis

<input type="hidden" name=“notify_url" value=“https://www.mystore.com/ipn_listener.php" />

• Retry mechanism to ensure delivery

11


Express Checkout


Express Checkout

How it Works

Customers check out in seconds. Merchant gets instant access to funds.

2 3

Technical skill level: API programming

PayPal website

How Merchants Benefit

*Source: MarketLive Performance Index, Q1 and PayPal internal data, March 2007** Source: PayPal study of small and mediumsized businesses, 2006

► Conversion – Increase conversion rates by up to 21% over typical shopping cart conversion rates*

► New Revenue – Increase sales by 14% by attracting new buyers and increasing checkout conversion rates**

► Control – Crosssell and upsell customers as part of the checkout process

► Ease – Streamline the checkout process with no setup or monthly fees and a low transaction fee

PayPal Express Checkout

Traditional online checkout

51%*conversion

Express Checkout vs Conventional Checkout Flow

InputID info

Inputpayment

data

Input card

security data

Inputdeliveryaddress

data

Confirmbasket

Processpayment

Inputbuyer

addressdata

Addshipping

costs

Login to PayPal

Review payment

Checkout

$

72%*conversion

Sources: *MarketLive study of online checkout conversion. †Based on survey of ~1m PayPal transactions among top 100 online merchants

PayPal Express Checkout has a cart conversion rate of 72%, compared to an industry average of 51%

Express Checkout Shortcut (ECS) or Mark (ECM)

• Express Checkout Shortcut (ECS)– Location : On the Shopping Cart, before address collection– Usage : Clickable Button, redirect to PayPal

• Express Checkout Mark (ECM)– Location : On Payment page with other payment options– Usage : Just a graphic, use with radio buttons or dropdown

menu

• Graphics should be referenced to PayPal– Express Checkout Buttons :

https://www.paypal.com/expresscheckoutbuttons– Acceptance Marks :

https://www.paypal.com/us/cgibin/webscr?cmd=xpt/cps/general/OnlineLogoCenteroutside

https://www.paypal.com/express-checkout-buttons

https://www.paypal.com/us/cgi-bin/webscr?cmd=xpt/cps/general/OnlineLogoCenter-outside





ECS Button Placement

• Place PayPal button on shopping cart details page

16


ECM Button Placement

• Place on billing screen together with other payment options (if available)

17


Express Checkout API Flow


Redirecting to PayPal

• https://www.paypal.com/cgi-bin/webscr?cmd-_express-checkout&token=EC%2d8FD00136CL3181831

19

Controlling the EC Pages• Header Image

• Cancel and Return URLs

• Eliminating Order Review

• Phone Number

• Shipping Address

• Colors

Controlling the EC Header Image

On the SetExpressCheckout API Call, add the parameter :

HDRIMG=https://www.yoursite.com/logo.jpg

* Put the logo in a HTTPS url to avoid a warning popup

Controlling the EC Cancel and Return URLs

On the SetExpressCheckout API Call, add the parameter :

RETURNURL=http://www.yoursite.com/checkout

CANCELURL=http://www.yoursite.com/cart

Eliminating the EC Order Review Page

• Review Page shows the Amount from the SetEC API call

• Button changes from “Continue” to “Pay Now”

• DoExpressCheckoutPayment API call must still be made

• Add the parameter useraction=commit to the Redirect URL

Controlling the EC Phone Number

Under the Profile tab, go to Website Payment Preferences, change the Contact Telephone Number setting

Controlling the EC Shipping Address

On the SetEC API call, set the parameter :

ADDROVERRIDE=1

On the SetEC API call, set the parameter :

NOSHIPPING=1


Immediate vs Delayed Settlement• By default a transaction is Immediate

– Funds captured instantly– PAYMENTACTION=Sale

• However, you can also create an Authorization– Funds put on hold until a later settlement occurs– Specify in the SetEC, DoEC and DoDP calls– PAYMENTACTION={Authorization|Order}

• DoCapture API will settle an Authorization– Honor period for 3 days, available for 29 days– Up to 115% of authorized amount– Multiple partial captures supported

• COMPLETETYPE=NotComplete• New Transaction ID for each capture• Fee charged on each capture

• DoVoid API will cancel an authorization

26

Recurring Payments

• Create recurring payment profiles to periodically charge a customer a fixed amount

• Improvements over Subscriptions:– APIbased– Suspend profiles– Modify profiles

• Optional: trial period, initial payment, total number of billing cycles


Recurring Payments – Express Checkout

• 3 API calls• Similar flow to Express Checkout, but different final API

call– SetExpressCheckout– GetExpressCheckoutDetails– CreateRecurringPaymentsProfile

• Supports ‘regular’ purchases in the same checkout flow– Call DoExpressCheckoutPayment before calling

CreateRecurringPaymentsProfile

• Up to 10 profiles can be created per checkout


Express Checkout Recurring Payments API Flow



PayPal API


• API works in a Request / Response format

PayPal API

31


API Authentication

• Identify yourself to PayPal

• API Credentials must be included in every API call

• API Credentials consist of:– API Username– API Password– API Signature or API Certificate

• API Credentials are obtained through your PayPal profile

32


API Signatures vs. API Certificates

• API Signature– Stringbased authentication– Generally easier to implement

• API Certificate– Filebased authentication– SSL certificate stored on client server– Used to be the only option– Could argue that this is more secure

33


API Authentication• Two models:

– First Party– Third Party

• Most calls are First Party – user making the call is calling the API for themselves

• Third Party: API user is making API call on behalf of another entity– For third party API calls, a SUBJECT parameter must be included

with every call.– SUBJECT is the email address of the merchant on behalf of whom

the API call is being made– SUBJECT is an optional parameter for every API request– Most common scenario is hosted shopping carts– SUBJECT must grant permission for API user to make calls on their

behalf

34


PayPal API• Two ways to connect

– SOAP interface• Used to be the only option• SDKs available for Java, ASP.NET, PHP• PayPal WSDL:

– https://www.paypal.com/wsdl/PayPalSvc.wsdl

– NameValue Pair (NVP) interface• Calls submitted via simple HTTP POST• Variable names differ slightly• URLEncode all requests

• Sample Codes are available for both interfaces.

35

https://www.paypal.com/wsdl/PayPalSvc.wsdl


PayPal API• Response will include ACK

– Success (it worked!)– SuccessWithWarning (it’s working but there is probably something

wrong)– Failure (Either you did something wrong or there is a problem on

PayPal’s side)

• If an error occurs, you will receive:– Error Code (e.g.10002)– Long Message– Short Message

• Retry declines

• Log all errors received including the error code, long and short message

36

Timeouts

• Many APIs respond in less then 1 second

• 95% of all API responses happens in under 5 seconds

• APIs that move money take the longest

• Retry timing should depend on the API call– Informational (GetEC, TransactionDetails, etc) should be

retried quickly (10 to 15 seconds)– Transactional (DoAuth, DoCapture, etc) should wait as long

as possible.• 20 to 30 seconds if customer is waiting• 60 to 120 seconds otherwise


API Versioning

• New versioning scheme announced in February 2008

• We now synchronize the API version value with the internal PayPal release number

• Currently, Version = 52.0

• Must use Version=52.0 to get functionality introduced with 52.0 release

• Updates will be posted to Developer Blog

38


Sandbox Testing Environment


Sandbox Test Environment

• Simulation of live PayPal environment

• All money is fake

• Endpoints are different– https://www.sandbox.pa

ypal.com

https://developer.paypal.com

40

https://developer.paypal.com/

https://developer.paypal.com/


Sandbox – Emails

• All Sandbox emails are delivered to the Email tab

• No Sandbox emails are ever sent to a real email address

41


Negative Testing

• Put Sandbox account in ‘Test Mode’

• Trigger specific API error codes, CVV/AVS responses

42


IPN Simulator

• Utility to send IPNs to a specific IPN listener

43


IPN Simulator

44


IPN Simulator

45

Resources to get Started!


►Developer Central www.paypal.com/developer

►Integration Center www.paypal.com/integration

►Developer Community www.paypaldeveloper.com

46


The End

paypal technical showcase

Business