PayPal APIs_ Up and Running_ A Developer's Guide - Michael Balderas [22]
Direct Payment Workflow
Figure 3-1 shows the checkout workflow a user experiences with Direct Payment:
The buyer clicks the Checkout button on your website, provides shipping and billing information, and clicks Continue.
The buyer reviews the order for accuracy and clicks Pay.
Information is handed off to PayPal via the DoDirectPayment API operation, and the buyer’s card is charged.
The customer receives the Order Complete summary page.
Figure 3-1. PayPal Direct Payment workflow
PayPal Direct Payment API Operations
The PayPal NVP API uses only one method related to Direct Payment: DoDirectPayment. This one method initializes the payment and returns the results all in one operation. Table 3-1 outlines the DoDirectPayment request fields, and Table 3-2 outlines the method’s response fields.
Table 3-1. DoDirectPayment request fields
Field Description
METHOD Must be DoDirectPayment (required).
PAYMENTACTION Indicates how you want to obtain payment:
Authorization: This payment is a basic authorization subject to settlement with PayPal Authorization and Capture.
Sale: This is the default value, indicating that it is a final sale.
Limitation: Up to 13 single-byte characters.
IPADDRESS The IP address of the buyer’s browser (required). PayPal records this IP address to detect possible fraud. Limitation: Up to 15 single-byte characters, including periods. Must be an IPv4 address.
RETURNFMFDETAILS Flag that indicates whether you want the results returned by the Fraud Management Filters:
0: Do not receive FMF details (default)
1: Receive FMF details
CREDITCARDTYPE The type of credit card being used. Allowed values are:
Visa
MasterCard
Discover
Amex
Maestro *
Solo *
* If using Maestro or Solo, the CURRENCYCODE must be GBP. Additionally, either STARTDATE or ISSUENUMBER must be specified.
Limitation: Up to 10 single-byte alphabetic characters. For the UK, only Maestro, Solo, MasterCard, Discover, and Visa are allowed. For Canada, only MasterCard and Visa are allowed.
ACCT The customer’s credit card number. Limitations: Numeric characters only, with no spaces or punctuation. Must conform with the modulo and length required by each card type.
EXPDATE The credit card expiration date, in the format MMYYYY. Limitations: Six single-byte alphanumeric characters, including the leading 0.
CVV2 The card verification value, version 2. This field may or may not be required, depending on your merchant account settings.
The character length for Visa, MasterCard, and Discover is three digits. The character length for American Express is four digits. To adhere to credit card processing regulations, you cannot store this value after a transaction is complete.
STARTDATE The month and year that a Maestro or Solo card was issued, in MMYYYY format. This value must be six digits, including the leading zero.
ISSUENUMBER The issue number of a Maestro or Solo card. Two numeric digit maximum.
EMAIL The email address of the buyer. Limited to 127 single-byte characters.
FIRSTNAME The buyer’s first name (required). Limited to 25 single-byte characters.
LASTNAME The buyer’s last name (required). Limited to 25 single-byte characters.
STREET The first street address (required). Limited to 100 single-byte characters.
STREET2 The second street address (required). Limited to 100 single-byte characters.
CITY The name of the city (required). Limited to 40 single-byte characters.
STATE The state or province (required). Limited to 40 single-byte characters.
COUNTRYCODE The country code (required). Limited to two single-byte characters.
ZIP The U.S. zip code or another country-specific postal code (required). Limited to 20 single-byte