- Using the three token method for Website Payments Pro
- Setting up with PayPal Website Payments Pro with the API Certificate method
- Notes for UK merchants
- PayPal Hosted Solution / Pasarela Integral
- Using the PayPal Sandbox (demo mode)
- AVS and CVV checking and codes
Setting up an account with PayPal
Ecommerce Templates offers two methods for hooking up with PayPal Payments Pro. The three token method is the simpler and recommended option of the two. If you do run into any issues with the integration, please check out our PayPal troubleshooting section. UK merchants can also now use PayPal Payments Pro from Version 5.9.2.
US merchants implementing Paypal Payments Pro can enroll in the Verified by Visa program.
Version 5.1 saw the introduction of the three token authentication system for setting up PayPal Payments Pro. This method is much more "shared hosting friendly" than the API certificate method described below.
- Log in to your PayPal account and click on Profile.
- In the left hand "Account Information" column click "API Access".
- Click on "Request API Credentials", check "API Signature", agree to the terms and press Submit.
- Enter the API Username, API Password and Signature into the payment providers admin page for PayPal Direct / PayPal Pro.
- Please note that the PayPal Sandbox is currently not working using the 3 token method.
- In includes.asp you will need to set the path to your ssl certificate.
- That should be all you have to do.
You will require a minimum of version 4.9.3 for the ASP version. You can check the version you are running by logging into your store control panel and the number will appear at the top of the first page. If you are running an earlier version then the latest updater will always be available here for download.
Your host will also need to have the XML v4.0 Object installed so you should check with them first.
These are the configuration steps you will need to take:
- Log in to your PayPal account
- Go to Profile -> API Access -> API Certificate Request
- You will need to fill in the application for the certificate request. It may take some time for you to be granted this certificate.
- As part of the signup process, an “account name” will be suggested for the certificate. This will be of the form “user_api1.yoursite.com”. You will also be required to create a password for the certificate. You are strongly recommended for security reasons to NOT use your PayPal login password. Create a new password.
Installing the certificate
We now need to convert the format of our certificate to “p12” format
so we can import it later and you can do this on the PayPal site
here . . .
- Once you have your certificate in p12 format your host will have to install it on the webserver on which your site is located. To do this, they have to follow these steps.
- Run the MMC console by going to the Start Menu -> Run and then enter mmc
- Go to File -> Add / Remove Snap In and click Add…
- Click “Certificates” and click Add
- Click “Computer Account” and click Next
- Click “Local Computer” and click Finish
- Click “Close” for the “Add Standalone Snap-in” dialog and “OK” for the “Add/Remove Snap-in” dialog.
- Now in the MMC console you should have the Certificates snap-in installed. Now navigate to Certificates -> Personal -> Certificates, right click and choose “Import…”.
- Click “Next” when the import wizard opens and then navigate to your p12 format certificate and then click Next.
- Enter the password you chose when you created the certificate and leave the other checkboxes on that page unchecked.
- Choose “Automatically
select the certificate store based on the type of certificate”
11. Review your choices and click “Finish”.
- You should see your certificate now under Certificates -> Personal -> Certificates, but if you don’t just choose “Refresh”.
Ecommerce Template admin
- PayPal Payments Pro - Direct Payment is a system where the credit card number is taken on your site. Because of this you must have your own SSL setup and set the pathtossl parameter in includes.asp so that the credit card details are entered over a secure connection.
- Now log in to your ecommerce plus template admin section, click
on the payment providers admin page and enter the following information
for PayPal Direct.
API Account Name: (Such as user_api1.yoursite.com)
API Password: The password you created above.
Transaction Type: Authorize only or Authorize / Capture.
PayPal Direct Payments will now natively support UK stores which take bank cards like Switch/Maestro/Solo which have an issue number / start date. You will need to be running a minimum version of 5.9.2 of Ecommerce Templates. If you are a UK merchant and would like to enroll in the verified by visa, please use this registration form.
PayPal Hosted, also known as Pasarela Integral was introduced in version 6.1.3. It allows buyers to choose between paying via their PayPal account or via credit card on the PayPal secure server. To use this service, you will need to follow the following steps
- You will need to enable PayPal Pro and PayPal Standard through the store control panel
- Add the following line to vsadmin/includes.asp
- In your PayPal control panel go to Profile > Website payment settings > PayPal Pro Hosted or Pasarela Integral > Settings and choose the infomration you want to collect as well as setting your company's confirmation page to something like http://www.yourstoreurl.com/thanks.asp
- Now go to Profile > Instant Payment Notification preferences and set the Notification URL to something like http://www.yourstoreurl.com/vsadmin/ppconfirm.asp and Message Delivery to "Enabled"
- That's about all these is to it but you can read more about it from PayPal here. Please note the iframe feature is not available due to incompatibility issues in IE9.
You can put PayPal into Demo Mode on the ecommerce plus template
payment provider admin section, but this will involve using the
PayPal “Sandbox” as here . . . https://www.sandbox.paypal.com/
This would mean creating a separate sandbox email login, password and certificate request. (Sandbox certificates are assigned immediately).
When testing your PayPal account using the PayPal sandbox you may find the usual test credit card number (4111111111111111) doesn’t work correctly. If you follow the instructions below this should help you generate a test credit card number that is compatible with the PayPal sandbox.
- Login into your Sandbox Account
- Click on Add Credit Card under Profile section
- Then use the CC information to make a payment as a non-PayPal account. Just Don't click on 'Add Card' button. Copy the number down, once you leave the page, the number is gone.
- If you receive this error on thanks.asp:
" I'm sorry, there was a problem with your transaction.
Transaction Result: Direct Payment has been disabled on this account. Transaction has not been processed."
"I'm sorry, there was a problem with your transaction.
Transaction Result: (10501) This transaction cannot be processed due to an invalid merchant configuration."
...then make sure you have agreed to the PayPal Billing Agreement at https://www.paypal.com/us/cgi-bin/webscr?cmd=_wp-pro-overview
- Because of the requirement for the PayPal API certificate,
PayPal Pro requires the latest version of Microsoft XML version
4.0. With the service pack 2 release security has been tightened so if you receive the error . . .
msxml4.dll error '80070005
Access is denied.
. . . then you need to point your host to this Microsoft Technote
. . . which has a resolution for this problem.
- If you receive
msxml4.dll error '80072f8f'
A security error occurred
...you will need to make sure you have read permissions for the Network Service user on the actual certificate file which you will find at . . .
c:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys
You can also set permissions here by running the WinHTTPCertCfg tool in the Windows 2k3 Resource Kit.
Advanced Note: By default on Windows 2003 servers it is the Network Service account that needs to be given read access to the certificate. However, you can check the actual account required by going to the IIS Snap-In -> Application Pools -> Identity and check which account is specified.
- If you receive this error:
A certificate is required to complete client authentication
... it will appear if the certificate has not been installed, or if the value you enter for "API Account Name" (such as sandbox_api1.yoursite.com for instance) does not match the name of the certificate.
- If you need your customer to provide a phone number then in
your PayPal Profile go to Website Payment Preferences -> Contact
...and set it to "On (Required Field)"
Do check these codes and make a decision accordingly of whether to ship the order
- AVS codes
A Address Address only (no ZIP)
B International “A” Address only (no ZIP)
C International “N” None
D International “X” Address and Postal Code
E Not allowed for MOTO (Internet/Phone)
F UK-specific “X” Address and Postal Code
G Global Unavailable Not applicable
I International Unavailable Not applicable
N No None
P Postal (International “Z”) Postal Code only (no Address)
R Retry Not applicable
S Service not Supported Not applicable
U Unavailable Not applicable
W Whole ZIP Nine-digit ZIP code (no Address)
X Exact match Address and nine-digit ZIP code
Y Yes Address and five-digit ZIP
Z ZIP Five-digit ZIP code (no Address)
Error Not applicable
- CVV codes
M Match CVV2
N No match None
P Not Processed Not applicable
S Service not Supported Not applicable
U Unavailable Not applicable
X No response Not applicable
Error Not applicable
Please do read our guide here on credit card fraud.