PayPal Order Management - 2006 Integration Guide

Order Management Integration Guide

For Professional Use Only Currently only available in English.
A usage Professional Uniquement Disponible en Anglais uniquement pour l'instant.
Last Updated: October 2006
PayPal Order Management Integration Guide
Document Number: 100009.en_US-200608
© 2006 PayPal Inc. All rights reserved. PayPal and the PayPal logo are registered trademarks of PayPal Inc. Other trademarks and brands are the property of their respective owners. The information in this document belongs to PayPal Inc. It may not be used, reproduced or disclosed without the written approval of PayPal Inc. PayPal (Europe) Ltd. is authorised and regulated by the Financial Services Authority in the United Kingdom as an electronic money in stitution. PayPal FSA Register Number: 226056. Notice of non-liability: PayPal Inc. is providing the information in this document to you ìAS-ISî with all faults. PayPal Inc. makes no warranties of any kind (whether express, implied or statutory) with respect to the information contained herein . P a yPal Inc. assumes no liability for damages (whether direct or indirect), caused by errors or omissions, or resulting from the use of this document or the information contained in this document or resulting from the application or use of the product or service described herein. PayPal Inc. reserves the right to make changes to any information herein without further notice. PayPal Inc. does not guarantee that the features described in this document will be announced or made available to anyone in the future.

Contents

Chapter P Preface . . . . . . . . . . . . . . . . . . . . . . . . . . .11
This Document. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Intended Audience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Organization of This Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Notational Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Documentation Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Revision History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Chapter 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . .15
Email . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Reporting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Differences between Instant Payment Notification (IPN) and Payment Data Transfer (PDT) 16
SSL Not Required for IPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
PayPal-Supported Transactional Currencies . . . . . . . . . . . . . . . . . . . . . . . . 17
Chapter 2 Payment Data Transfer . . . . . . . . . . . . . . . . . . . 19
How PDT Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Enabling Payment Data Transfer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Getting and Using the Identity Token . . . . . . . . . . . . . . . . . . . . . . . . . . 24
PDT Notification Synch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
Constructing the POST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
PayPal Response to POST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
PDT and Auto Return: Messaging to Buyer . . . . . . . . . . . . . . . . . . . . . . . 26
Preventing Fraud. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Code Samples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Chapter 3 Instant Payment Notification (IPN) . . . . . . . . . . . . .29
About IPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Setting Up IPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Activating IPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Setting Up an IPN-Processing Program . . . . . . . . . . . . . . . . . . . . . . . . . 31
Order Management Integration Guide October 2006 3
Contents
IPN Notification Validation: Preventing Fraud . . . . . . . . . . . . . . . . . . . . . . . . 31
Shared Secret Per Transaction or by Profile Setting . . . . . . . . . . . . . . . . . . 32
Shared Secret Validation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
Your HTTPS Postback to PayPal . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Using IPN with Multiple Currencies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
mc_gross and mc_fee . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
mc_currency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
payment_gross and payment_fee . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Examples of Multi-currency IPN Variables. . . . . . . . . . . . . . . . . . . . . . . . 35
Chapter 4 Transaction History and Reporting Tools . . . . . . . . . . 39
Monthly Account Statements. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Online History Searching. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Basic Search: Time Periods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Advanced Search: Key Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Download My History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Choosing a Date Range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42
Selecting a File Format and Transaction Categories . . . . . . . . . . . . . . . . . . 42
Completed Transactions Since Last Download . . . . . . . . . . . . . . . . . . . . . 43
Customizing the Download: Selecting Transaction Fields. . . . . . . . . . . . . . . . 43
Transaction Reconciliation with the Balance Impact Column . . . . . . . . . . . . . . 45
Lifecycle of a Transaction: Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
Net Amount Column . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
Dispute Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
Programmatic Access to Dispute Report . . . . . . . . . . . . . . . . . . . . . . . . 47
Appendix A IPN and PDT Variables . . . . . . . . . . . . . . . . . . . . 51
About These Tables of Variables. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Transaction-Specifc Variable Values. . . . . . . . . . . . . . . . . . . . . . . . . . . 51
test_ipn Variable in Sandbox. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
IPN Variables in All Posts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
IPN Version: notify_version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Security Information: verify_sign. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Buyer Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
Basic Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Advanced and Custom Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
Website Payments Standard and Refund Information . . . . . . . . . . . . . . . . . . . . 55
Currency and Currency Exchange . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
4 October 2006 Order Management Integration Guide
Contents
Auctions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Mass Payment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Subscriptions Variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Dispute Notification Variables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
PDT-Specific Variables. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Appendix B Downloadable History Log
Columns and Values71
Appendix C Country Codes . . . . . . . . . . . . . . . . . . . . . . . 79
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85
Order Management Integration Guide October 2006 5
Contents
6 October 2006 Order Management Integration Guide

List of Tables

Table P.1 Revision History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Table 1.1 PayPal-Supported Currencies and Currency Codes for Transactions . . . 17
Table 4.1 Online Search: Selectable Activity Types . . . . . . . . . . . . . . . . . 41
Table 4.2 Advanced Transaction Search: Key Fields . . . . . . . . . . . . . . . . . 41
Table A.1 IPN and PDT Variables: Buyer Information. . . . . . . . . . . . . . . . . 52
Table A.2 IPN and PDT Variables: Basic Information . . . . . . . . . . . . . . . . . 53
Table A.3 IPN and PDT V ariables: Advanced and Custom Information. . . . . . . . 54
Table A.4 IPN and PDT Variables: Website Payments Standard and Refund Information
55 Table A.5 IPN and PDT Variables: Currency and Currency Exchange Information . . 60
Table A.6 IPN and PDT Variables: Auctions. . . . . . . . . . . . . . . . . . . . . . 61
Table A.7 IPN and PDT Variables: Mass Payment . . . . . . . . . . . . . . . . . . 62
Table A.8 Subscriptions Variables. . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Table A.9 IPN Variables with Each Subscription Event . . . . . . . . . . . . . . . . 65
Table A.10 Dispute Notification Variables. . . . . . . . . . . . . . . . . . . . . . . . 68
Table A.1 1 PDT-Specific Variables . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Table B.1 Downloadable History Log Columns and Values . . . . . . . . . . . . . . 71
Table 1: Country Codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
Order Management Integration Guide October 2006 7
List of Tables
8 October 2006 Order Management Integration Guide

List of Figures

Figure 3.1 How IPN Works: Three General Steps . . . . . . . . . . . . 30
Figure 4.1 The History Page . . . . . . . . . . . . . . . . . . . . . . 39
Figure 4.2 Download My History . . . . . . . . . . . . . . . . . . . . 42
Figure 4.3 Customize My History Download . . . . . . . . . . . . . . . 44
Figure 4.4 Gross, Fee and Net Amount Calculations from History Log . . . 46
Figure 4.5 Dispute Report . . . . . . . . . . . . . . . . . . . . . . . 47
Order Management Integration Guide October 2006 9
List of Figures
10 October 2006 Order Management Integration Guide

Preface

P

This Document

This release of the PayPal Order Management Integration Guide, a document that describes the PayPal features for managing orders, such as Payment Data Transfer (PDT), Instant Payment Notification (IPN), and Downloadbale History Log, replaces the version released in December, 2005.
This document replaces portions of the Merchant User Manual and Integration Guide issued in April, 2005.

Intended Audience

This document is written for merchants who use PayPal to manage order information.

Organization of This Document

Chapter 1, “Introduction,” gives a brief overview of the PayPal features for order management
discussed in this guide.
Chapter 2, “Payment Data Transfer,” describes how PDT works and how to set it up. Chapter 3, “Instant Payment Notification (IPN),” describes how IPN works and how to set it
up.
Chapter 4, “Transaction History and Reporting Tools,” describes monthly account statements,
online transaction search, the Downloadable History Log, and dispute reports.
Appendix A, “IPN and PDT Variables,” is a detailed description of all variables and values
returned by IPN or PDT.
Appendix B, “Downloadable History Log Columns and Values,” describes the columns and
values that can be included in the Downloadable History Log.
Order Management Integration Guide October 2006 11
Preface

Notational Conventions

Notational Conventions
This document uses typefaces to identify the characteristics of text. These typefaces and the characteristics they imply are described below:
Typeface How Used
serif italics A document title.
A term being discussed or defined. For example: A file is a readable or writable stream of characters …
Boolean values (not keywords). For example: The function returns true if it encounters an error.
monospaced Pathnames or file names that appear in body text frames.
Code-related names that appear in body text frames. Such names are used for functions, callbacks, arguments, data structures, and fields.
For example: AbstractResponseType is the SOAP response type definition on which all PayPal API response methods are based.
Components of Internet protocol requests and responses, such as HTTPS and FORM variables.
For example: The PayPal system uses a method=POST request to return IPN status variables related to subscriptions, such as txn_type.
Serif bold User interface names, such as window names or menu selections.
For example: On the Profile page, click Email to confirm your email address.
San-serif oblique
Placeholders used in the context of a format or programming standard or formal descriptions of PayPal system syntax. Placeholders indicate values or names that the reader should provide.
Example: For example, amount is the variable for a single-item shopping cart, but
amount_
is the item amount for the third item in a multiple-item shopping cart.
X is the name of the variable for a multi-item shopping cart. amount_3
To convey additional information, this document may also apply color and underlining to words or phrases that use the typefaces described above. Such use is described below:
Text attribute How Used
xxxxxx Hypertext link to a page in the current document or to another document in the set.
xxxxxx
Hypertext link to a URL or that initiates a web action, such as sending mail.
12 October 2006 Order Management Integration Guide

Documentation Problems

If you discover any errors in or have any problems with this documentation, please email us by following the instructions below. Describe the error or problem as completely as possible and give us the document title, the date of the document (located at the foot of every page), and the page number or page range.
To contact Customer Service about documentation problems:
Preface
Documentation Problems
1. Go to
https://www.paypal.com/.
2. Click Help in the upper left corner of the page.
3. Click Contact Us in the lower left of the page.
4. Choose Help by Email.
5. Complete the form.

Revision History

Revision history for PayPal Order Management Integration Guide.
TABLE P.1 Revision History
Date Description
October 2006 Details about the Downloadable Dispute Report. Minor additions and
July 2006 Minor correction to values of payment_status IPN variable. May 2006 Description of the programmatically retrievable Disput Report. Additional IPN
corrections to some variables in Appendix A.
variable values for txn_type: merch-pmt for the Website Payments Pro monthly fee and adjustment for a resolved dispute requiring a chargeback.
October 2006 Adaptation to specifics for Germany.
Order Management Integration Guide October 2006 13
Preface
Revision History
14 October 2006 Order Management Integration Guide
1

Email

Introduction

PayPal offers four payment notification methods for backend integration:
z Email z Reporting Tools z Instant Payment Notification (IPN) z Payment Data Transfer (PDT)
You will receive an email notification in the following cases:
z Successful Payment z Pending Payment z Cancelled Payment
If you do not want to receive payment notifications via email:
1. Click the Profile subtab of the My Account tab.
2. Click the Notifications link in the Account Information column.
3. Find the Payment Notifications heading and clear the I receive PayPal Website
4. Click Save.

Reporting

PayPal’s Reporting Tools provide you with the information you need to effectively measure and manage your business. With PayPal’s Reporting Tools, you can:
z Analyze your revenue sources to better understand your customers’ buying behavior z Automate time-consuming bookkeeping tasks z Accurately settle and reconcile transactions
Available reports:
Payments and Instant Purchase checkbox.
z Monthly Account Statements: View a summary of all credits and debits that have affected
your account balance each month.
Order Management Integration Guide October 2006 15
Introduction

Differences between Instant Payment Notification (IPN) and Payment Data Transfer (PDT)

z Merchant Sales Reports:
Settlement Report (STL): Contains only the records of all balance-effecting daily
transactions. Can be coordinated with Settlement System or created independently of the moving of money.
Transactions Detail Report (TDR): Status of all transactions (including non-complete
transactions such as eCheck) in the account in a 24 hour period. A super set of data contained in Settlement Report including buyer and auction data.
Order Report (ODR): List all orders created in a 24-hr period wit h the order ID. Only
appropriate for those merchants using the order functionality on their website.
Dispute Resolution Report (DRR): List all cases that changed in status or were created
in a 24-hr period. Allows a merchant to reconcile cases against money moving transactions.
z History Log: View an online record of your received and sent payments. z Downloadable Logs: Keep track of your transaction history by downloading it into
various file formats (suitable for financial settlements).
For more information about PayPal's reports, see
bin/webscr?cmd=p/xcl/rec/reports-intro-outside.
http://www.paypal.com/cgi-
Differences between Instant Payment Notification (IPN) and
Payment Data Transfer (PDT)
PDT's primary function is to display payment transaction details to buyers when they are automatically redirected back to your site upon payment completion; however, there are cases where you will not receive notification of all transactions, such as with pending transactions, refunds, and reversals. For these reasons, or if you are using this data to fulfill orders, PayPal strongly recommends that you also enable Instant Payment Notification (IPN).
Both IPN and PDT send back the same data; however, there are several important differences. PDT:
z Requires Auto Return to be enabled. z Auto Return will include an ID that can be used to query PayPal for the complete
transaction details.
z It is possible to miss a notification if the user closes the browser before the redirection is
complete.
IPN:
z Does not require Auto Return to be enabled. z At the end of the website payment flow, PayPal POSTs the IPN data asynchronously (i.e.
not as part of the website payment flow).
z IPNs will also POST for EFT completions, reversals, and refunds.
16 October 2006 Order Management Integration Guide

PayPal-Supported Transactional Currencies

SSL Not Required for IPN

Because credit card and bank information is not transmitted in Instant Payment Notification (IPN), PayPal does not require Secure Sockets Layer (SSL) to encrypt IPN transmissions.
PayPal-Supported Transactional Currencies
The following currencies are supported by PayPal for use in transactions.
TABLE 1.1 PayPal-Supported Currencies and Currency Codes for Transactions
ISO-4217 Code Currency
AUD Australian Dollar CAD Canadian Dollar
Introduction
CHF Swiss Franc CZK Czech Koruna DKK Danish Krone EUR Euro GBP Pound Sterling HKD Hong Kong Dollar HUF Hungarian Forint JPY Japanese Yen NOK Norwegian Krone NZD New Zealand Dollar PLN Polish Zloty SEK Swedish Krona SGD Singapore Dollar USD U.S. Dollar
Order Management Integration Guide October 2006 17
Introduction
PayPal-Supported Transactional Currencies
18 October 2006 Order Management Integration Guide

Payment Data Transfer

2
Payment Data Transfer (PDT) provides merchants with the ability to display transaction details to buyers who are redirected back to their site upon payment completion.
NOTE: You must enable Auto Return for Website Payments to use Payment Da ta Transfer.
Auto Return brings your buyers back to your website immediately after payment completion. Auto Return applies to PayPal Website Payments, including Buy Now, Donations, Subscriptions, and Shopping Cart. For more information about Auto Return, see the PayPal Website Payments Standard Integration Guide

How PDT Works

Bob is going to purchase a widget from the Widget Warehouse.
Step 1: Bob goes to the Widget Warehouse website, finds the widget he wants, and clicks Buy Now.
.
Order Management Integration Guide October 2006 19
Payment Data Transfer
How PDT Works
Step 2: Bob is taken to a PayPal Payment Details page which displays the details of the payment he is about to make.
Step 3: Bob enters his PayPal account information into the PayPal Login fields.
20 October 2006 Order Management Integration Guide
Payment Data Transfer
How PDT Works
Step 4: Bob is then taken to a confirmation page that displays the details of his selection, information about how his automatic payments will be funded, and his shipping information. He clicks Pay to complete the payment.
Order Management Integration Guide October 2006 21
Payment Data Transfer
How PDT Works
Step 5: A payment confirmation page appears that informs Bob that his payment has been completed and that he is being redirected back to the Wi dget Warehouse website.
Step 6: A transaction token is passed to the return URL provided by the Widget Warehouse. The Widget Warehouse fetches the transaction token and retrieves the transaction details from PayPal via an HTTP POST. Included in the HTTP post is the identity token that was given to the Widget Warehouse when PDT was enabled.
For more information about the PDT identity token, see “Getting and Using the Identity
Token” on page 24. For more information about the HTTP POST, see “PDT Notification Synch” on page 25.
Step 7: The Widget Warehouse's Thank You page appears and displays the transaction information, again informing Bob that his transaction has been completed and a receipt for the purchase has been emailed to him. The page also displays payment details, a link to PayPal that Bob can use to view more transaction details if necessary, as well as links that he can use to continue shopping.
22 October 2006 Order Management Integration Guide
Payment Data Transfer

Enabling Payment Data Transfer

For example, as shown in the following diagram: Thank you for your payment. Your transaction has been completed, and a receipt for your purchase has been emailed to you. You may log into your account at
Step 8: Bob receives an email receipt for this transaction, confirming his purchase and including a copy of the payment details, the W idget Warehouse's business information, and his confirmed shipping address.
www.paypal.com to view details of this transaction.
Enabling Payment Data Transfer
To enable PDT:
1. Click the My Account tab.
2. Click the Profile subtab.
Order Management Integration Guide October 2006 23
Payment Data Transfer
Enabling Payment Data Transfer
3. Click the Website Payment Preferences link, as shown in the following snapshot.
The Website Payment Preferences page opens.
4. Click the Payment Data Transfer On radio button, as shown in the following diagram.
You must enable Auto Return in order to use Payment Data Transfer. Auto Return can also be enabled from the Website Payment Preferences page.
5. Click Save.

Getting and Using the Identity Token

When you click Save and save your PDT preferences, a message appears at the top of the page indicating that you have successfully saved your preferences. Your identity token also appears in this message.
24 October 2006 Order Management Integration Guide
Payment Data Transfer

PDT Notification Synch

You will need to pass this identity token, along with the transaction token, to PayPal in order to receive information that confirms that a payment is complete.
For security, the identity token is not sent to you; however, once you have enabled PDT, it permanently appears below the Payment Data Transfer On/Off radio buttons on the Website Payments Preferences page.
PDT Notification Synch
After you have activated PDT, every time a buyer makes a website payment and is redirected to your return URL, a transaction token is sent via a FORM GET variable to this return URL.
To properly use PDT and display transaction details to your customer, you should read the transaction token from the variable tx and retrieve transaction details from PayPal by constructing an HTTPS POST to PayPal. This is called notification synch or synchronization.

Constructing the POST

Here are the guidelines for constructing the PDT HTTPS POST to PayPal for notification synch:
1. Your POST must be sent to
2. You must include the cmd variable with the value _notify-synch:
cmd=_notify-synch
3. You must include the transaction token in the variable tx and the value of the transaction
token received via PayPal’s GET:
value_of_transaction_token
tx=
https://www.paypal.com/cgi-bin/webscr.
4. You must post your identity token using the variable at and the value of your PDT identity
token:
your_identity_token
at=
Order Management Integration Guide October 2006 25
Payment Data Transfer
PDT Notification Synch
For information about the identity token, see “Getting and Using the Identity Token” on
page 24.

PayPal Response to POST

PayPal responds to the post with a single word on one line in the body of the response: SUCCESS or FAIL. When you receive a SUCCESS response, the rest of the body of the response is the transaction details, one per line, in the format are both be URL-encoded strings. This response data needs to be parsed appropriately and then URL-decoded.
Example successful response:
SUCCESS first_name=Jane+Doe last_name=Smith payment_status=Completed payer_email=janedoesmith%40hot mail.com payment_gross=3.99 mc_currency=USD custom=For+the+purchase+of+the +rare+book+Green+E ggs+%26+Ham ...
key=value where key and value
If the response is FAIL, PayPal recommends making sure that:
z The Transaction token is not bad. z The ID token is not bad. z The tokens have not expired.

PDT and Auto Return: Messaging to Buyer

When Auto Return, you must display a message on the page displayed by the Return URL that helps the buyer understand that the payment has been made, that the transaction has been completed, and that payment transaction details will be emailed to the buyer. You can display to your customer whatever payment details you feel are appropriate; however, PayPal recommends including the following:
z Item name z Amount paid z Payer email z Shipping address
If you are using PDT to determine when to fulfill an order automatically, confirm that the payment_status is Completed, since the buyer could use methods such as EFT that do not immediately clear.
For a list of PDT variables, see Appendix A, “IPN and PDT Variables.”
26 October 2006 Order Management Integration Guide

Preventing Fraud

In order to prevent fraud, PayPal recommends that your programs verify the following:
z txn_id is not a duplicate to prevent someone from reusing an old, completed transaction. z receiver_email is an email address registered in your PayPal account, to prevent the
payment from being sent to a fraudulent account.
z Other transaction details, such as the item number and price, to confirm that the price has
not been changed.

Code Samples

PayPal has made available code samples that you can use to set up PDT. These samples are available at
There are code samples for the following development environments:
https://www.paypal.com/us/cgi-bin/webscr?cmd=p/xcl/rec/pdt-code.
Payment Data Transfer
Preventing Fraud
z ASP/VBScript z ColdFusion z PERL z PHP
Order Management Integration Guide October 2006 27
Loading...
+ 61 hidden pages