PayPal Payments

PayPal is a supported browser payment method in the CommWeb payment gateway. This page describes integration details specific to PayPal, including how to configure your PayPal business account to accept payments via the gateway, branding requirements, etc. It's recommended that you read the integration guidelines for browser payments, before building a PayPal integration.

If you are integrated to use PayPal before DirectAPI version 50, click here.

Prerequisites

To use PayPal as a payment method via the CommWeb payment gateway, you must have a PayPal business account configured for the gateway. For details, see Configuring your PayPal Business Account.

To sign up for a PayPal business account, click here.

PayPal Checkout Experience

The following sections will help you choose a PayPal checkout experience that's most suitable for your shop site.

Choosing a Checkout Flow

PayPal allows your payers to quickly and securely check out on your shop site, allowing them to use their PayPal account for payment and to optionally provide shipping information to the shop site. With PayPal, payers start and end the checkout process on your shop site.

The gateway supports two types of PayPal checkout flows — Checkout with PayPal and Pay with PayPal.

Checkout with PayPal

The Checkout with PayPal flow allows you to redirect the payer from your shop site to the PayPal website using a "Check Out with PayPal" button placed on the shop site's card review page. The payer bypasses the normal checkout flow and checks out using the information stored in their PayPal account. PayPal provides the name, email address, and shipping address from the payer's account back to the shop site, allowing a faster checkout by bypassing the entry of this information on the shop site. PayPal collects the shipping address from the payer on the PayPal website, which the payer can add or edit, if necessary. The "Continue" button allows the payer to be redirected to your shop site to confirm the payment after viewing all the order details. This option allows you to change the order if necessary before accepting the payment (for example, adding shipping and handling charges based on the address returned from PayPal). Or, you can include other checkout steps, for example, up-selling on your Confirm Order page.

Sample Checkout Flow

The below diagram describes the Checkout with PayPal flow where the payer uses the shipping address as stored by PayPal. The payer reviews and confirms the payment on the merchant's shop site.

Checkout with PayPal Workflow

The checkout flow is as follows:

  1. A payer browses your shop site, selects a product and clicks Checkout with PayPal at the checkout page.
  2. When the payer clicks Checkout with PayPal button, you perform a Initiate Browser Payment call to the gateway, and redirect the payer to the PayPal URL returned in the response.
  3. The gateway redirects the payer to the PayPal website.
  4. The payer logs in to their PayPal account using the PayPal Login page.
  5. The payer specifies the shipping address. The payer may select a shipping address previously stored with PayPal, or enter a new one.
  6. The payer selects a funding source and proceeds with the payment by clicking the "Continue" button on the PayPal website.
  7. The payer is redirected from PayPal back to your shop site, via the gateway. You retrieve the details of the transaction, including payer's account email and shipping address, using the Retrieve Transaction operation.
  8. You present a review page to the payer based on this information (for example, you may wish to add shipping and handling charges). When the payer clicks the "Pay Now" button to process the payment, you submit a Confirm Browser Payment call to the gateway.
    The payer can choose to update the shipping address before clicking the "Pay Now" button.
  9. The gateway sends a response with the transaction details, which indicates the success or otherwise of the payment, so you can present the status to the payer.
Pay with PayPal

The Pay with PayPal flow allows the payer to proceed through the normal checkout flow, entering their billing and shipping information into the shop site. When the payer is prompted to choose their payment method, the payer chooses the PayPal option placed on the shop site's billing page alongside other payment options. Unlike a Checkout with PayPal transaction, the shop site provides the payer's shipping address to PayPal. By default, you can choose not to display the shipping address and/or disable edits on PayPal website. See Display/Override Shipping Address below for information on how to implement this in your PayPal integration. The "Pay Now" button allows the payer to confirm the payment on the PayPal website before being redirected back to your shop site. This option allows you to provide a faster checkout experience to the payer as the payer completes the payment at the PayPal website.

Sample Checkout Flow

The below diagram describes the Pay with PayPal flow where the payer reviews and confirms the payment at the PayPal website.

Pay with PayPal Workflow

The checkout flow is as follows:

  1. A payer browses your shop site, selects a product and clicks PayPal at the checkout page.
  2. When the payer clicks the PayPal button, you perform a Initiate Browser Payment call to the gateway, and redirect the payer to the PayPal URL returned in the response.
  3. The gateway redirects the payer to the PayPal website.
  4. The payer logs in to their PayPal account using the PayPal Login page.
  5. The payer reviews the billing info details and confirms the payment by clicking the "Pay Now" button on the PayPal website.
  6. The gateway sends a response with the transaction details, which indicates the success or otherwise of the payment, so you can present the status to the payer.
Choosing When to Confirm the Payment

With both Checkout with PayPal and Pay with PayPal checkout flows, you can choose to display a "Pay Now" button or a "Continue" button at the PayPal website.

The "Pay Now" button allows the payer to confirm the payment on the PayPal website before being redirected back to your shop site. This option allows you to provide a faster checkout experience to the payer as the payer completes the payment at the PayPal website.

The "Continue" button allows the payer to be redirected to your shop site to confirm the payment after viewing all the order details. This option allows you to change the order if necessary before accepting the payment (for example, adding shipping and handling charges based on the address returned from PayPal). Or, you can include other checkout steps, for example, upselling on your Confirm Order page.

See Payment Confirmation below for details on how to implement this in your PayPal integration.

Choosing How to Collect the Shipping Address

Depending on the checkout flow, Checkout with PayPal or Pay with PayPal, you may choose to collect the payer's shipping address on your shop site or the PayPal website respectively. By default, PayPal collects the shipping address from the payer on the PayPal website, which the payer can add or edit, if necessary. You can choose not to display the shipping address and/or disable edits. See Display/Override Shipping Address below for information on how to implement this in your PayPal integration.

PayPal Integration

PayPal via Hosted Checkout

If you have an existing Hosted Checkout integration, PayPal will automatically be available once your payment service provider has successfully configured the acquirer link for PayPal.

For details, see Browser Payments via Hosted Checkout Integration.

Checkout with PayPal flow is not supported in Hosted Checkout.
PayPal via Direct Payment

The gateway currently supports PayPal via the Direct Payment integration method, which allows you to offer PayPal payment method on your own checkout page.

PayPal (REST) is supported from DirectAPI version 50 onwards.

The following fields in the Initiate Browser Payment request are either specific to PayPal or have a specific usage in the PayPal integration. For other details, see Browser Payments via Direct Payment Integration.

  • sourceOfFunds.type = PAYPAL
  • browserPayment.operation = AUTHORIZE or PAY

    With PayPal, funds can be held for 3 days (honor period) from the time the authorization occurred. If you still wish to capture the funds after 3 days, you can use the Update Authorization operation or initiate via the Merchant Administration portal.

    By default, your PayPal merchant account is configured for single captures only. If you wish to change the configuration to support multiple captures, please contact PayPal.

    Operation Field API Reference [REST][NVP]

  • browserPayment.paypal.paymentConfirmation

    When initiating a PayPal payment, you must specify if you want the payer to confirm the payment on the PayPal website or your shop site.

    Payment Confirmation Field API Reference [REST][NVP]

    If confirming at the provider (PayPal), the PayPal website displays a "Pay Now" button, which allows the payer to confirm the payment on the PayPal website before being redirected to your shop site. You must submit a Retrieve Transaction request to the CommWeb payment gateway to determine the success or otherwise of the payment.

    If confirming on your shop site, the PayPal website displays a "Continue" button, which allows the payer to be redirected to your shop site where the payer can confirm the payment. You must send a Retrieve Transaction request to the gateway to retrieve details on whether the payer has continued with the payment or not. If the payer continues with the payment on your shop site, you need to send a Confirm Browser Payment call to confirm the payment with PayPal. The Confirm Browser Payment response will contain information about the success or otherwise of the payment.

    Confirm Browser Payment API Reference [REST][NVP]

    In both cases, if the payment is successful the Retrieve Transaction returns:

    • the email address on the payer's PayPal account
    • the account holder name on the payer's PayPal account
    • the shipping address details
  • [Optional] Display/Override Shipping Address

    You can manage how the payer provides you a shipping address using two fields:

    • browserPayment.paypal.displayShippingAddress — when set to true (default), the shipping address is displayed on the PayPal website.

      Display Shipping Address Field API Reference [REST][NVP]

    • browserPayment.paypal.overrideShippingAddress — when set to true (default), the payer can change the shipping address on the PayPal website.

      Override Shipping Address Field API Reference [REST][NVP]

    By default, PayPal collects the shipping address from the payer on the PayPal website for you. If you choose to collect the shipping address from the payer on your shop site, and you do not want PayPal to display the shipping address to the payer, you must set browserPayment.paypal.displayShippingAddress to false. This also applies when a shipping address is not required for an order (for example, digital products only).

    The gateway will always return the shipping address in the Retrieve Transaction response if the address was supplied in the Initiate Browser Payment request or if browserPayment.paypal.displayShippingAddress is set to true.

    See table below for the various scenarios that may be applicable to your integration. You can choose a different scenario for each payment.

    Initiate Browser Payment PayPal Website
    Display Shipping Address Override Shipping Address Is the Shipping Address required? Is the Shipping Address supplied? Is the Shipping Address valid? Is the Shipping Address displayed to payer? Source of the displayed Shipping Address Can the payer change the Shipping Address?
    true (default) true (default) optional no NA yes PayPal collects the shipping address. yes
    true (default) true (default) optional yes yes yes PayPal displays the shipping address you provide in the request on the PayPal website. yes
    true (default) true (default) optional yes no yes PayPal ignores the shipping address you provide in the request instead collects the shipping address on the PayPal website. yes
    true (default) false required yes yes yes PayPal displays the shipping address you provide in the request on the PayPal website. no
    true (default) false required yes no no PayPal rejects the request. Not applicable
    false Not applicable Not applicable yes yes no PayPal ignores the shipping address you provide in the request. no
    false Not applicable Not applicable Not applicable Not applicable no PayPal does not have a shipping address to display. Not applicable
    For all scenarios, you should use the shipping address returned in the transaction response in case the shipping address was changed by the payer at the PayPal website. Please note that PayPal validates city, state, ZIP code combinations for U.S. shipping addresses.
  • [Optional] Line Item Details

    You can specify line item details in the Initiate Browser Payment request to provide payers with all the order details before they confirm the payment. Consumer research shows that more buyers complete purchases when they see the individual items and other details of an order during PayPal checkout. Hence, it's recommended that you provide order information when you initiate a PayPal checkout to encourage payers to continue with the payment rather than dropping out.

    Line items are considered provided if the item name or unit price is specified. For more information on line item details, see Line Item Data.

How to Interpret the Transaction Result

The table below shows the transaction response codes for the possible scenarios you may encounter after initiating a browser payment.

Initiate Browser Payment Response
What This Means...
response.gatewayCode=SUBMITTED
result=SUCCESS
Redirect the payer using the URL provided in the response.
response.gatewayCode=SUBMITTED
result=FAILURE or PENDING or UNKNOWN
Submit another INITIATE_BROWSER_PAYMENT request.
Retrieve Transaction/Retrieve Order Response
What This Means...
response.gatewayCode=APPROVED
result=SUCCESS
The payment is successful.
response.gatewayCode=PENDING
result=PENDING
The payment is pending a review in the PayPal system. See Pending Payments.
response.gatewayCode=CANCELLED
result=FAILURE
The payer has cancelled the interaction for this payment. Offer the payer the option to try another payment method.
response.gatewayCode=DECLINED or INSUFFICIENT_FUNDS or NOT_SUPPORTED
result=FAILURE
The payment was declined by PayPal.
response.gatewayCode=ACQUIRER_SYSTEM_ERROR
result=FAILURE
The acquirer was unable to process the transaction. You may want to inquire with the acquirer the reason for payment failure, or you can try RETRIEVE_TRANSACTION again. Or, you can offer the payer the option to try another payment method.
response.gatewayCode=SYSTEM_ERROR
result=FAILURE
The gateway was unable to process the transaction.
response.gatewayCode=TIMED_OUT
result=FAILURE
The interaction between the payer and the PayPal system was not successfully completed, for example, the gateway did not receive a redirect of the payer's browser from the merchant within 24 hours or the gateway was unable to retrieve the interaction details between the payer and the PayPal system hence the payment is incomplete.
response.gatewayCode=UNKNOWN
result=UNKNOWN
The gateway was unable to find out about the success or otherwise of the payment.

Authorization Updates

You can update authorization honor period and/or increment authorization amounts for valid PayPal authorization transactions using the Update Authorization operation or via Merchant Administration. To allow this, you must have the "Update Authorization" privilege enabled on your merchant profile by your payment service provider. For more information, see Update Authorization.

It is recommended that you update an authorization after the initial 3 days (honor period) to ensure that funds are still available. A reauthorized payment has a new 3-day honor period. The 3-day honor period can be updated at most once within the 29-day validity period.

You can update an authorization once for up to a maximum of 115% or USD $75 of the originally authorized amount.

Captures, Refunds, and Voids

For PayPal payments, you can capture the authorized amount in part, full or in excess of the originally authorized amount using the Capture operation or via Merchant Administration. An excess capture of up to 115% of the originally authorized transaction is allowed.

You can refund payments processed via PayPal in part, full or in excess for Pay and Capture transactions. You can submit Refund requests using the Refund operation or using Merchant Administration. For an excessive refund, include an amount in excess of the original transaction amount.

You can void any open authorization transaction if capture attempts have failed or you can void a Pay transaction to cancel the payment. You can submit a void request using the Void operation or via Merchant Administration.

Pending Payments

The gateway may return a status of PENDING in the transaction response. For example, if the transaction is currently under risk assessment at PayPal. If the status is pending and if you have configured your own fraud management filters, you should log on to your PayPal business account and review the payment. PayPal will notify the gateway when the status of a pending transaction is updated by PayPal.

If you do not wish to review and would like to decline the pending payments, you can initiate a refund. You can retrieve the result of the updated transaction using the Retrieve Transaction operation.

Billing Agreement and Recurring Payments

Using Checkout with PayPal or Pay with PayPal, you can set up a billing agreement for a payer, which allows you to initiate a reference transaction (subscription/recurring or on-demand payments) against this billing agreement without additional consent from the payer. For more information, see Billing Agreement and Recurring Payments.

Configuring your PayPal Business Account

This section describes how to configure your PayPal business account to work with the gateway integration. Once the PayPal account is configured, you need to provide your account details (PayPal Account ID) to your payment service provider to enable them to set up your merchant profile on the payment gateway for PayPal.

To process transactions through PayPal, you must log in to Merchant Administration and grant permissions to the gateway for the specific API calls that the gateway must make on your behalf.

Here are the steps to the integrated sign-up process:

  1. Log in to Merchant Administration. Go to Admin > PayPal Configuration and click Grant Permissions in PayPal.
  2. Provide your email address and select your Country on the PayPal Get Started page, and click Next.
  3. If signing-up for a business account, click the Sign Up button and follow the steps below:
    1. Enter your details as required and select the checkbox to grant API permissions to the gateway.
    2. Click Agree and Continue.
    3. Provide more information about your business in the subsequent pages and click Continue.
    4. You will see a sign-up confirmation page and instructions to activate your account.
    5. Click the button Go Back to Payment Gateway to return to Merchant Administration. You will see a confirmation message for granting the API permissions.
  4. If logging into an existing PayPal business account, follow the steps below:
    1. Log in to your PayPal business account with your PayPal username and password.
    2. You will see instructions that will allow PayPal to connect with your merchant profile on the gateway.
    3. Click Agree and Connect.
    4. You will see a success message for granting permissions and instructions to activate your account.
    5. Click the button Go Back to Payment Gateway to return to Merchant Administration. You will see a confirmation message for granting the API permissions.

Enhanced Seller Protection

You can submit additional payer data in the Initiate Browser Payment and in the subsequent Pay/Authorize requests after performing Tokenize Browser Payment to allow PayPal to perform risk assessment of the transaction before the transaction is processed.

The data in the following fields is used by PayPal to perform a pre-transaction risk management evaluation:

  • device.fingerprint: A unique identifier for the device that can be generated using the PayPal FraudNet Javascript library. This allows PayPal to perform risk assessment of the transaction.
  • risk.custom: You can provide additional data about the payment in this field. You must have an agreement with PayPal about the values you wish to provide. For example, risk.custom.headOfficeLocation=London UK.
  • sourceOfFunds.token: The token Id that identifies the billing agreement details (as received from PayPal) on the gateway. You can use this token Id for one-time and recurring payments. For more information, see Billing Agreement and Recurring Payments.

Security Best Practices for PayPal Integrations

For information on security best practices, click here.

Testing Your Integration

The CommWeb payment gateway provides a PayPal simulator that allows you to test your integration for using the PayPal functionality via the gateway.

Copyright © 2020 Commonwealth Bank of Australia