Announcement

Collapse
No announcement yet.

PayPal Standard and security

Collapse
X
Collapse
 
  • Page of 2
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 template Next
    #1

    PayPal Standard and security

    I use PayPal as my PSP. I understand you don't need SSL (I'm guessing because PayPal have one). But, the customer enters their card details on your site before it's transmitted to PayPal.

    Is that not insecure? Or is the transmission to PayPal done through their SSL? Sorry, I'm not sure how it works.

    I'm just curious because people are always told not to enter their card details on a page that doesn't have a padlock. With no SSL, I won't have a padlock, right?



    Thanks in advance for any help
    The Patchwork Rabbit
    Tags: None
    #2
    Which PayPal version are you using (I've asked this before but you didn't respond*)?

    PayPal Pro requires an SSL certificate because yes, the card details are captured on your site. This is not allowed - PCI threads on here will tell you why.

    PayPal Standard takes the customer from your site to PayPal, where they enter their details. Thus you do not need an SSL cert.

    However, many customers prefer to see the golden padlock at the stage where they enter their name and address details so many Actinic stores have an SSL for this even though they don't strictly need it.

    --edit--

    * I see you have now responded. However, I am not convinced you know exactly which version of PayPal you have on your site, as you talk about capturing credit card details on your own site in this thread.
    Reusable Snore Earplugs : Sample Earplugs - Wax Earplugs - Women's Earplugs - Children's Earplugs - Music Earplugs - Sleep Masks

    Comment

      #3
      It is definitely paypal standard. On my current mrsite site, it uses paypal buttons so uses a paypal cart. All transactions are done on paypal's servers so there is no issue.

      However, my actinic trial site doesn't seem to work the same. I've probably set it up wrong :lol:

      I went to Payment and Security, added "PayPal Website Payments" , then [Configure Method] and added my paypal id. I then removed the generic credit card option. I couldn't remove the other "credit card details captured for later processing" so unticked all the boxes so it wouldn't show. Then published the site.

      On the site, I added an item to the cart, went to checkout, added name and address, selected "PayPal website payments" but it didn't remove the card details or take me to paypal. It is still asking for the card details right there on the site.

      I'm clearly being thick but just can't see how to fix it.
      The Patchwork Rabbit

      Comment

        #4
        Is this perhaps beause you are using the temporary trial hosting.
        There may be restrictions to stop actual selling via the trial hosting.

        Comment

          #5
          Originally posted by drounding View Post
          Is this perhaps beause you are using the temporary trial hosting.
          There may be restrictions to stop actual selling via the trial hosting.
          Possibly, but I would expect the screens to behave normally, even if no money changed hands.
          The Patchwork Rabbit

          Comment

            #6
            Are you trialing on Actinic's hosting or your own?

            Comment

              #7
              Originally posted by drounding View Post
              Are you trialing on Actinic's hosting or your own?
              On my own server.

              So, basically, my question is, if the customer selects "PayPal", would you expect to see:

              Card Type:
              Card Number:
              Expiration Date:

              etc, on the same page? Do I have to switch those off? Or have I just done something wrong?
              The Patchwork Rabbit

              Comment

                #8
                No you shouldn't see anything except the Paypal slection.
                I wonder why you can't remove the other cc details captured for later - you should be able to remove that form the payment methods.

                Comment

                  #9
                  Ah, have found this...





                  http://community.actinic.com/showthread.php?t=45492

                  this seems a little overkill
                  Last edited by KB2; 22-Mar-2010, 01:04 PM. Reason: Updating kb links
                  The Patchwork Rabbit

                  Comment

                    #10
                    That's only for PP Pro not for the standard website payments though.

                    Comment

                      #11
                      Nearly there, found this:


                      http://community.actinic.com/showthread.php?t=31105
                      The Patchwork Rabbit

                      Comment

                        #12
                        OK, that's removed the credit card fields, but now checkout takes me to the paypal login page.

                        I thought we were able to use PayPal as a PSP without the customer needing an account?

                        How do you get it to autoforward to PayPal's "Pay with Credit Card or Log In" page instead of just the login page?


                        (sorry!)
                        The Patchwork Rabbit

                        Comment

                          #13
                          I thought we were able to use PayPal as a PSP without the customer needing an account?
                          you need a paypal business acct to offer both people being able to pay via cc and via pp acct.

                          just go to paypal site and apply, there are a few verifications done by pp but nothing arduous.

                          all you need in actinic is your pp ID ie pp email address.

                          Comment

                            #14
                            Thanks pinbrook, but I already have a business account.

                            When I said, "without an account" I meant the customer doesn't need a paypal account.

                            My current problem is that when I go through checkout, I'm taken to the paypal login page and not the "Enter Credit card or login" paypal page, as I would expect.

                            Is there a setting somewhere or code hack to make it go there?
                            The Patchwork Rabbit

                            Comment

                              #15
                              For example, they go here:




                              But I want the customer to go here:


                              The Patchwork Rabbit

                              Comment

                              Previous 1 2 template Next
                              Working...
                              X