All geek questions in one place

Paypal (or adaptive) inside the iOS application + server integration

I want to implement a PayPal chain (this is one of the adaptive payment methods) in the iphone Marketplace application, and I want my server to be able to track all payment steps in order to avoid multiple simultaneous purchases on the same product (this is a physical product and it cannot be bought twice )

I read these documents from PayPal about adaptive payment flow , this is about mobile integration , and this is about the IPN server side .

Now the only way to achieve this is to do the following:

  • When the user clicks the payment button, the client calls our server to create a "pending" transaction for this product.
  • the client calls the native paypal sdk to present the payment submission to the user with all the information returned by our server.
  • paypal encourages our server to notify you of a completed payment, and here the server completes a previously completed transaction transaction.
  • paypal encourages the customer to notify of a completed payment and the thank you screen is shown here.

I would not do this kind of thing for these reasons:

  • I have to put a “lock” on the product to avoid duplicate purchases: the only place I can put this lock is right before calling the PayPal user interface, and then unlock it if the user cancels the operation. How about whether the user will remain in the payment confirmation for a long time? I can set a timeout on the server (for example, 1 hour), but this will not allow the user to complete the purchase after this period!
  • I must indicate the payment details (for example, the amount and email address of the recipient) from the client. As I already wrote, I could use the data provided by the server, but this would lead me to several security and complexity issues.
  • Using his own sdk, the user can select one of the existing delivery addresses, but he cannot create or edit a new one. I have to ask for a delivery address outside of paypal and transfer this data to my own server.

Any suggestions?

+4
source share
1 answer

In the end, a working approach for us used the prior approval of PayPal. if you do not know what preliminary approval is, imagine that the bank has been spared: you ask the user for permission to withhold it at any time, in our case we charge a seller a fee for the commission when he sells the goods.

Maintaining the seller outside the transaction flow allowed us to allow the buyer to complete the check using the express check from the built-in web view.

using this technique, you basically ask the buyer to pre-authorize the payment. after he grants you permission, you transfer the secret token back to your web server where the real payment is made (along with any other secure check).

after transferring money from the buyer to the seller, we entrust the seller with the transaction using prior approval.

please allow me to note that in the end we do not use the real paypal-attached payment, but for us this approach was good, and everything seems to be working fine now.

0
source

Source: https://habr.com/ru/post/1391508/

More articles:


All Articles