HI
I'm looking at Paypal Payments Pro and trying to get my head around what I actually need with this. I know I need the usual policies on the site but am I right in saying:
I need an SSL certificate
I need the shipping, returns, terms etc..
I need to complete an annual questionnaire
I need a quarterly network scan - what does this involve?
Do I need to do anything else to be compliant?
Are the card details actually taken on my server and then sent to PayPal or is the user entering them on PayPal's website?
Thanks
You should not need an SSL cert.
You will be sending them to PayPal's gateway, which is secure. Payments Pro is similar to most gateway / virtual terminal setups. Everything is done on their secured server.
You will be sending them to PayPal's gateway, which is secure. Payments Pro is similar to most gateway / virtual terminal setups. Everything is done on their secured server.
A Trusted Wholesale Dropshipper
Web Hosting Under $ 5.00 Month! FREE Shopping Carts!
25,000+ Real Wholesale & Dropship Sources!
But it seems that the user puts the details in on opencart then clicks submit... http://forum.opencart.com/viewtopic.php?f=20&t=10229
Or is it some sort of iframe>?
Or is it some sort of iframe>?
If you are planning to use PayPal Payments Pro to process payments from your website then you will absolutely need an SSL certificate because payment information will be sent online from your website to paypal for processing.
https://www.paypal-community.com/t5/How ... D983222EFC
https://www.paypal-community.com/t5/How ... D983222EFC
You collect no payment data on your site with any PayPal method, which is what made it so popular from the start.
You collect no payment data on your site with any of the payment processors / gateways.
Unless you are actually collecting the payment info on your server, you need no SSL cert. This does not mean that the "seals" provided by the SSL cert providers cannot be a sales factor for your cart, but that is all they are, since all card info is collected elsewhere.
Simply do a transaction with no SSL and you will still see the "secure padlock" down in the right corner.
You collect no payment data on your site with any of the payment processors / gateways.
Unless you are actually collecting the payment info on your server, you need no SSL cert. This does not mean that the "seals" provided by the SSL cert providers cannot be a sales factor for your cart, but that is all they are, since all card info is collected elsewhere.
Simply do a transaction with no SSL and you will still see the "secure padlock" down in the right corner.
A Trusted Wholesale Dropshipper
Web Hosting Under $ 5.00 Month! FREE Shopping Carts!
25,000+ Real Wholesale & Dropship Sources!
peteVA wrote:You collect no payment data on your site with any PayPal method, which is what made it so popular from the start.
You collect no payment data on your site with any of the payment processors / gateways.
Unless you are actually collecting the payment info on your server, you need no SSL cert. This does not mean that the "seals" provided by the SSL cert providers cannot be a sales factor for your cart, but that is all they are, since all card info is collected elsewhere.
Simply do a transaction with no SSL and you will still see the "secure padlock" down in the right corner.
This is not correct. PayPal states that PayPal Payments Pro requires you to manage credit card data security. You need your own SSL certificate if you use this service. PayPal standard does not require an SSL certificate but the Pro version does because you ARE accepting credit card information on YOUR website.
https://merchant.paypal.com/us/cgi-bin/ ... secondpage
See the last line in the full comparison between Website Payments Standard and Website Payments Pro.
Incorrect. Paypal Pro is designed to collect credit card details on your site so the customer never leaves. In this case you DO need an SSL certificate and a Paypal Pro account. Paypal Pro will give you the required info like Authorization API and Signature and you simply enter that into the Paypal Pro config area in the admin panel.peteVA wrote:You should not need an SSL cert.
You will be sending them to PayPal's gateway, which is secure. Payments Pro is similar to most gateway / virtual terminal setups. Everything is done on their secured server.
In regards to PCI, you should have nothing to worry about as long as you are using an SSL Cert. You are not storing any information on your site nor is there any outside processing occurring between the final button press and transaction.
Are payments through the OpenCart PayPal Payments Pro module covered by PayPals Seller Protection Policy?
https://cms.paypal.com/us/cgi-bin/?cmd= ... learn_more
I wonder if collecting data on my web host increases my liability with fraudulent orders...
https://cms.paypal.com/us/cgi-bin/?cmd= ... learn_more
I wonder if collecting data on my web host increases my liability with fraudulent orders...
No, You would not be protected under PayPals Seller Protection Policy, irregardless of weather you use Payments Pro or not any 'business transaction' is not covered under this policy. The policy you are referring to is to protect 'average joe' seller, not businesses.
Increase Page Speed (#1 rated commercial extension on OpenCart Marketplace)
15in1 Essential Extensions Value Pack Premium Customer Testimonials Reward Points Extended Admin Security Lockdown Suite
irc.freenode.net #opencart
First, SSL is an essential for serious sellers no matter what payment method you use. If nothing else, it helps secure your admin from prying eyes. It does boost buyer confidence and I regularly see it increase conversion rates. Its also dirt cheap.
Second, whether Paypal provides formal seller protection or not, they will assist in fighting chargebacks, and if you follow the other rules for their seller protection program you have a reasonable chance of winning those disputes.
If you'd like more clarity about the process, and (more often than not) lower fees, I'd suggest a merchant account. The PCI requirements are not all that onerous, and are not much more than what you'd do on your own if you're serious about not having your sales stolen from you every three months or so by any cracker who happens to wander by...
Second, whether Paypal provides formal seller protection or not, they will assist in fighting chargebacks, and if you follow the other rules for their seller protection program you have a reasonable chance of winning those disputes.
If you'd like more clarity about the process, and (more often than not) lower fees, I'd suggest a merchant account. The PCI requirements are not all that onerous, and are not much more than what you'd do on your own if you're serious about not having your sales stolen from you every three months or so by any cracker who happens to wander by...
Specializing in secure Hosting 4 OpenCart based eCommerce websites.
Well spoken. I agree 100%. Customers needs a sense of security even if they are using Pay Pal Standard, or even if they are entering their email somewhere.Nimitz1061 wrote:First, SSL is an essential for serious sellers no matter what payment method you use. If nothing else, it helps secure your admin from prying eyes. It does boost buyer confidence and I regularly see it increase conversion rates. Its also dirt cheap.
Second, whether Paypal provides formal seller protection or not, they will assist in fighting chargebacks, and if you follow the other rules for their seller protection program you have a reasonable chance of winning those disputes.
If you'd like more clarity about the process, and (more often than not) lower fees, I'd suggest a merchant account. The PCI requirements are not all that onerous, and are not much more than what you'd do on your own if you're serious about not having your sales stolen from you every three months or so by any cracker who happens to wander by...
I also liked what Daniel said about PCI. General rule of thumb is that you "never" store that kind of sensitive data in your database unless you feel like losing years of sleep from liability stress. Leave it to the big dogs that are already set up for it
Who is online
Users browsing this forum: No registered users and 111 guests
