Difference between revisions of "PayPal/IPN"
m (rephrase; code samples link) |
(notes: authenticating) |
||
| Line 10: | Line 10: | ||
* [https://www.paypal.com/en_US/ebook/PP_OrderManagement_IntegrationGuide/ipn.html Order Integration: IPN] | * [https://www.paypal.com/en_US/ebook/PP_OrderManagement_IntegrationGuide/ipn.html Order Integration: IPN] | ||
** [https://www.paypal.com/us/cgi-bin/webscr?cmd=p/pdn/ipn-codesamples-pop-outside sample code] | ** [https://www.paypal.com/us/cgi-bin/webscr?cmd=p/pdn/ipn-codesamples-pop-outside sample code] | ||
| + | ==Notes== | ||
| + | Documentation on how to interpret the fields returned by IPN is generally very lacking. A key issue seems to be that of how to authenticate the data, i.e. determine that it definitely comes from PayPal rather than from a third party trying to fool your system into believing a payment has been made. | ||
| + | |||
| + | PayPal's [https://cms.paypal.com/cms_content/US/en_US/files/developer/PP_OrderMgmt_IntegrationGuide.pdf Order Management Integration Guide] suggests setting one or more "secret" variables to be included in the IPN; while this may provide first-order defense against spoofing, it is not particularly safe from interception since the "secret" is transmitted without encryption. | ||
| + | |||
| + | The fields sent with the IPN include at least one field which seems to be a [[digital signature]] of some kind, changing for each transaction, which would be a much better level of security (especially if it uses [[public key encryption]], e.g. an checksum of the IPN data and timestamp encrypted using PayPal's private key); a sample: | ||
| + | verify_sign AiPC9BjkCyDFQXbSkoZcgqH3hpacAM9KNT3jv0YPjZMPbrIcmvcIcLHa | ||
| + | There does not appear to be any explanation of how to decode or interpret this data, however. | ||
Revision as of 19:52, 22 February 2009
Overview
Instant Payment Notification (IPN) is one of two methods by which a web site may retrieve payment information, in real time (i.e. immediately after the payment is completed), resulting from a transaction conducted on PayPal's web site. The other method is Payment Data Transfer (PDT).
IPN is somewhat more reliable than PDT in that PayPal's server contacts the merchant's server directly to transmit transaction data as soon as the transaction has occurred, rather than depending on the customer's browser to convey the data.
|
This page is a seed article. You can help HTYP water it: make a request to expand a given page and/or donate to help give us more writing-hours!
|
Pages
Links
Notes
Documentation on how to interpret the fields returned by IPN is generally very lacking. A key issue seems to be that of how to authenticate the data, i.e. determine that it definitely comes from PayPal rather than from a third party trying to fool your system into believing a payment has been made.
PayPal's Order Management Integration Guide suggests setting one or more "secret" variables to be included in the IPN; while this may provide first-order defense against spoofing, it is not particularly safe from interception since the "secret" is transmitted without encryption.
The fields sent with the IPN include at least one field which seems to be a digital signature of some kind, changing for each transaction, which would be a much better level of security (especially if it uses public key encryption, e.g. an checksum of the IPN data and timestamp encrypted using PayPal's private key); a sample:
verify_sign AiPC9BjkCyDFQXbSkoZcgqH3hpacAM9KNT3jv0YPjZMPbrIcmvcIcLHa
There does not appear to be any explanation of how to decode or interpret this data, however.