View previous topic :: View next topic |
Author |
Message |
markdart
Joined: 18 Oct 2006 Posts: 18
|
Posted: Wed Jan 27, 2010 7:50 pm Post subject: API Certificate |
|
|
I am thinking about purchasing IPN. I have a couple questions:
1. Can I run it on a server from my home network? Any OS requirement? I assume it will go out periodically and check for purchases, generate the key and send it to myself and the customer. I develop in VS 2008 Pro.
2. From what I gather the License Tracker database will need to be updated manually from emails received from IPN vis-à-vis Outlook.
3. PayPal is just rolling out API certificates for my account type. I would like to send the key to the customer through PayPal using an API certificate so the customer could not claim to never have received the key and dispute the charge to get the key for free. I only had one customer try that and I simply put the key in the dispute correspondence so they could not claim they never got it. However, if I could send the key through PayPal it would circumvent ever having to do it through the Dispute Resolution process if that situation ever occurs again. |
|
Back to top |
|
|
Infralution
Joined: 28 Feb 2005 Posts: 5027
|
Posted: Wed Jan 27, 2010 9:47 pm Post subject: |
|
|
Quote: | 1. Can I run it on a server from my home network? Any OS requirement? I assume it will go out periodically and check for purchases, generate the key and send it to myself and the customer. I develop in VS 2008 Pro. |
IPN.NET actually works the other way round. It needs to be installed on a publicly visible web server. PayPal then contacts the IPN.NET server for each sale (you have to configure IPN in PayPal). IPN.NET then generates the license key and sends an email to both you and your customer.
Quote: | 2. From what I gather the License Tracker database will need to be updated manually from emails received from IPN vis-à-vis Outlook. |
The email attachment you receive can be imported directly into License Tracker from Outlook.
Quote: | 3. ... However, if I could send the key through PayPal it would circumvent ever having to do it through the Dispute Resolution process if that situation ever occurs again. |
The API certificates are designed to allow PayPal to verify that you are owner of an account if you interact with PayPal via the API. They don't really help in preventing customer fraud. The most common problem with fraud is someone purchasing a product using stolen credit card details. They get you to send the license key to a temporary email address. When the real owner of the card gets their bill they then initiate a chargeback. Someone received the license key - just not the true owner of the credit card. The best way to minimize this type of fraud is to not email license keys to email addresses from free providers. Fraudsters generally use free email addresses from hotmail etc to avoid being traced. IPN.NET includes the ability to block free email addresses. _________________ Infralution Support |
|
Back to top |
|
|
markdart
Joined: 18 Oct 2006 Posts: 18
|
Posted: Thu Jan 28, 2010 12:20 am Post subject: |
|
|
Thanks for the response.
I saw something about suggestions we could make for new products. Why not make a product that simply checks emails from a computer on a home network and creates and sends the key out when it finds a messaage. I know I can write an app that will do this but if you had something canned that worked with License Tracker I think a lot of folks would prefer that...I would.
If I understand the API certificate correctly (??) and I could use the API certificate with the new product idea I mentioned above, could I require the person using the credit card to have an account with PayPal? That would be as good as a paid email account I think. Most of my customers do not pay for their email service.
Also, I have never had the situation you mentioned but I thought the credit card company covered the charges on a stolen card so could the customer get a charge back from PayPal as well? |
|
Back to top |
|
|
Infralution
Joined: 28 Feb 2005 Posts: 5027
|
Posted: Thu Jan 28, 2010 12:30 am Post subject: |
|
|
Quote: | I saw something about suggestions we could make for new products. Why not make a product that simply checks emails from a computer on a home network and creates and sends the key out when it finds a messaage. I know I can write an app that will do this but if you had something canned that worked with License Tracker I think a lot of folks would prefer that...I would. |
Although you could do this - one issue would be that someone could quite easily spoof (imitate) a payment from PayPal to you. Then you would generate a key for them. If you are generating keys like this you should always check your PayPal account online to check the payment actually occurred. IPN.NET incorporates a callback mechanism that ensures that the payment notifications from PayPal are genuine.
Quote: | If I understand the API certificate correctly (??) and I could use the API certificate with the new product idea I mentioned above, could I require the person using the credit card to have an account with PayPal? That would be as good as a non-free email account I think. Most of my customers do not pay for their email service. |
Anyone can open a PayPal account with just an email address - so unfortunately this doesn't guarantee anything.
Quote: | Also, I have never had the situation you mentioned but I thought the credit card company covered the charges on a stolen card so could the customer get a charge back from PayPal as well? |
The horrible truth is that the credit card companies (and PayPal) don't protect the vendor at all in the event of a chargeback. You will have to refund the money and, to and insult to injury, also have to pay a chargeback fee. _________________ Infralution Support |
|
Back to top |
|
|
markdart
Joined: 18 Oct 2006 Posts: 18
|
Posted: Thu Jan 28, 2010 3:11 pm Post subject: |
|
|
Wow - that is BS! The credit card companies here is the US love us enough to raise our rates after we bail them out - they are all heart.
From what I read about the new API from PayPal, you can verify that the transaction is complete and verified. They offer a binary for VS 2008 so I think I can check emails, do a secure check and verification with PayPal, generate the key (with a modification of the License Tracker source), and send the customer a secure email with the key - tracked through PayPal. When I get it working are you interested in getting the source from me? |
|
Back to top |
|
|
Infralution
Joined: 28 Feb 2005 Posts: 5027
|
Posted: Thu Jan 28, 2010 9:49 pm Post subject: |
|
|
Quote: | Wow - that is BS! The credit card companies here is the US love us enough to raise our rates after we bail them out - they are all heart. | It's good if you're a buyer - just not so good for vendors.
Quote: | When I get it working are you interested in getting the source from me? |
Sure - we're always interested in suggestions. _________________ Infralution Support |
|
Back to top |
|
|
|