I’m trying to work out the best PayPal payment method to use for sites in Australia.
The restrictions are:
1. We don’t want to capture credit information on our hosted server - we want payment processing handled by PayPal
2. We don’t want to force the customer to signup for a PayPal account if they don’t already have one.
We are mostly concerned with Magento CE/Enterprise, although we do have a few MagentoGo clients.
When testing a MagentoGo site that only had Website Payments Standard enabled, it would not allow us to pay through PayPal, without creating a PayPal account. This is contrary to the documentation at PayPal, which says it isn’t necessary.
Wallowing through the various naming standards, I’ve pasted the relevant info I came up with.
Q1 - should Payments Standard allow you to pay without creating a PayPal account?
Q2 - I assume the Payflow Gateway actually captures card info on our servers, and would require us to have PCI certified hosting to implement, which is not likely.
Any info? They really seem to want people to use Express Checkout, but that does force you to have an account.
My PayPal notes
PayPal at https://www.paypal.com/au/cgi-bin/webscr?cmd=_profile-comparison refers to:
1.Paypal express checkout (paypal checkout, needs merchant acct, api or html)
2.Website payments standard (paypal checkout, no merchant acct, no cust acct, html)
3.Payflow pro (website or paypal checkout, includes merchant acct, no cust acct, api)
4.Payflow gateway (website or paypal checkout, needs merchant acct, no cust acct, api or html)
5.Email payments (paypal checkout, no merchant acct, no cust acct, no code)
The Australian business products page is at https://www.paypal.com/au/webapps/mpp/compare-business-products
Strangely it describes PayPal Express as not leaving your website, but that isn’t really true.
Magento at http://www.magentocommerce.com/paypal only refers to:
1.PayPal Express Checkout
2.PayPal Payments Pro (accept payments directly on your website - and doesn’t match anything above)
Magento at http://www.magentocommerce.com/knowledge-base/entry/setting-up-paypal-for-your-magento-store/ refers to:
1. Express Checkout
2. Website Payments Standard
3. Website Payments Pro (says US, UK, Canada)
4. Website Payments Pro Payflow Edition
5. Payflow Pro Gateway (says US, UK, AU, NZ)
6. Express Checkout for Payflow Pro (relies on Payflow Pro Gateway or Website Payments Pro Payflow Edition)
Magento on our sites used so far contains (admin name and description):
1.Express Checkout â Add an Express Checkout button to your existing shopping cart for quick and easy credit card payments. PayPal handles all payment processing.
2.Website Payments Standard â PayPal processes all of your orders, and you get paid.
3.Payflow Pro Gateway â Donât have a PayPal merchant account? You can still accept credit card payments through the Payflow Pro Gateway.
4.Website Payments Pro Hosted Solution â Payments by cards + seller protection - Contact PayPal before activating
PayPal Product Descriptions
Add PayPal as a payment option to your checkout page - or use it as a stand-alone solution. Youâll open the door to over 100 million active PayPal users who look for and use this fast, easy, and secure way to pay.
Website/PayPal Payments Standard
Add a PayPal payment button to your site to accept credit cards and PayPal payments securely. When your customers check out, they are redirected to PayPal to pay, then back to your site once theyâre finished.
PayPal Payflow Pro
Connect a fully customizable payment gateway with your Internet merchant account to accept credit card and PayPal payments directly on your site. Payflow Pro offers you complete control of your customersâ payment experience and helps ensure every transaction is secure.
Payments Pro Hosted Solution - goes to a PDF at https://cms.paypal.com/cms_content/GB/en_GB/files/developer/HostedSolution.pdf and is available in AU, FR, but not US.
http://www.blueacorn.com/magento-blog/pci-compliance-for-magento/ suggests that Magento CE is only PCI compliant if you use a hosted solution eg paypal express. Visually it’s very clear that you are leaving your website. Apparently SaaS solutions such as CRE Secure deliver semi-seamless PayPal gateways that can be styled, although the URL still changes. Magento Enterprise has a separate Payment Bridge that was PA-DSS certified. But it sounds like the hosting needs to be PCI compliant with separate DB and webservers, which rules it out for webqem.