This page allows you to select the information you want to collect and display on your payment page and where you want to display the payment confirmation.
Although we offer many options on this page, we recommend that you display as few options as possible on the payment page. For example, you may have already collected shipping address on your own website in order to calculate the shipping cost and passed it on to PayPal's payment page. Therefore, it is not necessary to show this option on the payment page again.
You could have information that has already been collected on your website, but you may want to pass it to PayPal and display it on the hosted payment page again. This information will be pre-filled and editable on this page.
Specify whether to conduct simulated or real transactions.
TEST. Transactions are handled through the test system to enable you to verify and fine-tune system operation. No money changes hands. PayPal strongly urges that you operate in Test mode and verify the operation of your account before you go live.
LIVE. Real financial transactions are performed through the PayPal transaction servers. This option appears only if you have activated your account.
For more information, refer to Specify Test or Live Transaction.
Display the PayPal logo on the bottom right side of your payment page.
Text for the Cancel link that the buyer clicks on when they want to cancel the payment on your website. For example, the text could be "Return to Merchant" or similar.
Upon clicking this link, they are redirected to the URL you specify in the Enter Cancel URL.
A URL to which the buyer's browser is redirected to if payment is cancelled; for example, a URL on your website that displays a “Payment Canceled” page.
Default – The browser is redirected to a cancellation page hosted by PayPal. Be sure to enter the complete URL, including http:// or https://.
A URL to which the buyer's browser is redirected to if there is an error. Be sure to enter the complete URL, including http:// or https://.
Select the METHOD (SET or POST) for the cancel URL.
Text that will be displayed on the buttons on the payment page.
Configure your PayPal Express Checkout display and specify email addresses for live and test transactions.
Select Yes to enable PayPal Express Checkout on your payment page.
Configure your express checkout display by clicking on Design Pages. There you can modify the following:
Page Color: Click on the appropriate color on the color selector or enter the hex color code in the field provided.
Logo File to Reference: To upload your logo, enter the URL of your logo. Be sure to enter the complete URL, including https://.
Specify the email address of your PayPal account (business account). When a buyer makes a payment using Express Checkout as a payment type, the money is sent to this Express Checkout account on the PayPal side. A notification informing you of the transaction is sent this email address.
PayPal provides Sandbox environment for you to test your settings and transactions in. When you create a Sandbox account on https://developer.paypal.com, PayPal auto-generates an email address that is associated with your Sandbox account. Enter that email address in the field provided. Whenever you run a test transaction, an email notification is sent to your sandbox email address.
Select the billing information fields the buyer will be required to complete during checkout.
The fields listed in this section represent information that you collect from the buyer. The buyer will not be allowed to continue with the transaction until the field is filled in.
If you specify that a field is required, then you must do either of the following:
Pass in the data (from your Web page) to populate the field.
Specify that the field is editable in the next section.
Select the fields that the buyer can edit the contents of the field on the PayPal-hosted payment pages. De-select the fields that the buyer should not be allowed to modify.
Select the shipping information fields the buyer will be required to complete during checkout.
The fields listed in this section represent information that you collect from the buyer. The buyer will not be allowed to continue with the transaction until the field is filled in.
If you specify that a field is required, then you must do either of the following:
Pass in the data (from your Web page) to populate the field.
Specify that the field is editable in the next section.
Select the fields that the buyer can edit the contents of the field on the PayPal-hosted payment pages. De-select the fields that the buyer should not be allowed to modify.
Once the transaction is successful, you can choose to display your payment confirmation on either the PayPal-hosted confirmation page or on your website.
On a PayPal hosted page: The payment confirmation appears on a confirmation page hosted by PayPal. Optionally, you can also provide a URL on the confirmation page to take your buyer back to your website. To do so, enter the appropriate URL in the field provided.
On my website: The payment confirmation will appear on your own payment confirmation page. For this, enter the URL of the page that will display the payment confirmation. You will have to message the outcome of the transaction to the buyer when PayPal redirects back to this URL. Be sure to display specifics of the order so the buyer sees a meaning confirmation. You can get the specifics of the order using the Transaction ID we pass back to you with the return URL.
Specify up to 510 characters of text to be displayed at the top of the Receipt page.
Specify up to 510 characters of text to be displayed at the bottom of the Receipt page.
Text for the Cancel link that the buyer clicks on when they want to cancel the payment on your website. For example, Return to Merchant.
Upon clicking this link, they are redirected to the URL you specify in the Enter Cancel URL.
URL of the website to which buyer should be red upon clicking the Continue button on the Receipt page. The URL is typically your website. If you do not specify a URL, then the Continue button does not appear on the Receipt page.
The Return URL Method determines whether only the buyer, or the buyer and their data are returned to this URL.
Specify what should happen when the buyer clicks Continue on the Receipt page. This action applies to successful transactions only.
Specify one of the following values:
LINK: Returns the buyer to the website that you specify in the Return URL field (typically your website). Link is the default setting and is strongly recommended for you if you are new to HTML. This setting returns the buyer to the specified site. No additional transaction data is POSTed if this option is specified.
POST: Returns the buyer and transaction data to the website that you specify in the Return URL field. This option is typically used by experienced HTML/CGI developers to store information that was collected on the PayPal-hosted payment pages.
The Silent Post feature returns data using the HTML Post method whenever a transaction succeeds. The data is sent at the same time as when the Receipt page is displayed. To ensure that transactions proceed only if your script actually receives the data returned by the Silent Post, you must also select the Force Silent Post Confirmation feature.
Select the check box and enter the URL to which transaction data will be posted in the background (invisible to the buyer) after transaction processing.
This option is typically used by experienced HTML/CGI developers to store information that was collected on the PayPal-hosted payment pages.
Using the Silent Post URL ensures that the transaction data is passed back to your website when a transaction is completed. This occurs even if a buyer closes his browser before returning to your site or if the PayPal-hosted Receipt page is disabled.
Even if you use this feature to monitor actual sales, you should always verify the data in the Payflow Gateway report.
This option is used in conjunction with Silent POST — it causes Payflow Gateway to verify that the Silent Post data was received by your website.
If your server does not acknowledge receipt of the Silent POST, Payflow Gateway voids the transaction. Even if you use this feature to monitor actual sales, you should always verify the data in the Payflow Gateway reports.
If you select this option, specify in the Failed Silent Post Return URL field where buyers should go if their transactions are voided by the Force Silent Post Confirmation feature.
Force Silent POST is implemented by checking for a "200 Response" message from your website acknowledging receipt of data. If the "200 Response" message is not received, Payflow Gateway voids the buyer transaction (even if the transaction was approved by the processor) and displays an error to the buyer.
You have the option to send the buyer email receipts for each successful transaction. You specify the sender's address and text that appears in the message. You also have the option to send the messages to yourself.
Select Yes if you want email confirmation of the payment.
Enter the email address of the account that will send the emails to your buyers (typically the email address of a person or staff that can provide support).
PayPal generates this email on your behalf. However, this email does not appear in the your Sent Items folder, nor do you have access to the actual email.
Enter the email address to which successful transaction confirmation emails should be sent. Leave this field blank if no confirmation should be sent.
Unlike the customer email message, the merchant email message does not contain detailed order information. The following information appears in the merchant email message:
Merchant Display Name
Amount of Transaction
Invoice
Description
Date of Transaction
AuthCode
Transaction ID
Customer's Name
If desired, enter a second email address to which successful transaction confirmation emails should be sent. Leave this field blank if no confirmation should be sent.
Unlike the Customer email message, the Merchant email message does not contain detailed order information. The following information appears in the Merchant email message:
Merchant Display Name
Amount of Transaction
Invoice
Description
You have the option of sending order confirmation email messages to the buyer, to you, or to both. Enter the text (up to 510 characters) to display at the top of the confirmation email.
You have the option of sending order confirmation email messages to the buyer, to you, or to both. Enter the text (up to 510 characters) to display at the bottom of the confirmation email.
Payflow Gateway enables you to configure the Address Verification System (AVS), Card Security Code (CSC), and Accepted URL security features.
If you have purchased Fraud Protection Services, then you will not see the AVS and CSC options.
It is your responsibility to protect your passwords and other confidential data and to implement security safeguards on your website and in your organization, or to ensure that your hosting company or internal Web operations team is implementing them on your behalf.
The Address Verification Service (AVS) verifies the cardholder’s billing address to combat fraud in card-not-present transactions (for example, mail order, telephone order, Internet). For more information, refer to Address Verification Service.
To specify the level of AVS checking, select one of the following values in the AVS field:
No: Accept the transaction regardless of the AVS response. This is the default setting.
Full: Accept the transaction only if a value of YY is returned (Y for street number and Y for zip code). If the bank does not return YY, then PayPal voids the transaction and the buyer is declined.
Medium: Accept the transaction only if at least one Y is returned. If the bank does not return YY, YX, or XY, then PayPal voids the transaction and the buyer is declined.
Light: Accepted the transaction for all return values except NN. If the bank does not return NN, then the transaction is approved.
The table below summarizes AVS levels:
|
AVS Setting |
Allowed Responses |
|
Full |
(Y, Y) |
|
Medium |
(Y,Y), (Y,X), (X,Y), (Y,N), (N,Y) |
|
Light |
(Y,Y), (Y,N), (Y,X), (N,Y), (X,Y), (N,X), (X,N), (X,X) |
If you are using AVS checking and the Silent Post feature, then you can identify which transactions have been voided by looking for the following values:
RESPMSG = AVSDECLINED and Result = 0
Be sure to look at the response message for your transaction. Even if your result code is 0, your response message might say that the transaction has failed.
The Card Security Code (CSC) is a 3- or 4-digit number printed on either the front or the back of a credit card (typically in the signature field). The number appears only on the card itself (not on receipts or statements) so it can provide some indication that the physical card is in the possession of the buyer. For more information, refer to Card Security Code.
If the buyer submits the CSC on the Order form, the cardholder's bank returns a Yes/No response on whether the value matches the number on file at the bank. Payflow accepts or rejects orders based on this information.
The bank returns one of the following values:
Y: The submitted value matches the data on file.
N: The submitted value does not match the data on file.
X: The cardholder's bank does not support this service.
Specify one of the following settings in the CSC field:
No: Approve the transaction regardless of the response. This is the default responses.
Full: Accept the transaction only if Y is returned. If N or X is returned, then void the transaction and send a declined message to the buyer.
Light: Accept the transaction only if Y or X is returned. If N is returned, then void the transaction and send a declined message to the buyer.
If you are using Card Security Code checking and the Silent Post feature, then you can identify which transactions have been voided by looking for the following values:
RESPMSG=CSCDECLINED and Result = 0
Be sure to look at the response message for your transaction. Even if your result code is 0, your response message might say that the transaction has failed.
The Payflow gateway uses a secure token to send non-credit card transaction data to the Payflow server for storage in a way that cannot be intercepted and manipulated maliciously. A token is used to secure the data for a one-time transaction and is valid for 15 minutes. You request a secure token in a transaction request. The Payflow server returns the token as a string of up to 32 alphanumeric characters. To post the transaction data to a hosted checkout page, you pass the secure token. The token triggers the Payflow server to retrieve the data and display it for buyer approval.
You also pass a token ID, a string of up to 36 alphanumeric characters, in the request. The Payflow server associates your ID with the secure token it creates. In the HTTP form post, you pass the token ID and secure token so the Payflow server can verify which transaction data to retrieve.
Click Save Changes to implement the changes you made. If you leave the page without clicking Save Changes, then your changes are lost.