Slashdot Mirror

← Back to Stories (view on slashdot.org)

PayPal Introduces Open API

Posted by timothy on from the freedom-to-pay dept.

m2pc writes "PayPal has just announced the availability of their Open API under the 'PayPal X Program.' This enables developers to integrate PayPal payment processing services without forcing users to redirect to PayPal's website to enter payment information. This new initiative is designed to allow the company to better compete with the likes of Google and Amazon, which offer similar services. I wonder how much they paid for their domain: x.com?"

13 of 128 comments (clear)

  1. API??? by click2005 · · Score: 4, Insightful

    Another Price Increase

    --
    I am a free slashdotter. I will not be modded, blogged, DRM'd, patented, podcasted or RFID'd. My life is my own.
  2. Paypal was originally x.com by SashaMan · · Score: 4, Informative

    Paypal has owned the x.com domain since before they were paypal (check wikipedia), so while x.com probably wasn't super cheap back in 1999, it's not like they just purchased it.

  3. redirect is better by bolthole · · Score: 5, Insightful

    I personally LIKE the redirect. I LIKE only inputting my credit card/whatnot information to paypal.com directly, instead of some random site that I'm doing a one-time transaction with and will probably never see again.

    1. Re:redirect is better by webheaded · · Score: 4, Insightful

      Yeah, I'd have to agree. I generally shy away from websites that directly ask me for a username and password for another site. I don't care who you are, but after all the phishing emails and such we've seen over the years, you'd have to be pretty dense to not feel at least a little uncomfortable with something like this.

      --
      "Those who would sacrifice essential liberties for a little temporary safety deserve neither liberty nor safety." - BenF
  4. Bummer! by timeOday · · Score: 5, Insightful

    As an end user, to me the value in going through a centralized payment service is the security of having only one reputable company (PayPal) handling my personal information, instead of having every vendor out there from whom I've ever bought anything potentially putting my CC# into their database. Forget disintermediation via this API, I'd rather go the other way and have assurance from the middleman that the vendor will never get anything they don't need for order fullfillment - that is, just my name and mailing address.

    1. Re:Bummer! by nametaken · · Score: 4, Informative

      You're kidding, right? Did you just call PayPal a reputable company? You clearly haven't had an account seized for no particular reason... or the various other nefarious shit they're known for.

  5. Re:one-letter domain? by sopssa · · Score: 5, Informative

    PayPal has always owned it:

    The current incarnation of PayPal is the result of a March 2000 merger between Confinity and X.com. X.com was founded by Elon Musk in March 1999, initially as an Internet financial services company. Both Confinity and X.com launched their websites in late 1999.

    http://en.wikipedia.org/wiki/PayPal

  6. No parking. by Snufu · · Score: 4, Funny

    I wonder how much they paid for their domain: x.com?

    It's variable.

  7. This is a bad idea because... by phiz187 · · Score: 5, Insightful

    This is going to make users accustomed to entering their paypal credentials into all sorts of unique interfaces, on a variety of websites. It is going to condition users to be less guarded about their paypal credentials. As it stands now, you basically only enter your PayPal credentials into either the PayPal.com or Ebay.com domains. Users know that if anywhere else asks for their credentials, that it is a phishing site. I think this is going to be a minor disaster for PayPal. But hey, maybe they're cash-flush enough to eat the cost of all the new fraud claims that are going to result.

    --
    Pretend I said something meaningful or insightful here.
  8. Re:Um...guys.... by jjohn24680 · · Score: 4, Interesting

    PayProFlow is their credit card payment gateway, and handles other kinds of related transactions (debit cards, pre-funded cards). It appears this API ties to their main payment system (transfer funds between PayPal accounts) rather than credit cards. The company I work for uses their gateways to process transactions for both credit cards and also payments between PayPal accounts. Currently, if someone wants to receive a payment from us, they have to go to the PayPal website and create an account there. Once they have an account, we can use the existing API to transfer funds. From the article, it appears that you can use this API to create a new account, which is something that I don't believe can be done at this point.

  9. Poor choice of words... by raehl · · Score: 5, Insightful

    He meant greedy business entity strongly financially motivated to avoid any uncontrolled release of your information.

    PayPal very diligently acts to protect their bottom line. You may not like their policies on withholding balances, but that same financial diligence also goes in to maintaining security to prevent the huge financial losses that would occur should the public no longer perceive paypal as secure.

    --
    paintball
  10. Re:one-letter domain? by greatica · · Score: 5, Funny

    I heard it used to belong to some ridiculous group claiming ufo defense or something.

  11. Re:As a Developer by nacturation · · Score: 4, Informative

    Why on earth would I want to add the burden of handling and protecting sensitive financial information when I can just send the user to a website they are familiar with to complete the transaction? No credit card numbers in my DB to steal, added trust for the user - this API seems like fail-fail.

    If you're storing credit card numbers, you're doing it wrong. Here's how it should happen:

    • Your payment page is SSL secured and people enter their CC details
    • Your web server sends it through an SSL-secured API to PayPal
    • PayPal responds with the result
    • Your web server does or doesn't approve the order as appropriate (this is the ??? step)
    • Profit!

    The only storage of sensitive information that goes on is inside the server's RAM and it gets discarded from RAM once the transaction concludes.

    --
    Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.