CiviCRM Community Forums (archive)

*

News:

Have a question about CiviCRM?
Get it answered quickly at the new
CiviCRM Stack Exchange Q+A site
This forum was archived on 25 November 2017. Learn more.
How to get involved.
What to do if you think you've found a bug.



  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM »
  • Post-installation Setup and Configuration (Moderator: Dave Greenberg) »
  • Paypal Website Payments Pro configuration for 3-D secure
Pages: [1]

Author Topic: Paypal Website Payments Pro configuration for 3-D secure  (Read 2892 times)

freshice

  • I’m new here
  • *
  • Posts: 1
  • Karma: 0
Paypal Website Payments Pro configuration for 3-D secure
January 27, 2010, 07:20:56 pm
Website Payments Pro has introduced an extra security step to their payment processing called 3-D secure. 

Just wondering if anyone has tried to make changes to the CiviCRM WPP processor plugin to adjust it for 3-D secure.

Eileen

  • Forum Godess / God
  • I’m (like) Lobo ;)
  • *****
  • Posts: 4195
  • Karma: 218
    • Fuzion
Re: Paypal Website Payments Pro configuration for 3-D secure
January 27, 2010, 09:46:37 pm
Hi,

I don't know anything about 3D secure but other enhanced security options I have seen require a bit of thought regarding the business processes - e.g. both cvs & av2 (as I recall) will both accept payments that don't match up but will return information saying that there was a mismatch (so, for example you might undertake further steps before shipping any goods).
Make today the day you step up to support CiviCRM and all the amazing organisations that are using it to improve our world - http://civicrm.org/contribute

Dave Greenberg

  • Administrator
  • I’m (like) Lobo ;)
  • *****
  • Posts: 5760
  • Karma: 226
    • My CiviCRM Blog
Re: Paypal Website Payments Pro configuration for 3-D secure
January 28, 2010, 05:49:41 pm
3-D secure is the general name for an extra authentication layer (branded as 'Verified by Visa', etc.). Looks like MasterCard / Maestro transactions done via PayPal Pro iN THE UK - need to use this as of Jan 1 2010:

https://www.paypal-business.co.uk/3dsecure.asp

We have not yet investigated what changes might be needed to the CiviCRM plugin. If you're up for researching and working on a patch - that would be excellent. We can help out on IRC as needed, etc.
Protect your investment in CiviCRM by  becoming a Member!

joebaker

  • Guest
Re: Paypal Website Payments Pro configuration for 3-D secure
February 18, 2010, 09:17:25 am
Anyone have any thoughts on handling 3-D Secure transactions with a payment processor in Form mode (i.e. using doDirectPayment() rather than doTransferCheckout() with an IPN return location)?

It seems to me the tricky bit handling that POST from the 3-D Secure form - where should the form redirect users to? Sounds like it ought to respond to an IPN-type location that handles the response as per notify mode?

My interest here is with a custom payment processor to integrate RBS WorldPay, rather than Paypal Website Payments Pro, I'm afraid.

Indicative thoughts would be warmly welcomed!

Eileen

  • Forum Godess / God
  • I’m (like) Lobo ;)
  • *****
  • Posts: 4195
  • Karma: 218
    • Fuzion
Re: Paypal Website Payments Pro configuration for 3-D secure
February 18, 2010, 12:08:58 pm
Hi,

I'm a big fan of the eWay code for writing form mode processors (although if you look at Elavon, First Data, Payflow Pro Iprobably based all of them on the eWay code so any of them is a good guide.)

I'm not clear why you need to handle a POST for 3-D secure so I'm not quite sure but yes, something like the IPN files for the posts to land on will be needed as the extern folder is intended to be accessible in a way other folders shouldn't be
Make today the day you step up to support CiviCRM and all the amazing organisations that are using it to improve our world - http://civicrm.org/contribute

joebaker

  • Guest
Re: Paypal Website Payments Pro configuration for 3-D secure
February 19, 2010, 01:21:27 am
Thanks for your comments, @Eileen. I'll take a good look at eWay and the rest.

The POST in a 3-D Secure transaction arises because, although the transaction happens in the background, there's an extra authentication stage dropped in where the user has to fill in a  'Verified by Visa'-type form. So, there'll be a POST from that form that needs to be handled, so an IPN-like destination in the extern directory makes a lot of sense.

Eileen

  • Forum Godess / God
  • I’m (like) Lobo ;)
  • *****
  • Posts: 4195
  • Karma: 218
    • Fuzion
Re: Paypal Website Payments Pro configuration for 3-D secure
February 19, 2010, 01:29:49 am
The IPN style ones are actually the trickier ones because you need to ensure that the processor returns to you sufficient data for you to establish what transaction you are completing. Really you only need a contribution ID for that but the code that is generally used (& so easiest to recycle - e.g. payment express) requires a few extra ids such as participantID,  contactID & membership ID.

For the XML ones like eWAY the response you receive is part of a transaction so you know exactly which transaction it relates to.

Make today the day you step up to support CiviCRM and all the amazing organisations that are using it to improve our world - http://civicrm.org/contribute

Tony Horrocks

  • I post occasionally
  • **
  • Posts: 110
  • Karma: 7
    • Fabriko Limited
  • CiviCRM version: 4.5.x
  • CMS version: Drupal 7
Re: Paypal Website Payments Pro configuration for 3-D secure
June 17, 2010, 12:51:47 am
Has anyone in the UK or anywhere else made any progress with 3D secure for Payments Pro?
Tony Horrocks
Author of the CiviCRM CookBook https://www.packtpub.com/web-development/civicrm-cookbook
Pages: [1]
  • CiviCRM Community Forums (archive) »
  • Old sections (read-only, deprecated) »
  • Support »
  • Using CiviCRM »
  • Post-installation Setup and Configuration (Moderator: Dave Greenberg) »
  • Paypal Website Payments Pro configuration for 3-D secure

This forum was archived on 2017-11-26.