PayPal Payments

PayPal is a supported browser payment method in the Mastercard Payment Gateway. This page describes integration details specific to PayPal, including how to configure your PayPal business account to accept payments via the gateway, branding requirements, etc. It's recommended that you read the integration guidelines for browser payments, before building a PayPal integration.

If you are integrated to use PayPal before API version 50, click here.

Prerequisites

To use PayPal as a payment method via the Mastercard Payment Gateway, you must have a PayPal business account configured for the gateway. For details, see Configuring your PayPal Business Account.

To sign up for a PayPal business account, click here.

PayPal Checkout Experience

The following sections will help you choose a PayPal checkout experience that's most suitable for your site.

Choosing a Checkout Flow

PayPal allows your payers to quickly and securely check out on your site, allowing them to use their PayPal account for payment and to optionally provide shipping information to the site. With PayPal, payers start and end the checkout process on your site.

The gateway supports two types of PayPal checkout flows — Checkout with PayPal and Pay with PayPal.

Checkout with PayPal

The Checkout with PayPal flow allows you to redirect a payer from your site to PayPal through Check Out with PayPal.

A Payer bypasses the normal checkout flow and checks out using the information stored in the PayPal account .
PayPal provides the name, email address, and shipping address to you from the payer's account. This action allows a faster checkout.
PayPal collects the shipping address from the payer at PayPal, which the payer can add or edit, if required.
After verifying the order details, the payer selects the Continue button.
The payer is redirected to your payment page for confirmation.
If required, you can change the order before accepting the payment (for example, adding shipping and handling charges based on the address returned from PayPal).

Sample Checkout Flow

The below diagram describes the Checkout with PayPal flow where the payer uses the shipping address as stored by PayPal. The payer reviews and confirms the payment on the merchant's site.

Checkout with PayPal Workflow

The checkout flow is as follows:

A payer browses your site, selects a product and clicks Checkout with PayPal at the checkout page.
When the payer clicks Checkout with PayPal button, you perform an Initiate Browser Payment call to the gateway, and redirect the payer to the PayPal URL returned in the response.
The gateway redirects the payer to PayPal.
The payer logs in to their PayPal account using the PayPal Login page.
The payer specifies the shipping address. The payer may select a shipping address previously stored with PayPal, or enter a new one.
The payer selects a funding source and proceeds with the payment by clicking the "Continue" button at PayPal.
The payer is redirected from PayPal back to your site, via the gateway. You retrieve the details of the transaction, including payer's account email and shipping address, using the Retrieve Transaction operation.
You present a review page to the payer based on this information (for example, you may wish to add shipping and handling charges). When the payer clicks the "Pay Now" button to process the payment, you submit a Confirm Browser Payment call to the gateway.
The payer can choose to update the shipping address before clicking the "Pay Now" button.
The gateway sends a response with the transaction details, which indicates the success or otherwise of the payment, so you can present the status to the payer.

Example Request

{
   "apiOperation":"INITIATE_BROWSER_PAYMENT",
   "browserPayment":{
      "operation":"AUTHORIZE",
      "paypal":{
         "paymentConfirmation":"CONFIRM_AT_MERCHANT"
      },
      "returnUrl":"Https://test.com"
   },
   "order":{
      "amount":"4.20",
      "currency":"USD"
   },
   "sourceOfFunds":{
      "type":"PAYPAL"
   }
}

Pay with PayPal

The Pay with PayPal flow allows the payer to proceed through the normal checkout flow, entering their billing and shipping information into the site. When the payer is prompted to choose their payment method, the payer chooses the PayPal option placed on the site's billing page alongside other payment options. Unlike a Checkout with PayPal transaction, the site provides the payer's shipping address to PayPal. By default, you can choose not to display the shipping address and/or disable edits at PayPal. See Display/Override Shipping Address below for information on how to implement this in your PayPal integration. The "Pay Now" button allows the payer to confirm the payment at PayPal before being redirected back to your site. This option allows you to provide a faster checkout experience to the payer as the payer completes the payment at PayPal.

Sample Checkout Flow

The below diagram describes the Pay with PayPal flow where the payer reviews and confirms the payment at PayPal.

Pay with PayPal Workflow

The checkout flow is as follows:

A payer browses your site, selects a product and clicks PayPal at the checkout page.
When the payer clicks the PayPal button, you perform an Initiate Browser Payment call to the gateway, and redirect the payer to the PayPal URL returned in the response.
The gateway redirects the payer to PayPal.
The payer logs in to their PayPal account using the PayPal Login page.
The payer reviews the billing info details and confirms the payment by clicking the "Pay Now" button at PayPal.
The gateway sends a response with the transaction details, which indicates the success or otherwise of the payment, so you can present the status to the payer.

Example Request

{
   "apiOperation":"INITIATE_BROWSER_PAYMENT",
   "browserPayment":{
      "operation":"PAY",
      "paypal":{
         "paymentConfirmation":"CONFIRM_AT_PROVIDER"
      },
      "returnUrl":"Https://test.com"
   },
   "order":{
      "amount":"4.20",
      "currency":"USD"
   },
   "sourceOfFunds":{
      "type":"PAYPAL"
   }
}

Choosing When to Confirm the Payment

With both Checkout with PayPal and Pay with PayPal checkout flows, you can choose to display a "Pay Now" button or a "Continue" button at PayPal.

The "Pay Now" button allows the payer to confirm the payment at PayPal before being redirected back to your site. This option allows you to provide a faster checkout experience to the payer as the payer completes the payment at PayPal.

The "Continue" button allows the payer to be redirected to your site to confirm the payment after viewing all the order details. This option allows you to change the order if necessary before accepting the payment (for example, adding shipping and handling charges based on the address returned from PayPal). Or, you can include other checkout steps, for example, upselling on your Confirm Order page.

See Payment Confirmation below for details on how to implement this in your PayPal integration.

Choosing How to Collect the Shipping Address

Depending on the checkout flow, Checkout with PayPal or Pay with PayPal, you may choose to collect the payer's shipping address on your site or at PayPal respectively. By default, PayPal collects the shipping address from the payer at PayPal, which the payer can add or edit, if necessary. You can choose not to display the shipping address and/or disable edits. See Display/Override Shipping Address below for information on how to implement this in your PayPal integration.

PayPal Integration

PayPal as a Checkout Option in Hosted Checkout

If you are using the Mastercard Payment Gateway payment page (Hosted Checkout) PayPal will automatically be offered as a checkout option to your payers if your payment service provider has configured the PayPal acquirer link on your merchant profile. For details, see Browser Payments via Hosted Checkout Integration.

If you are using API version 50-59 to submit the Create Checkout Session request, the payer will be redirected from your site to PayPal to log in and complete the payment details.

PayPal as a Checkout Option on your Payment Page

You can add PayPal as a checkout option on your payment page if you are integrated to API version 50 or above. You must submit the Initiate Browser Payment request from your server-side application to initiate the PayPal interaction.

The payer is redirected from your site to PayPal to log in and complete the payment details. For details, see PayPal via Direct Payment.

PayPal via Direct Payment

The following fields in the Initiate Browser Payment request are either specific to PayPal or have a specific usage in the PayPal integration. For other details, see Browser Payments via Direct Payment Integration.

sourceOfFunds.type = PAYPAL
browserPayment.operation = AUTHORIZE or PAY

With PayPal, funds can be held for 3 days (honor period) from the time the authorization occurred. If you still wish to capture the funds after 3 days, you can use the Update Authorization operation or initiate via Merchant Administration.

By default, your PayPal merchant account is configured for single captures only. If you wish to change the configuration to support multiple captures, please contact PayPal.

Operation Field API Reference [REST][NVP]
browserPayment.paypal.paymentConfirmation
When initiating a PayPal payment, you must specify if you want the payer to confirm the payment at PayPal or your site.

Payment Confirmation Field API Reference [REST][NVP]

If confirming at the provider (PayPal), the PayPal displays a "Pay Now" button, which allows the payer to confirm the payment at PayPal before being redirected to your site. You must submit a Retrieve Transaction request to the Mastercard Payment Gateway to determine the success or otherwise of the payment.

If confirming on your site, the PayPal displays a "Continue" button, which allows the payer to be redirected to your site where the payer can confirm the payment. You must send a Retrieve Transaction request to the gateway to retrieve details on whether the payer has continued with the payment or not. If the payer continues with the payment on your site, you need to send a Confirm Browser Payment call to confirm the payment with PayPal. The Confirm Browser Payment response will contain information about the success or otherwise of the payment.

Confirm Browser Payment API Reference [REST][NVP]

In both cases, if the payment is successful the Retrieve Transaction returns:
- the email address on the payer's PayPal account
- the account holder name on the payer's PayPal account
- the shipping address details
Example Request
```
     {
        "apiOperation":"CONFIRM_BROWSER_PAYMENT",
        "order":{
           "amount":"4.20",
           "currency":"USD"
        }
     }
              
```

[Optional] Display/Override Shipping Address

You can manage how the payer provides you a shipping address using two fields:

browserPayment.paypal.displayShippingAddress — when set to true (default), the shipping address is displayed at PayPal.
Display Shipping Address Field API Reference [REST][NVP]
browserPayment.paypal.overrideShippingAddress — when set to true (default), the payer can change the shipping address at PayPal.
Override Shipping Address Field API Reference [REST][NVP]

By default, PayPal collects the shipping address from the payer at PayPal for you. If you choose to collect the shipping address from the payer on your site, and you do not want PayPal to display the shipping address to the payer, you must set browserPayment.paypal.displayShippingAddress to false. This also applies when a shipping address is not required for an order (for example, digital products only).

The gateway will always return the shipping address in the Retrieve Transaction response if the address was supplied in the Initiate Browser Payment request or if browserPayment.paypal.displayShippingAddress is set to true.

See table below for the various scenarios that may be applicable to your integration. You can choose a different scenario for each payment.

Initiate Browser Payment					PayPal
Display Shipping Address	Override Shipping Address	Is the Shipping Address required?	Is the Shipping Address supplied?	Is the Shipping Address valid?	Is the Shipping Address displayed to payer?	Source of the displayed Shipping Address	Can the payer change the Shipping Address?
true (default)	true (default)	optional	no	NA	yes	PayPal collects the shipping address.	yes
true (default)	true (default)	optional	yes	yes	yes	PayPal displays the shipping address you provide in the request at PayPal.	yes
true (default)	true (default)	optional	yes	no	yes	PayPal ignores the shipping address you provide in the request instead collects the shipping address at PayPal.	yes
true (default)	false	required	yes	yes	yes	PayPal displays the shipping address you provide in the request at PayPal.	no
true (default)	false	required	yes	no	no	PayPal rejects the request.	Not applicable
false	Not applicable	Not applicable	yes	yes	no	PayPal ignores the shipping address you provide in the request.	no
false	Not applicable	Not applicable	Not applicable	Not applicable	no	PayPal does not have a shipping address to display.	Not applicable

For all scenarios, you should use the shipping address returned in the transaction response in case the shipping address was changed by the payer at PayPal. Please note that PayPal validates city, state, ZIP code combinations for U.S. shipping addresses.

[Optional] Line Item Details

You can specify line item details in the Initiate Browser Payment request to provide payers with all the order details before they confirm the payment. Consumer research shows that more buyers complete purchases when they see the individual items and other details of an order during PayPal checkout. Hence, it's recommended that you provide order information when you initiate a PayPal checkout to encourage payers to continue with the payment rather than dropping out.

Line items are considered provided if the item name or unit price is specified. For more information on line item details, see Line Item Data.

How to Interpret the Transaction Result

The table below shows the transaction response codes for the possible scenarios you may encounter after initiating a browser payment.

Initiate Browser Payment Response	What This Means...
`response.gatewayCode=SUBMITTED` `result=SUCCESS`	Redirect the payer using the URL provided in the response.
`response.gatewayCode=SUBMITTED` `result=FAILURE or PENDING or UNKNOWN`	Submit another `INITIATE_BROWSER_PAYMENT` request.
Retrieve Transaction/Retrieve Order Response	What This Means...
`response.gatewayCode=APPROVED` `result=SUCCESS`	The payment is successful.
`response.gatewayCode=PENDING` `result=PENDING`	The payment is pending a review in the PayPal system. See Pending Payments.
`response.gatewayCode=CANCELLED` `result=FAILURE`	The payer has cancelled the interaction for this payment. Offer the payer the option to try another payment method.
`response.gatewayCode=DECLINED or INSUFFICIENT_FUNDS or NOT_SUPPORTED` `result=FAILURE`	The payment was declined by PayPal.
`response.gatewayCode=ACQUIRER_SYSTEM_ERROR` `result=FAILURE`	The acquirer was unable to process the transaction. You may want to inquire with the acquirer the reason for payment failure, or you can try `RETRIEVE_TRANSACTION` again. Or, you can offer the payer the option to try another payment method.
`response.gatewayCode=SYSTEM_ERROR` `result=FAILURE`	The gateway was unable to process the transaction.
`response.gatewayCode=TIMED_OUT` `result=FAILURE`	The interaction between the payer and the PayPal system was not successfully completed, for example, the gateway did not receive a redirect of the payer's browser from the merchant within 24 hours or the gateway was unable to retrieve the interaction details between the payer and the PayPal system hence the payment is incomplete.
`response.gatewayCode=UNKNOWN` `result=UNKNOWN`	The gateway was unable to find out about the success or otherwise of the payment.

Authorization Updates

You can update authorization honor period and/or increment authorization amounts for valid PayPal authorization transactions using the Update Authorization operation or via Merchant Administration. To allow this, you must have the "Update Authorization" privilege enabled on your merchant profile by your payment service provider. For more information, see Update Authorization.

It is recommended that you update an authorization after the initial 3 days (honor period) to ensure that funds are still available. A reauthorized payment has a new 3-day honor period. The 3-day honor period can be updated at most once within the 29-day validity period.

You can update an authorization once for up to a maximum of 115% or USD $75 of the originally authorized amount.

Captures, Refunds, and Voids

For PayPal payments, you can capture the authorized amount in part or in full of the originally authorized amount using the Capture operation or via Merchant Administration.

You can refund payments processed via PayPal in part or in full for Pay and Capture transactions. You can submit Refund requests using the Refund operation or using Merchant Administration.

You can void any open authorization transaction if capture attempts have failed or you can void a Pay transaction to cancel the payment. You can submit a void request using the Void operation or via Merchant Administration.

Pending Payments

The gateway may return a status of PENDING in the transaction response. For example, if the transaction is currently under risk assessment at PayPal. If the status is pending and if you have configured your own fraud management filters, you should log on to your PayPal business account and review the payment. PayPal will notify the gateway when the status of a pending transaction is updated by PayPal.

If you do not wish to review and would like to decline the pending payments, you can initiate a refund. You can retrieve the result of the updated transaction using the Retrieve Transaction operation.

Billing Agreement and Recurring Payments

Using Checkout with PayPal or Pay with PayPal, you can set up a billing agreement for a payer, which allows you to initiate a reference transaction (subscription/recurring or on-demand payments) against this billing agreement without additional consent from the payer. For more information, see Billing Agreement and Recurring Payments.

Configure your PayPal Integration

This section describes how to configure your PayPal integration with the Mastercard Payment Gateway. Once you have created the PayPal account, provide the account details (PayPal Account ID) to your payment service provider to enable them to set up your merchant profile on the gateway for PayPal.

MSOs can configure multiple acquirer links for you through the Merchant Manager portal, in the Acquirer Link Details section.

To process transactions through PayPal, you must log in to Merchant Administration and grant permissions to the Mastercard Payment Gateway for the specific API calls that the Mastercard Payment Gateway must make on your behalf.

Once you are on the PayPal Configuration page, you can see the PayPal merchant acquirer links that the MSO has configured for you. If the third-party permission is not granted for any acquirer link, the Account ID field will be empty.

For new PayPal account

To grant third-party permissions for the PayPal APIs with a new email account:

To grant the third-party permission for a specific acquirer link, select Enable.
Enter the required details on the PayPal sandbox page, and then select Next.
Enter the required details, and then select the User Agreement, Privacy Statement checkboxes.
Select the TNS Company’s Test Store checkbox.
Select Agree and Create Account.
Enter the business-related information, and then click Next.
Enter the user-related information, and then click Submit.
The sign-up confirmation page displays the instructions to activate your PayPal account.
Activate your PayPal account as per the instructions sent to the email address that you have entered at the time of sign up.
Select Go back to TNS Company’s Test Store.
The third-party permissions required for the specific PayPal acquirer link are granted. The status gets enabled and the PayPal Account ID is displayed.
To revoke the third-party permission, select Disable and to update any information, select Update.
Due to any issue if the third party permission fails, an error message is displayed.

For registered PayPal account

To grant third-party permissions for the PayPal APIs with a registered email account:

To grant the third-party permission for a specific acquirer link, select Enable
Enter the required details on the PayPal sandbox page, and then select Next.
Enter your credentials, and then select Log In.
You have successfully signed up and integrated PayPal with the TNS company’s Test Store.
Select Go Back to TNS Company’s Test Store.
The third-party permissions required for the specific PayPal acquirer link are granted. The status gets enabled and the PayPal Account ID is displayed.
To revoke the third-party permission, select Disable and to update any information, select Update.
Due to any issue if the third party permission fails, an error message is displayed.

Enhanced Seller Protection

You can submit additional payer data in the Initiate Browser Payment and in the subsequent Pay or Authorize requests after performing Tokenize Browser Payment to allow PayPal to perform risk assessment of the transaction before the transaction is processed.

The data in the following fields is used by PayPal to perform a pre-transaction risk management evaluation:

device.fingerprint: A unique identifier for the device that can be generated using the PayPal FraudNet Javascript library. This allows PayPal to perform risk assessment of the transaction.
risk.custom: You can provide additional data about the payment in this field. You must have an agreement with PayPal about the values you wish to provide. For example, risk.custom.headOfficeLocation=London UK.
sourceOfFunds.token: The token Id that identifies the billing agreement details (as received from PayPal) on the gateway. You can use this token Id for one-time and recurring payments. For more information, see Billing Agreement and Recurring Payments.

Excessive Refund

Excessive Refunds must be enabled at the PayPal site. You can capture the excess authorised amount either through the Capture request or the Merchant Administration.

An excess capture of up to 115% of the original authorized transaction is allowed. You can refund the excess payments processed via PayPal for the Pay and the Capture transactions.

You can submit the Refund requests either through the Refund operation or Merchant Administration.

For excess refund, include the amount that is in excess of the original transaction amount. To refund in excess of the captured amount, ensure that you are enabled for excessive refunds on your PayPal merchant profile.

If your PayPal profile is enabled for excessive refunds then ensure to configure your Mastercard Payment Gateway merchant profile for the same.

Security Best Practices for PayPal Integrations

For information on security best practices, click here.

Testing Your Integration

The Mastercard Payment Gateway provides a PayPal simulator that allows you to test your integration for using the PayPal functionality via the gateway.

After you are onboarded, the PayPal sandbox ID is set to a dummy value so that you can test your integration with your test profile. Once your third-party permission is granted, the dummy value will get replaced with the actual PayPal account ID.