How Micro ISVs Can Integrate With PayPal

I came across a question in a forum asking how to deliver license keys to a customer as soon as a payment is made through PayPal. I know that PayPal has the facility to send a user back to a page of your choice after the payment is made. So, I did a bit more research and found that there is a facility called PDT (Payment Data Transfer). Here is how it works. As soon as a payment is made, the transaction id of that payment is returned back to the call back URL on your website where you can give a confirmation message to the user. This call back URL can be a dynamic page (cgi script) that takes the transaction id, makes a call to PayPal and gets additional information about the transaction. The response payload contains, among other things, the name of the customer which can be used to create a custom message and even embed the name into the license keys. But the main purpose of calling Paypal with the transaction id is to ensure that it’s a valid transaction (you don’t want someone faking a transaction id just to get a license). Assuming that the transaction is verified with Paypal, you can just create a license on the fly or a standard license key (depending on how sophisticated your licensing software is) and bundle it along with the rest of the software and just provide a download link. Make sure to keep track of the transaction id and the timing along with the license key id so that you don’t keep regenerating new licenses just in case the customer refreshes the browser a couple of times. Infact, just redirect the original call back page that contains the transaction id so that the user doesn’t even get to see it (I know, such things are not hacker-proof, but doesn’t harm doing it). In addition to giving the same license for a given transaction, make sure to expire a transaction id. If you want to be very cautious, you can just let only one download to happen for a given transaction, but with the internet not working sometimes and what not, it may be a safe bet to let the software downloaded any number of times (but with the same license key for a given transaction) within X minutes (where X is dependent on how big your download file is, the bigger it is, the more time you might want to give just in case the customer’s network is not working properly to download a larger file).

Leave a comment

Filed under license management, mISV, PayPal

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s