B2B Mobile Transaction API FAQ
This FAQ addresses some of the most common questions PayPal White Label Wallet (WLW) mobile SDK merchants have as they plan their transition to the B2B API app implementation. This page will continue to compile an ongoing collection of answers as they come up throughout the transition period.
Q: Why did you discontinue PayPal's WLW mobile SDK?
A: The B2B Mobile Integration API is a more streamlined server-side architecture favored by the emerging mobile payments industry.
- Allows for faster adoption of new features without SDK upgrade.
- Eliminates dependency on PayPal for OS support and regression testing for a comprehensive suite of features potentially not implemented by individual business processes.
- Minimizes app size and complexity.
- Aligns all integration entry to the PayPal WLW platform with a consistent model.
- Affords device agnostic integration with the PayPal WLW platform.
Q: What work will be required to migrate from the mobile SDK to B2B APIs?
A: The work needed to complete the transition is best presented in three categories, each of which is described in more detail in the B2B Mobile Transaction API Migration Process page of this kit.
- Configure App Server
- Refactor Mobile Apps
- Identity Management
Q: What functionality will I lose and what do I need to implement myself now?
A: The PayPal platform is strictly managing the transaction lifecycle, so all user authentication, device identification, offer presentation and usage, loyalty subscription and activity, and remote order management are handled by and at the discretion of the merchant. For a complete list of WLW mobile SDK operations and their role in a B2B implementation, see the WLW Mobile SDK Method Matrix.
Q: Am I (the merchant) now in scope for PCI compliance?
A: That depends on whether your app server will ultimately transmit and/or vault cardholder data. There are a few options for mitigating cardholder data exposure and, thus, PCI scope, but each merchant will have to evaluate the advantages and disadvantages independently. See our PCI compliance guidelines for more information.
Q: Does PayPal still need to certify my app before it goes to the app store?
A: Yes, but we’ve updated our certification process to better fit the server-side model. For example, a mobile app security pen test is still strongly recommended but no longer a hard requirement. Your PayPal WLW client delivery manager will provide a new test plan and certification checklist.
Q: What API calls do we have to make in the B2B world?
A: The PayPal WLW project team will provide a Solution Design Document (SDD) that outlines all the operations relevant to your implementation and sequence diagrams that outline all the calls within each function. Refer to the WLW Mobile SDK Methods Matrix for a list of SDK methods and their role in the server-side implementation, or the B2B Mobile Transaction API Guide for the complete API documentation.
Q: When will the PayPal WLW mobile SDKs no longer work?
A: An official product announcement will be made in Q4 2018 with more specific information, but PayPal anticipates suspending support for the WLW mobile SDKs by the end of 2019.
Q: What if I do not update my app to the server-side architecture?
A: Your app will continue to function using the PayPal WLW mobile SDK until support is formally suspended, and PayPal will work with you to make sure your app is ready. If you choose not to move to the new model, once the SDKs are removed from the platform, all calls from your app will fail.
Q: What happens to all of my existing users?
A: That depends on what your existing IDP / user-authentication model looks like today. If you already manage user authentication through an external IDP and SSO registration, your user repository will remain unchanged and changes to your authentication model will be nominal. If you’re leveraging a federated identity solution through the WLW platform, or if the WLW platform is serving as the IDP for users, some work will be required. Your PayPal WLW client delivery manager will help devise a solution strategy.