Introducing Website Payments Pro

Important: Website Payments Pro differs from PayPal Payments Pro. See the PayPal Payments Pro / Payflow documentation for Payflow integration information.


This guide includes the following pages:

You can accept credit and debit cards and PayPal payments directly on your website using 2 API-based solutions: Direct Payment and Express Checkout. You must integrate with both Direct Payment and Express Checkout to use Website Payments Pro.

Additional PayPal developer documentation includes the following:

Website Payments Pro Overview

Website Payments Pro includes Direct Payment, Express Checkout, and additional PayPal solutions and tools, such as Virtual Terminal, Fraud Management Filters, and reference transactions.

  • Direct Payment enables you to accept both debit and credit cards directly from your site.
  • Express Checkout enables you to accept payments from PayPal accounts in addition to debit and credit cards.

The following diagram shows the relationship between Direct Payment and Express Checkout to a buyer.

  1. From your shopping cart, a buyer can either checkout with Express Checkout, starting from the Checkout with PayPal button on your Shopping Cart page, or pay directly by credit or debit card using Direct Payment.

  2. If a buyer pays using Express Checkout, PayPal provides a checkout experience that streamlines checkout. Even if buyers do not pay using Express Checkout, they can still pay by credit or debit card using Direct Payment. In this case, buyers might need to enter payment, billing, and shipping information. In both cases, buyers can stay on your website or are sent to the page of your choice.

  3. You must implement both an Express Checkout flow and a Direct Payment flow to use Website Payments Pro. You implement the Express Checkout flow by calling PayPal's Express Checkout API operations, which guides a buyer through the checkout process. You implement the Direct Payment flow using your own code, for which PayPal provides an API operation to process the credit or debit card payment.

Note: Purchases through Direct Payment are not covered by the PayPal Seller Protection Policy.

Additional Features of Website Payments Pro

Website Payments Pro consists of APIs for accepting credit card, debit card, and PayPal payments; these payments can be immediate or authorized for later capture; they can also be recurring payments. Website Payments Pro also includes standalone applications for accepting payments.

In addition, Website Payments Pro includes Fraud Management Filters for automatic review and management of risk.

Settlements and Captured Payments

Often, you accept a payment and ship goods immediately, which is referred to as a sale transaction. In addition to immediate payments, Direct Payment and Express Checkout both allow you to authorize payments to be captured later, which is referred to as an authorization. An authorization is useful, for example, when you want to reserve a buyer's funds pending the shipment of goods; the actual payment is captured when the goods are shipped. An authorization can be reauthorized one time if necessary; for example, when you are unable to ship within 3 days of the authorization.

Express Checkout provides an additional option, called an order, which you use when a single authorization is insufficient. You can create multiple authorizations and capture them as part of the same order. This would be useful, for example, when an order is split into multiple shipments and you need to capture a payment each time part of the order is shipped.

Verifying a Card Without Purchase

PayPal supports card verifications also referred to as authorizations without purchase or $0 Auths. This feature is used to verify that a cardholder’s account is in good standing without processing a purchase transaction or applying a card authorization. MasterCard and Visa card verifications are available for the majority of currencies. American Express and Discover card verifications are only supported in the US for USD transactions. The card issuer should decline invalid cards or those reported as lost or stolen. Also, AVS and CID/CVV results (based on an optional three or four digit security code on the back of the card, which varies by card and country) are returned where supported by the card issuer. However, American Express does not return CID results on card verification transactions. To validate CID results, use $1 Auth transactions.

The DoDirectPayment API operation accepts an authorization in the amount of zero for card verification purposes. However, no authorization or hold is placed on the card holder’s account, and the transaction does not appear on the card holder’s statement. Also, unlike typical authorizations which require settlement and capture, card verifications are considered completed immediately. The transaction History page lists card verifications as authorization transactions with a zero amount and with a Completed status. Re-authorizations as well as capture and void attempts on card verification transactions are not permitted and will return an error.

Merchants who offer free trial periods, or plan to bill the first installment of a recurring payment at a later date, can mitigate loss by using this feature. This feature allows merchants to verify a card before saving the card information and creating the buyer's recurring payments profile. Other merchants who only need to charge the card holder one time after a successful card verification can process a reference transaction.

Merchants using the Instant Payment Notification service should receive transaction notifications for card verifications. Also, similar to other transaction types, the GetTransactionDetails and TransactionSearch API operations can be used to retrieve information on card verifications.

The card networks discourage the use of $1 authorizations as a method of verifying card status. The rule is that you should only authorize amounts greater than zero on transactions that you intend to capture.

Per transaction fees will apply for card verifications, and there is no percentage or discount rate fee associated with these transactions. For fee information:

  • Go to the PayPal Merchant Fees page.
  • In the Accept Credit Cards + PayPal section, expand View all discounts and fees.
  • Scroll to view the per transaction fee for Card Verification Transactions.

See integration details.

Recurring Payments

You can support recurring payments to manage subscriptions and other payments on a fixed schedule. Direct Payment and Express Checkout both process recurring payments.

When you support recurring payments for a buyer, you create a recurring payments profile. The profile contains information about the recurring payments, including details for an optional trial period and a regular payment period. Both periods contain information about the payment frequency and payment amounts, including shipping and tax, if applicable.

After creating a profile, PayPal automatically queues payments based on the billing start date, billing frequency, and billing amount. Payments reoccur until the profile expires, there are too many failed payments to continue, or you cancel the profile.

Permission to allow recurring payments is established by the buyer setting up a billing agreement with the merchant on PayPal. For Express Checkout, the billing agreement can be established either in advance or when the buyer first makes a purchase; in either case, it occurs when you call Express Checkout API operations. For direct payment, it occurs when you make an explicit call to set up the billing agreement.

Recurring payments using reference transactions is an alternative, which enables you to handle payments for varying amounts of money on a varying schedule. A reference transaction is a financial transaction from which subsequent transactions can be derived; for example, a buyer can make a purchase on your site and the PayPal transaction ID, called a reference transaction ID, can later be used to initiate another transaction.

Merchants who offer free trial periods and recurring payments may find it worthwhile to use the card verification feature to verify the buyer's card, as a potential loss mitigation tool, prior to extending their services. This feature also allows merchants to verify the buyer's card before saving the card information and creating the buyer's profile.

Note: The use of recurring payments with direct payment may incur additional fees.

See Recurring Payments with Direct Payment for more information.

Virtual Terminal

PayPal's Virtual Terminal is a web-based application that allows you to accept credit card payments. It is available to merchants in the United States, Canada, France, and the United Kingdom. Virtual Terminal provides your business with the functionality similar to a stand-alone credit card-processing terminal. Virtual Terminal is ideal when you receive orders by phone, fax, or by mail and want to accept credit cards. An optional card reader is available to process face-to-face purchases; however, some restrictions apply. You can use Virtual Terminal on any computer with an internet connection and a web browser.

For more information about Virtual Terminal, see Virtual Terminal Users Guide.

Hosted Solution

Hosted Solution, which is available to merchants in the United Kingdom as part of Website Payments Pro, is a fast and easy way to add transaction processing to your website. It is a secure, PayPal-hosted, web-based payment solution that allows you to securely send your buyers to PayPal's payment page to authorize and process transactions. Buyers pay with a debit or credit card, or their PayPal account. You do not have to capture or store credit card information on your website, thereby helping towards achieving PCI compliance. Hosted Solution is the choice for merchants who prefer a solution where all financial details are handled by PayPal.

For more information about Hosted Solution for UK merchants, see Website Payments Pro Hosted Solution Integration Guide.

Fraud Management Filters

Fraud Management Filters (FMF) provide you filters that identify potentially fraudulent transactions. There are 2 categories of filters:

  • Basic filters screen against data such as the country of origin and the value of transactions. PayPal provides basic filters for Business accounts and Website Payments Pro accounts.

  • Advanced filters screen data such as credit card and addresses information, lists of high-risk indicators, and additional transaction characteristics. Website Payments Pro merchants can upgrade to use these filters.

    Note: Using advanced filters might incur additional charges.

For more information about Fraud Management Filters, see Fraud Management Filters

Event Notification

In most cases you can use the GetTransactionDetails API operation to determine the information you need about a transaction. However, there may be some cases in which you must set up Instant Payment Notifications (IPN); for example, when you need automatic notification about actions, such as disputes and their resolution.

IPN is a message service that PayPal uses to notify you about events, such as:

  • Instant payments, including Express Checkout, Adaptive Payments, and direct credit card payments, and authorizations, which indicate a sale whose payment has not yet been collected
  • eCheck payments and associated status, such as pending, completed, or denied, and payments pending for other reasons, such as those being reviewed for potential fraud
  • Recurring payment and subscription actions
  • Chargebacks, disputes, reversals, and refunds associated with a transaction

For more information about IPN, see the Instant Payment Notification Guide

Website Payments Pro API Operations

For introductory information about the PayPal name-value pair (NVP) or SOAP APIs, see the following overview pages:

The PayPal API supports a range of functions related to payment processing. Though most API operations support both Direct Payment and Express Checkout, some are specific to Direct Payment (direct credit card payments on your website) and others are specific to Express Checkout (redirecting buyers to a PayPal checkout experience). All of the following API operations are available for both NVP and SOAP integrations.

PayPal API Operation Description
Direct Payment core API operations: (Direct Payment only)
DoDirectPayment Process a credit card payment, such as a sale or authorization.
DoNonReferencedCredit Issue a credit to a card not referenced by the original transaction.
Note: Contact PayPal to use this API operation; in most cases, you should use the RefundTransaction API operation instead.
Express Checkout core API operations: (Express Checkout only)
SetExpressCheckout Initiates an Express Checkout transaction.
GetExpressCheckoutDetails Obtain information about an Express Checkout transaction.
DoExpressCheckoutPayment Completes an Express Checkout transaction.
Common API operations:
GetTransactionDetails Obtain information about a specific transaction.
ManagePendingTransactionStatus Accept or deny a pending transaction held by Fraud Management Filters.
RefundTransaction Issue a refund to the PayPal account holder associated with a transaction.
TransactionSearch Search transaction history for transactions that meet the specified criteria.
Authorization and Capture API operations:
DoCapture Capture an authorized payment.
DoAuthorization Authorize a payment. (Express Checkout only)
DoReauthorization Reauthorize a previously authorized payment.
DoVoid Void an order or an authorization.
Recurring Payment API operations:
CreateRecurringPaymentsProfile Create a recurring payments profile.
GetRecurringPaymentsProfileDetails Obtain information about a recurring payments profile.
ManageRecurringPaymentsProfileStatus Cancel, suspend, or reactivate a recurring payments profile.
BillOutstandingAmount Bill the buyer for the outstanding balance associated with a recurring payments profile.
UpdateRecurringPaymentsProfile Update a recurring payments profile.
DoReferenceTransaction Process a payment from a buyer's account, which is identified by a previous transaction.
Recurring Payment Billing Agreement API operations: (Express Checkout only)
BAUpdate Update or delete a billing agreement.
GetBillingAgreementCustomerDetails Obtain information about a billing agreement's PayPal account holder.
SetCustomerBillingAgreement Initiates the creation of a billing agreement.
Other Express Checkout API operations: (Express Checkout only)
AddressVerify Confirms whether a postal address and postal code match those of the specified PayPal account holder. (Express Checkout only)
Callback Define the shipping and handling parameters associated with Express Checkout.
GetBalance Obtain the available balance for a PayPal account. (Express Checkout only)
GetPalDetails Obtain your Pal ID, which is the PayPal-assigned merchant account number, and other information about your account.
MassPay Make a payment to one or more PayPal account holders.

Note: If you use the Payflow API to process transactions with PayPal as your internet merchant account, see the Payflow Gateway Developer Guide and Reference.

Regional Differences

Website Payments Pro is available in the United States, Canada and the United Kingdom. Minor regional differences include the kinds of credit cards accepted and address information. For the most part, this solution works exactly the same in each of these countries. This means that to integrate Website Payments Pro, UK and Canadian merchants can use the same information as US merchants. There are a few minor differences, however, that Canadian and UK merchants should note before they start to integrate.

The following sections identify regional differences:

Major Credit Cards Supported

PayPal accepts buyer credit cards issued in any country. For information on the major credit cards accepted in your country, see major credit cards accepted.

Note: For direct payment only, American Express restricts direct card acceptance merchants in certain business categories. Merchants are required to accept the American Express Card Acceptance agreement in order to process American Express cards directly.

Major Currencies Supported

Direct Payment, like other PayPal products, offers multi-currency functionality. See supported major credit cards and currencies for details.


  • For Canada, specify the province code in the State field.
  • For Great Britain, the State field is ignored; however, you still may need to specify a value in the State field; for example, you can specify the city for both the city and state.

For more information about addresses, see Handling Shipping Addresses.

Direct Payment >>