| 12:48 pm on Sep 29, 2011 (gmt 0)|
Welcome to WebmasterWorld!
Unfortunately, I don't have a solution for you. It's something that happens. But I expect a few of the more seasoned online sales vets might have something more to offer.
| 3:44 pm on Oct 1, 2011 (gmt 0)|
|and most of the successful transactions come back with AVSCODE of N, which should have caused the transaction to fail. |
That means the transaction should been declined from your cart code and you need to fix the code.
N is documented from Paypal "The transaction is declined"
| 10:21 am on Oct 3, 2011 (gmt 0)|
we were displaying a failure code, but we were also getting
<ACK>Success</ACK>, and the transaction was processed on the paypal end.
| 12:45 pm on Oct 3, 2011 (gmt 0)|
In the response array you should be checking the AVSCODE and CVV2MATCH fields also.
And what was the setting of PaymentAction? Just make sure it is "authorization" and not "sale" because it seems you set it up to make it the whole capture automatic and could be the reason.
| 12:58 pm on Oct 3, 2011 (gmt 0)|
we are using payment type "Sale" in our doDirectPayment call, from the link provided we are using:
"During a traditional sale at PayPal, the authorization and capture action is completed simultaneously"
the AVSCODE is N, and CVV2MATCH is M
It was our understanding that doing the authorization and capture method, if the transaction was rejected for any reason the funds would not be transferred and we would get an ACK of Failure
Thank you for your help
| 2:15 pm on Oct 3, 2011 (gmt 0)|
Yes some of the specs do not clarify the paymentaction enough and can be incorrectly set. Typically I will set it to authorization unless I am 100% sure buyers are legit.
| 2:48 pm on Oct 3, 2011 (gmt 0)|
thank you, so you will set to authorize, then if everything comes back looking good you then capture the funds?
| 3:18 pm on Oct 3, 2011 (gmt 0)|
yes there should be an option via the paypal cpanel to review the transactions.
| 3:49 pm on Oct 3, 2011 (gmt 0)|
thank you for your help. should paypal re-activate our account we will follow your recommendation.
| 4:37 pm on Oct 3, 2011 (gmt 0)|
Plus, you should look into blocking the IP address or a range where the transaction is originated from.