Insecure payment processing using paypal Commerce.Autor: Amy W.
Due to development issues Incomedia couldn’t solve, I was left unable to accept card payments on my v16 website. As I was beginning the search for a new website solution, Incomedia brought out the new version with PayPal Commerce and I took a leap, upgraded to the new version so I could again, accept card payments on my website.
I have set up the PayPal commerce on my website this morning, it was easy and straight away I could accept card payments however, I have soon realised a big problem. PayPal do not receive shipping information entered on the website along with the card details entered. PayPal therefore, only tell me if the card CVV2 is a match. They can not tell me if the address is a match.
If I ship an item which does not have a matching shipping address, a chargeback can easily be initiated and the money from that transaction will be refunded back to the card used for payment. At this point I will have lost both the money and the item.
I have spent over an hour on the phone to PayPal this morning who fully understand that this is not secure payment method for website orders and they consulted the dedicated PayPal Developer Team for me. The PayPal Developer Team have advised me that the developers (Incomedia) have in fact used the incorrect button. Incomedia have set up the PayPal Commerce direct payments as an instore transaction purchase, not a website transaction which requires shipping.
I am not happy with this payment method as it is. I do not want to ship orders which potentially are fraudulent transactions and will therefore not be using PayPal Commerce through Website X5, until it is integrated correctly by Incomedia.
Are Incomedia aware of this problem? Do Incomedia intend to change this or is this not possible for Incomedia to achieve?