PayPal Introduces Open API

m2pc writes "PayPal has just announced the availability of their Open API under the 'PayPal X Program.' This enables developers to integrate PayPal payment processing services without forcing users to redirect to PayPal's website to enter payment information. This new initiative is designed to allow the company to better compete with the likes of Google and Amazon, which offer similar services. I wonder how much they paid for their domain: x.com?"

Re:one-letter domain?

[Anonymous Coward]

You were wrong. http://en.wikipedia.org/wiki/Single-letter_second-level_domains [wikipedia.org]

Paypal was originally x.com

[SashaMan]

Paypal has owned the x.com domain since before they were paypal (check wikipedia), so while x.com probably wasn't super cheap back in 1999, it's not like they just purchased it.

Re:one-letter domain?

[onefriedrice]

Wrong. One-letter domains were never made available by ICANN except for just a few exceptions made because of trademark issues: q.com for qwest, x.org for the former Open Group and a few others, including (obviously) x.com, though I don't remember who was the original owner of that one.

x.com

[JoeF]

They didn't pay anything for x.com. They were x.com originally.

Re:one-letter domain?

[sopssa]

PayPal has always owned it:

The current incarnation of PayPal is the result of a March 2000 merger between Confinity and X.com. X.com was founded by Elon Musk in March 1999, initially as an Internet financial services company. Both Confinity and X.com launched their websites in late 1999.

http://en.wikipedia.org/wiki/PayPal [wikipedia.org]

Re:Bummer!

[nametaken]

You're kidding, right? Did you just call PayPal a reputable company? You clearly haven't had an account seized for no particular reason... or the various other nefarious shit they're known for.

Re:redirect is better

[Anonymous Coward]

Sort of off topic, but something that might interest you if you haven't seen it before is a feature Citi offers with their credit cards called virtual account numbers [citicards.com]. Basically, it allows you to generate different numbers that point back to your real account and are only good for one use. You can also limit the amount of time they're active as well as put a cap on how much money can be drawn from it. Pretty cool.

Re:As a representative of one burned by PayPal

[Have Brain Will Rent]

In Canada there is Interac where you can send money by email - I assume there is something similar in the US. An Interac transfer is as good as a wire transfer - i.e. when the money gets to your account it is yours period. There is also HyperWallet which is popular with the credit unions and some other institutions.

Re:This is a bad idea because...

[gravyface]

I have a newsflash for you Walter Cronkite: users wouldn't know the difference between ebay.com and ebay.ha.ha.pwned.com if it had an eBay logo on it.

Re:As a Developer

[nacturation]

Why on earth would I want to add the burden of handling and protecting sensitive financial information when I can just send the user to a website they are familiar with to complete the transaction? No credit card numbers in my DB to steal, added trust for the user - this API seems like fail-fail.

If you're storing credit card numbers, you're doing it wrong. Here's how it should happen:

• Your payment page is SSL secured and people enter their CC details
• Your web server sends it through an SSL-secured API to PayPal
• PayPal responds with the result
• Your web server does or doesn't approve the order as appropriate (this is the ??? step)
• Profit!

The only storage of sensitive information that goes on is inside the server's RAM and it gets discarded from RAM once the transaction concludes.

Re:one-letter domain?

[eulernet]

Archive.org has the whole history of the site:
http://web.archive.org/web/*/http://www.x.com [archive.org]

Before 2000, it was owned by Rob Walker, then purchased by a company named x.com, which became Paypal:
http://web.archive.org/web/20000520015239/http://www.x.com/ [archive.org]