Hot Comments
- About time! (5 points, Informative) by sackvillian on Tuesday February 09, @09:50AM attached to Call For Scientific Research Code To Be Released
- Re:Be careful using the P2V tool. (5 points, Informative) by klocwerk on Tuesday February 09, @03:41PM attached to The Hidden Treasures of Sysinternals
- W.A.G. (5 points, Insightful) by ipb on Tuesday February 09, @01:17PM attached to How Do You Accurately Estimate Programming Time?
- Re:Surprise (5 points, Insightful) by Anonymous Coward on Tuesday February 09, @04:38PM attached to Microsoft Says Windows 7 Not Killing Batteries
- Re:i'm going to get modded troll... (5 points, Insightful) by shutdown -p now on Tuesday February 09, @10:55AM attached to Space Shuttle Spy Gets 15 Years
6814938
story
Comments: 128 +- IT: PayPal Introduces Open API on Wednesday November 04, @05:11PM
background: url(//a.fsdn.com/sd/topics/topicit.gif); width:75px; height:61px;
it
m2pc writes "PayPal has just announced the availability of their Open API under the 'PayPal X Program.' This enables developers to integrate PayPal payment processing services without forcing users to redirect to PayPal's website to enter payment information. This new initiative is designed to allow the company to better compete with the likes of Google and Amazon, which offer similar services. I wonder how much they paid for their domain: x.com?"
Related Stories
One person's error is another person's data.
All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2010 Geeknet, Inc.
As a Developer (Score:2)
Re:As a Developer (Score:5, Informative)
Why on earth would I want to add the burden of handling and protecting sensitive financial information when I can just send the user to a website they are familiar with to complete the transaction? No credit card numbers in my DB to steal, added trust for the user - this API seems like fail-fail.
If you're storing credit card numbers, you're doing it wrong. Here's how it should happen:
The only storage of sensitive information that goes on is inside the server's RAM and it gets discarded from RAM once the transaction concludes.
Parent
Re:As a Developer (Score:4, Insightful)
Parent
API??? (Score:5, Insightful)
Another Price Increase
Re: (Score:2)
@click2005: "Another Price Increase"
Yep. A pack of gangsters just created some technology. Great.
one-letter domain? (Score:2, Interesting)
Since when are 1-letter second-level domains allowed? I thought it was limited to two letters and up.
Re: (Score:3, Informative)
Re: (Score:3, Interesting)
Re:one-letter domain? (Score:4, Informative)
Parent
Re:one-letter domain? (Score:5, Informative)
PayPal has always owned it:
The current incarnation of PayPal is the result of a March 2000 merger between Confinity and X.com. X.com was founded by Elon Musk in March 1999, initially as an Internet financial services company. Both Confinity and X.com launched their websites in late 1999.
http://en.wikipedia.org/wiki/PayPal [wikipedia.org]
Parent
Re: (Score:2)
PayPal has always owned it:
The current incarnation of PayPal is the result of a March 2000 merger between Confinity and X.com. X.com was founded by Elon Musk in March 1999, initially as an Internet financial services company. Both Confinity and X.com launched their websites in late 1999.
http://en.wikipedia.org/wiki/PayPal [wikipedia.org]
That doesn't add up. According to this [wikipedia.org] article the existing single-letter second-level domains were all registered before 1993, as in 1993 IANA reserved the remaining domains. Originally x.com was owned by Weinstein & DePaolis. Some half assed googling led me to this [depaolis.com], which isn't much. And a quick whois [www.who.is] showed that they also own x.cx, judging by the email used.
Re: (Score:2)
Re:one-letter domain? (Score:5, Funny)
I heard it used to belong to some ridiculous group claiming ufo defense or something.
Parent
Re:one-letter domain? (Score:4, Informative)
Archive.org has the whole history of the site:
http://web.archive.org/web/*/http://www.x.com [archive.org]
Before 2000, it was owned by Rob Walker, then purchased by a company named x.com, which became Paypal:
http://web.archive.org/web/20000520015239/http://www.x.com/ [archive.org]
Parent
Re: (Score:2)
Since ever? X.org [x.org] for example has been around quite awhile.
Re: (Score:3, Funny)
Slashdot already owns /.org but it's a real bitch to get browsers to recognize the URL.
Um...guys.... (Score:4, Interesting)
Re: (Score:2)
Ditto, I also have integrated with that service, so this seems like a non-story, maybe a different rate schedule if anything.
"Website Payments Pro" https://www.paypal.com/uk/cgi-bin/webscr?cmd=_dcc_hub-outside [paypal.com]
Re: (Score:2)
Re:Um...guys.... (Score:4, Interesting)
Parent
Paypal was originally x.com (Score:5, Informative)
Paypal has owned the x.com domain since before they were paypal (check wikipedia), so while x.com probably wasn't super cheap back in 1999, it's not like they just purchased it.
Re: (Score:2)
Re: (Score:2)
I still have my old x.com credit card. It's a great geeky X-Com commemorative, even though it has nothing to do with the game. :-D
Re: (Score:2)
Years ago, I used to go to paypal by going to x.com. It was so much shorted to type and it just redirected for me to paypal.com Then they made it the "labs" site and my shortcut was ruined.
Re:Paypal was originally x.com (Score:4, Interesting)
X.com was one of the companies that merged to form PayPal. They epitomized the bubble "land grab" mentality by giving away free money to attract customers.
I still have a check for $0.01 sent to me (for no obvious reason) by "PayPal's X.com" during the bubble days. It's such a perfect metaphor for the stupidity of that era that I just had to save it and frame it.
Parent
I wonder what PCI implications this will have. (Score:3, Insightful)
A lot of companies expend a great deal of resources in order to conform to PCI-DSS. The need for extensive testing, Web App Firewalls and the like is a pricey and time consuming activities for merchants dealing with PCI. When seasoned developers often forget to mask PANs, I wonder what the novice developer will do. I hope that this service will include some PCI guidelines so small merchants won't get bit in the ass by the certification bug.
redirect is better (Score:5, Insightful)
I personally LIKE the redirect. I LIKE only inputting my credit card/whatnot information to paypal.com directly, instead of some random site that I'm doing a one-time transaction with and will probably never see again.
Re:redirect is better (Score:5, Insightful)
Parent
there is a solution (Score:4, Funny)
We have a site that can ease your mind about such transactions, and we can even alert you to suspicious activity! Kindly provide the following information and our salespeople will get you set up:
Name:
Paypal Username:
Paypal Password:
Social Security Number:
Parent
Re: (Score:2, Informative)
Sort of off topic, but something that might interest you if you haven't seen it before is a feature Citi offers with their credit cards called virtual account numbers [citicards.com]. Basically, it allows you to generate different numbers that point back to your real account and are only good for one use. You can also limit the amount of time they're active as well as put a cap on how much money can be drawn from it. Pretty cool.
Re: (Score:2, Insightful)
+1 post; allowing website owners to directly process user/pass info for PayPal is potentially a dangerous move if all sorts of security audits/nefarious site owners are processing login info. There's definitely potential for abuse because the redirect kept the user/pass separate from the app processing. We implemented SSO handling via CAS because we could train users never to type in their user/pass on any site except for sso.bigcompany.com.
Further, even banks require all sorts of audits if a website is han
Re:redirect is better (Score:4, Insightful)
Not to mention, there'll be a whole host of XSS crap going on so that sites can grab your login information to Paypal from their website. After all, their site has to include the paypal stuff in it, who's to say that "submit" button isn't "send us and paypal your login"?
If using Paypal, I expect to visit Paypal's site to log in. (There were some XSS used to get the site's inventory into Paypal, but that's a different issue, and it happens before login).
My Paypal information is valuable - I don't want to trust some oddball website with it. I hope there's a "Redirect to Paypal" link I can use instead of this stuff...
Parent
Re: (Score:2)
Totally agree with you here. It felt weirder ordering off Dell.com than it did DealExtreme.com. I was expecting redirects to a secure site for payment.
Re:redirect is better (Score:4, Insightful)
Parent
Bummer! (Score:5, Insightful)
Re:Bummer! (Score:5, Informative)
You're kidding, right? Did you just call PayPal a reputable company? You clearly haven't had an account seized for no particular reason... or the various other nefarious shit they're known for.
Parent
Re: (Score:2)
Right - but it's better Paypal than an eBay seller, or Paypal plus a random site, right?
Poor choice of words... (Score:5, Insightful)
He meant greedy business entity strongly financially motivated to avoid any uncontrolled release of your information.
PayPal very diligently acts to protect their bottom line. You may not like their policies on withholding balances, but that same financial diligence also goes in to maintaining security to prevent the huge financial losses that would occur should the public no longer perceive paypal as secure.
Parent
Re:Bummer! (Score:4, Funny)
They are a reputable company, in that they have a reputation.
Parent
x.com (Score:2, Informative)
They didn't pay anything for x.com. They were x.com originally.
Re: (Score:2)
Security? (Score:4, Insightful)
This is sad news for me personally.
I always liked that I got redirected to PayPal.com to enter my PayPal details. Allowing me to check the SSL certificate and avoiding certain kinds of phishing fraud. Plus keeping my login details out of the hands of third parties who might enjoy looking at my payment history (which I agreed to in line 9999 subsection 5, amendment 3 of the T&C).
Ironically while PayPal moves away from a redirection systems the big credit card companies (VISA, Mastercard, etc) are moving into one. Now often bringing up a password page operated by your CC company in order to verify that you haven't stolen card details.
Re: (Score:2)
As a representative of one burned by PayPal (Score:2)
It'll be a cold day in hell before they see any utilization by any of the companies I work for or service.
They could be the last financial institution on the planet. I and some of the people I work for would revert to a barter economy first.
Re:As a representative of one burned by PayPal (Score:4, Informative)
Parent
No parking. (Score:4, Funny)
I wonder how much they paid for their domain: x.com?
It's variable.
This is a bad idea because... (Score:5, Insightful)
Re: (Score:3, Informative)
Critical missing piece (Score:2)
Nifty, but I'm waiting for the day that they announce good customer service.
(Although I believe they're lifting the ban on adult content sites, so that's good.)
thanks sirs - exciting news (Score:3, Funny)
Dear Sirs,
These are great news that promise increased effectiveness and efficiency in money transfers for humble users from Nigeria.
Additionally, if you could assist me in transferring some funds from our deceased noblemen, you will truly be awarded.
Yours Faithfully,
Dr. Akeem Biobaku