PayPal Developer Sandbox
Apr 26, 2007

So a project I'm currently working on involves using the PayPal API to handle credit card transactions (two projects actually, but the PayPal part will be more or less interchangeable between them). I've never actually used PayPal's Merchant Services (or any other e-commerce platform, for that matter) before, so I'm having to teach myself how to use it as I go. Fortunately, PayPal offers a developer 'sandbox' where you can set up what is essentially a dummy account to test your website without actually incurring any charges or having to move money around. This is a brilliant idea, and I'm glad they thought of it. However, it's really just not implemented very well. Setting up the dummy account within the sandbox is ridiculously hard to do and not at all intuitive. For the most part, it's like setting up a regular PayPal account, with a few minor differences. The problem is they don't document those differences at all making it very hard to figure out what you're doing. There's a help link on the developer page, but it doesn't actually work and only takes you back to the main developer page. So in order to figure out what you're doing you have to go to their developers forum and search for the answer there. When you do that you discover that hundreds of other people have had the exact same problem and have also resorted to using the forum. Reading through the threads they created you see the same thing over and over. The developer is confused and asks how to do something, and a person from PayPal responds with a very brief answer that barely suffices to help you move on to the next step. As a specific example: when signing up for a PayPal account, one of the pieces of information you need to give them is your Social Security Number. For the sandbox account, it doesn't work if you leave it blank, it also doesn't work if you use a random string of 9 digits, and it also doesn't work if you use a real SSN. So I searched the forums to find an answer, and the only reply that PayPal had given when people asked about this was that you had to use a 9 digit number where the first three numbers were 1s (so, 111xxxxxx). They provided no detail beyond that. So I tried the number 111111111. Didn't work, because someone had already used it. PayPal, of course, never deigned to mention that you had to pick a unique 9 digit number that started with three 1s. So I tried 111999999. Also no good. Nor was 111222222, nor 111111112, nor pretty much any other pseudo-random string I could come up with. Eventually I had to settle with taking my real SSN and changing the first three digits to 111. This worked, but isn't a very good solution. Since the first three digits of your Social Security Number indicate what office your number was issued in, it's not that difficult to figure out the first three numbers of someone's based on where they were born (or at least to narrow it down to the point where a brute force approach becomes reasonable). So not only was setting up the account inconvenient, it was a bit iffy in terms of security as well. I understand that they didn't want to have to change their code a whole lot, but how hard would it have been to just set up the SSN field to auto-fill with a valid string of numbers, or to allow multiple people to use the same string? At the very least, they could have put a little note there explaining the constraints on the number you have to enter instead of barely pointing you in the right directly, if you ask, and then letting you figure the rest out yourself. Fortunately, I eventually figured it out. But then ran into another obstacle, one which is still in the process of being resolved: you have to verify your dummy sandbox account before you can take advantage of the PayPal Merchant Services. If you don't have a PayPal account, verification involves them making two small deposits to a bank account that you control so that you can then tell them the amount of the deposits proving that it's your account. First of all, it's completely ridiculous to require this of a sandbox account where no real money will be dealt with. Secondly, they again take no steps to simplify this process. They don't even allow you to use a fake account, because you still have to go through the whole verification process. So you have to wait several days before the deposits go through and then show up on your bank statement (assuming you have online banking, otherwise you have to wait up to a month for your statement to be mailed to you). Several days, just to set up a test account that uses a fake SSN and will never see a single real dollar. Does that make sense at all? I sure don't think so. PayPal obviously handles a lot of money. And they make a lot of money through that. I'm sure a pretty decent portion of that income comes from people who use PayPal's Merchant Services on their own webpage. So you'd think they'd want to make the process of setting up and testing those services as quick and painless as possible to encourage more people to use them. You'd think, anyway.
blog comments powered by Disqus