I'm trying to implement Google pay on the web by this example: https://developers.google.com/pay/api/web/guides/paymentrequest/tutorial.
When I remove "PAN_ONLY" from the example code, the button becomes invisible on my PC and on smartphone.
Under what conditions with the authentication method "CRYPTOGRAM_3DS" payment will be available?
I'm using the latest version of Google Chrome.
Tokenized cards are only available from your Android device today, where there are the means to securely authenticate the transaction and store sensitive information related to your forms of payment.
There are initiatives in the industry aiming at adding means of security and second factors to the web. These are expected to help the utilization of tokenization on the Web too.
Related
I recently asked this question and user's #DalmTo and #Sergio NH they gave me an exhaustive answer for which I thank them very much.
Moving forward to question, we started publishing the application, and its verification was not required, since no scope was added (here it is a little unclear why the requests worked in an application with a test mode in which these scope were not added (google drive, google sheet and google ads)).
However, this time the application in the "In Production" mode began to give us an "Unverified app screen" (see Unverified app screen). We decided that we still need to add scope to the list, and, of course, that the scope list (their list is described above) requires verification by Google.
We started filling in the necessary fields, while studying the Google documentation at the same time, and came across the following information (see block Verification process -> What are the requirements for verification?):
Apps not applicable for verification
Apps for internal use only
(single domain use) Apps for personal use only Apps that are Gmail
SMTP plugins for WordPress Apps that are in development or
staging/testing
Apps for personal use only
And this is just our case: we have already received permission from Google Ads and are just generating simple reports that we want to integrate with Google Sheet. I.e., this is an elementary script that works within this account (however, we still need to request the first concert screen, even for this developer account) and cannot be distributed to any other accounts.
But when adding our scope, Google requires us to pass verification, forcing us to fill in the required fields, in the form of domains and their verification via the Search Console (we have already done this and this stage does not cause difficulties) and links to Youtube videos - where we must show how scope is used.
And just this stage is not clear. We do not allow other people's accounts to connect to this application, and the software does not have any interface, it is just a script that receives data from Google Ads and saves it to Google Sheet (creating a file via Google Drive). We have described all this in the scope usage description field. But the link to the Youtube video is require field, and we sincerely do not understand why (considering our case) we should record something, and most importantly, what exactly we should record in this case. If the documentation itself says that in our case we do not even need a verification.
Maybe we did not understand something and now we are doing it wrong? We will be glad to receive any tips from experts working with Google Cloud Console and apologize in advance for broken English.
We also apologize in advance to the StackOverflow community that we have to publish such elementary (which we are absolutely sure of from our side) questions here. We come here from Google Cloud Console - > Support - > Community support, and we must first try to publish posts in the Google Groups specified there, but they simply do not answer us, apparently considering our questions too elementary and not worthy of attention (however, these same questions in Google Groups are moderated) (for example, the previous question). And we are no longer able to contact any other support. Once again, we apologize for having to ask about this here.
It is true that if your app is a single use app then you do not need to be verified.
However if you don't get your app verified then there will be some restrictions.
you will see the unverified app screen
your refresh tokens will probably only be good for two weeks.
In the case of the YouTube api uploaded videos will be suck private.
If you can live with those points then you don't need to verify your app and you can continue as is.
If on the other hand you don't want to see the unverified app screen and you want a refresh token that will last longer then two weeks. You will need to verify your app. Yes, Even if your app is a console application running as a job some where you still show the consent screen. This is the YouTube video you will need to show Google. Show the consent screen popping up show the URL bar and then show your script running. You also need to set up the homepage and privacy policy screens. Yes i 100% agree with you that this is silly.
When you go though the process. Explain to google that this is a single use script running as a job some where.
Unfortunately when Google changed it so that Refresh tokens expire for unverified apps they pretty much tied the hands of all developers who are running such single user scripts. We now have to get our apps verified if we don't want to have to request a new refresh token every two weeks.
If your program needs to access the requested scopes of the Google account privacy, even though the user is yourself, you also need to provide a youtube video to demonstrate how you use this program. The auditor cannot guarantee whether you will make this program public.
Is there any way currently to do a parallel payment in paypal with the rest api? I am building a mobile application and can only use the rest api system however there is no documentation on how you can use parallel payments with REST.
You can do everything else so it seems to me like the developers got to that feature and just gave up :P.
This feature is a huge part of our website and if we cannot use it on the mobile app it will mean we have to redo how we handle transactions on the site so that both areas are consistent.
If this feature is not available since rest was supposed to be the refresh of all their API's to support newer tech is it coming? Does anyone know and if you do any information on a timeline would be helpful.
REST API does not support parallel payments at this time, it's in the product road map but not yet in the released APIs.
An alternative for your use case is to integrate the webview embedded Express Checkout flow into your APP, it provides the most identical experience to payers since the new UI was released.
I am checking feasibility of our application with Sage Pay
Our application is a thick Desktop based software having no Web-Page or integration to website.
All of following 4 options on Sage Pay website
Form integration
Server integration
Serve Inframe integration
Direct integration
are seems to be working around web-pages
Here I am only looking if SagePay solution is feasible or not because we do not have any website to take payments.
We need to facilitate payments to be taken into our desktop software
thanks in advance
Avtar
Sage Pay Direct doesn't rely on pages; it can be used in a smart client application. You just need to make sure you set the transaction type as MOTO (Mail Order Telephone Order), I think M, so that the 3D secure dialogs aren't shown.
You're right in that all the other mechanisms will require a browser.
Remember, with Sage Pay Direct you fall directly in the net of PCI DSS compliance, so you'll probably want to make sure that you remain on the right side of that.
Is it possible to use Google Analytics API's to track Mac OSX applications?
If not could any one suggest me an alternative for Google Analytics.
Google Analytics is designed to work with web applications not for desktop apps. Although it might be possible to collect info about your application and send it to your Google Analytic account but the amount of work required to retrofit might be better spent, building your own Analytic solution.
A good starting point would be to create a simple web service, which collects information regarding clicks. Then rewrite your application to call that web service on every click within your application.
You would ideally want to store this information locally and submit it to the web service in batches. You would also want to design the application, so that if you ever shut down the web service, the application would still be able to operate.
UPDATE: As pointed out in the comments by Václav Slavík, they have added apps analytics for iOS/Android.
I made a simple set of classes for doing this:
https://github.com/stephenlind/SimpleCocoaGoogleAnalytics
Google Analytics is not only for web applications, but also for mobile. It's available on the platform like android, iOS, etc. If you want to track your MAC OS X application, you can choose DeskAppTrack or DeskMetrics. DeskAppTrack is only available on MAC. It provide a professional data statistical analysis and it's free. While DeskMetrics is available on MAC and Windows. Either one is ok.
This really depends on how detailed you want to get. If you are are truly looking for analytics with detail and control flow data, you are better suited to created your own web service, as mentioned.
However, if you simply want to know a small number of operations, that occur at a small volume, i.e. when the app is launched (a quick and dirty solution): then in theory you could create a landing page on your site that contains a minimal head section, and a blank body, and then load the URL with an NSURL when you want to trigger the action.
Of course, you would have to include the google analytics tracking codes in the header, and you may need to load an off-screen webview to get the javascript to run. Like I said, quick and dirty.
In either case, you want to make sure the application will continue to perform properly, even if the web service / page is not present.
I've seen different documentation on various forums and site on different ways of using Paypal api, here is a pretty useful link: https://cms.paypal.com/us/cgi-bin?cmd=_render-content&content_ID=developer/e_howto_api_ECOnMobileDevices&bn_r=o/, My question is a little different i do not want to use any of the Paypal libraries offered to us in my app, this is the link to libraries:https://www.x.com/developers/paypal/documentation-tools/sdk , I also do not want to gather any personal information, I want Paypal to take care of everything. So in other words I want to be able to open up a UIWebview to the Paypal's mobile site if possible (or if not the regular site will work) have to user log in with his credential or he can use the express checkout option and get back the transaction ID, or receipt what ever is available. I'm a little new to iOS and any help is appreciated.
If you don't want to use any libraries or API's, Express Checkout won't work for you.
Which does make it somewhat easier, as you can just use PayPal Website Payments Standard in a UIWebView instead.
For example; just open https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=your#email.tld&amount=1.99¤cy_code=GBP
This will start a 1.99 GBP payment to email#here.tld via PayPal, and automatically use a mobile layout.
If you subsequently want to receive transaction information; set up PayPal IPN on your account and use that to receive transaction-related events. This can be handled outside your app, and thus take away precious processing power to the server.
For an overview on getting started with PayPal IPN, have a look at https://www.paypal.com/ipn/
I would strongly suggest against trying to do transactions through paypal. If you look at the App Store Review Guidelines it states that
11.2 Apps utilizing a system other than the In App Purchase API (IAP) to purchase content, functionality, or services in an app will be rejected