iTunes Connect Updated Contract Where to Accept It? - itunes

I log into the iTunes connect and get the following message:
An updated contract is now available. Before you can offer your content in new iTunes Store territories, a user with the Legal role must agree to the new contract in the Contracts, Tax, and Banking module.
I go in the Contracts, Tax and Banking module and I see this (see screenshot). What am I suppose to do?

If there is not a request next to the new contract, it means the user you logged in with likely does not have the legal role. Go to manage users and see if your current user has that authorization. If your current log in does not, you will need to find a user that does, or get yours approved.

Related

Handling payments in react-native

So I am building an app with react-native (expo) where a user fixes appointment with some other person and to do so, he has pay the other person.
Now how can I handle payments here. What i want is the user makes the payment and the receiver should be the other person but how much i understood the payment gateways, the payment is received by the app owner or in simple words, receiver is a single person.
I also tried deep linking to directly take the user to some UPI app like google pay or paytm but it seems that those apps require some special type of account (merchant account) to make the transaction if we access them using deep links (which is a problem as it is not necessary that every user will have a merchant account).
As I said, it is always better that you have your own payment gateway account, and all the transaction goes through your gateway, meaning you get the money and you build a system which will forward the payment to the receiver. I have worked on 2 such apps:
1: Where we have our own razorpay account, and we get the payment first, and then we forward it.
2: Where in we were directly having transaction between 2 users, but not through app, instead we display them the account details of the receiver and give them 48hrs time to pay that account. But we had to manually handle this scenario since one cannot know if the user has paid to the said account, since it's not your account.
3: There is one more method where in payment gateway has a webhook which consists of a virtual account number, and every user that lands on your app, you can create a virtual account number for him/her and store the user-virtual account number relationship in your db, whenever there is a payment, you can find out about the user through this virtual account number. Read about this.
The deep link is a good idea, but again, as you mentioned, it will require the end user to be a merchant user(have a merchant account), you can find more details here
Maybe you can ask your users to create a merchant account, which again I am not sure if it's possible, and if it's possible, if it's feasible?
The best way according to me is, you handle this through your payment gateway, and instantly forward it to the user who should have received it. Again there are some rules and clause to it(some commission is taken by those payment gateway,etc), check those things out.
I think the most close answer to my question is to use razorpay routes where we can link multiple accounts with our account and transfer money accordingly.
More details here

Verify user is owner of an NFT via MetaMask connection? Make sure connected users public eth address is the same as of the NFT?

I need to verify on my own domain/server the user which has connected his MetaMask wallet is the owner of a specific NFT in order to allow him special functions? Basically, I want to give the user access to an area that only the owner of this NFS would have.
My original NFT is sold in opensea but I can't use the opensea hidden-area option to just give the user a hidden password since the next owner (after reselling) and the old owner would have the same password and old owners could still access like this. But I need that only the current owner has access.
My user/visiter can already connect with MetaMask at my own domain and I get the public ETH address of the active account but since this is only javascript and my backend is PHP I can't just post the MetaMask info to my PHP backend since this would be easy to trick/hack.
How can I make sure the current connected MetaMask Account is the same as the NFT owner (which I know) and allow to access a URL only for this user?
My current state is that the user connects his MetaMask and I use opensea API to check who is currently the owner of the NFT. I can compare both eth addresses but the flaw in this is obviously that I use ajax to send the MetaMask public address to my backend which is only for testing since this is of course zero save!
Thank you in advance for any idea, help, tip I can get.
PS: My backend is PHP
After hours and days of researching, I found a solution that works for me.
Here are the needed steps.
Use the MetaMask API to let the user connect with your site. This is pretty easy and good explained in the MetaMask API.
Once you want to verify the MetaMask owner is the legit owner of an NFT you need first query OpenSea (or another place) the current owner of the NFT. In my case, I use the OpenSea API for my specific NFTs. Once you got the owner you are ready to verify.
On your site you need to ask the user to sign a custom message with MetaMask. There are different options to do that. More about this here: MetaMask Signing. I send for example a short text message with a unique code that I first created in my PHP Backend. Doing that I also save the code and custom message into my MySQL.
Once the user has signed you get the signing code which you can send back to your PHP backend via ajax etc. without a problem. Only the owner of the Account which you requested in the signing code is able to sign with the correct account.
Once you got the signing code in your PHP Backend you can use Fast Elliptic Curve Cryptography in PHP and php-ecrecover to check the code against the unique code you created before and the message the user signed. As a response, you get the Signer Account ETH Address and you are ready to compare. If the Signers ETH Address is the same as the NFT owner you are ready to go and you can consider the signer the owner of the NFT.
I believe this is safe to use but I am not an expert on that. In my case, this only authorize an NFT owner for a certain closed area in my community page and there are not really high risks involved but maybe somebody raises some security thoughts on that. However, I found that other NFT pages and even Opensea work similarly.
I hope this points someone in the right direction, I lost quite some time figuring this out because most solutions are Node.js etc. but not with PHP backends.

How do you pull customer data from Paypal?

What is the right procedure for pulling data about a customer (using OAuth to "Connect with Paypal" similar to the functionality that Stripe and Square provide) from Paypal?
The paypal documentation is confusing in two ways -
The OAuth scopes shown only have basic profile information like email, address, name, etc. and the link to the attributes page in the Account Information line item seems broken.
Other places mention that you have to sign onto the Paypal partner program to pull data on behalf of third parties.
So, for anyone that has gone through this - what is the right way to proceed/do I have to sign up to Paypal partner program? Is Permissions the right API to use?
I know broadly that connecting and fetching paypal account data is possible since, for example, Kabbage allows you to link your Paypal account and pulls data from it directly.
Connect with PayPal is so a user can click the CwPP button, sign into PayPal agreeing to give you access to certain profile information (based on the selected scopes) -- and then once they grant that permission and return, you're able to use the provided authorization code to access their profile information with its API.
In order to use CwPP in the live environment, your CwPP app has to be approved. You don't need to be in the PayPal partner program for this.

PayFort Integration in swift

Not able to create PAYFORT Sandbox test account.Where I get merchant identifier number.
How to register PAYFORT test account
How to get the merchant_identifier
How to get the access_code
How to get the service_command
I do not have any Idea about PayPort.Please share any Example program related to Swift.From PAYFORT where I create the sandbox test account
"https://www.payfort.com/get-started/".From this link, I entered the personal details once complete the details try to login to PAYFORT, not able to log in.
I've been facing similar questions and so emailed the PayFort support team. Here is the response I got:
Good afternoon and thank you for contacting PayFort.
Please be advised that in order for you to have the account created
in the SANDBOX (https://testfort.payfort.com) environment, the first
contact has to be initiated by one of our Pre-Qualifications team
members after receiving a documented request in a form of registration
from our website. (www.payfort.com)
The pre-qualification stage entails knowing the company/
organization's business and requirements. Qualifications are as
follows:
The company has a legal setup in the countries mentioned on our
website. The company's business module is supported by PayFort.
For more information about the businesses we support and countries,
please click on this link: http://www.payfort.com/payfort-faqs/
After the qualification stage, one of our Sales Representative will
get in touch with you to get a deeper view of the business so as to
suggest the payment solution that would suit your requirements.
Then only the TEST/SANDBOX account is created by our team to start the
Integration process.
If you wish to proceed, please kindly register on the above link or
send a direct email to sales-uae#payfort.com.
Register your self on https://www.payfort.com/get-started/ by giving your company info and wait for the email from PayFort. they'll send you the info about your test account.
you can login your test account on https://testfort.payfort.com and find your access code and merchant identifier from "Integeration Settings" menu and "Security Settings" option. you can also see the attached image so you can easily find the access code and merchant identifier.
the service_command is a static value "PURCHASE" in capital letters.

Invalid account details accepts while adding new site account in yodlee live API

I'm using yodlee live API to link the bank transaction details.
Invalid bank account details accepts, when we add new site account in yodlee via live API, For example, the the account details like xxxxx and yyyyy, then the account added successful.
It's normal or any settings to be turned on in yodlee account or API parameters?
How can i validate the account details? while user add new site account?
Thanks in advance.
Though Yodlee accepts the invalid details/credentials, the account would fail. This would be represented by an Error code such as 402, which would mean that the credentials are wrong.
This is normal setting and teh only way you can validate if the details are right is by checking the status of the account. The error code should be "0" if everything is right.
Hope this helps. You can get more details on error codes under different scenarios #Error Code
Hope this helps
-Vijay
In short: Yodlee doesn't know the username/password entered during add account are correct or not; it has to validate the same with Bank website.
To explain you the process:
When you are adding a particular Bank account, you provides the username/password(it may be correct or incorrect) Yodlee doesn't know and can't validate at the time of submission. Yodlee takes the inputs(username/password) and submits the same to the Bank website(which consumer had selected); meanwhile you'll receive a response from API- addSiteAccount1, which will have the code as 801 (Refresh Never Done and Yodlee is going to update your account).
Once Bank website validate the same and found them incorrect Yodlee return 402 error code(invalid credentials), you need to call getSiteRefreshInfo API to check the same in loops each of 3-4sec.