Express Checkout Mark (ECM)

PayPal is an international e-commerce business allowing payments and money transfers to be made online.

Express Checkout Mark (ECM): PayPal is shown as an additional method of payment on your existing checkout, alongside credit/debit cards.

Supported customer countries	No restrictions on customer countries.
Supported currencies	AUD, CAD, EUR, GBP, JPY, USD
Refunds	Full and partial refunds permitted.
Chargebacks	Disputes are managed by PayPal.
Zero-authorisation	Not supported.
Recurring payments	Not supported.

Benefits of implementing ECM

Allows you to integrate PayPal into your existing checkout solution.
The address the customer submits on your website is final and cannot be changed on PayPal’s website.

Process overview

What will the customer see?

During the checkout process, your website presents PayPal as a payment method.
The customer selects their preferred delivery address on your checkout page and opts to pay using PayPal.
The customer is redirected to PayPal, where they sign in using their PayPal credentials (they can register with PayPal if they do not already have an account).
The customer reviews their order and agrees to the payment on PayPal’s website.
The customer is redirected to your website, where a confirmation is displayed (e.g. “Payment successful”).

How does it work behind the scenes?

Initiate the customer
- Customer enters their preferred delivery address on the merchant's website and selects to pay with PayPal.
- Merchant submits ORDER request to initiate the session, including cancelurl and returnurl.
- Merchant receives ORDER response, including paypaltoken and redirecturl.
Redirect to PayPal
- Merchant redirects the customer's browser to the redirecturl, including the paypaltoken.
- Customer signs in and confirms their preferred delivery address and payment method on PayPal’s website, and agrees to perform the payment.
- If successful, the customer's browser is redirected to the returnurl.
- If the PayPal order is cancelled, the browser is redirected to the cancelurl where an error message can be displayed. We recommend that alternative payment methods are displayed, allowing the customer to try again.
Process the authorisation
- Only if the above has been successful, the merchant submits combined ORDERDETAILS and AUTH request to process the payment.
- Merchant receives ORDERDETAILS AUTH response and displays receipt page to the customer.
Payment completion
- Under default behaviour, the transaction is in a pending state and funds will typically settle within 24 hours.
- But if preferred, merchants can configure their setup to instead request funds are settled immediately. Or alternatively, settlement can be deferred for up to 7 days.
- A URL notification can be configured to update the merchant’s system once settlement has been completed. Click here to learn more.

1. Initiate the customer

Displaying PayPal on your checkout

The official PayPal acceptance mark must be presented with equal prominence and close proximity to other payment types on your details page. No payment type should be selected by default.

You can download the latest official PayPal acceptance mark images from this URL:
https://www.paypal.com/uk/webapps/mpp/logo-center (link to external site)
Upon selecting PayPal, card payment fields must be disabled or hidden from view.

When the customer chooses to pay with PayPal, your system will need to perform an ORDER request and interpret the response returned.

ORDER request example

#!/usr/bin/python
import securetrading

stconfig = securetrading.Config()
stconfig.username = "webservices@example.com"
stconfig.password = "Password1^"
st = securetrading.Api(stconfig)

order = {
  "currencyiso3a": "GBP",
  "requesttypedescription": "ORDER",
  "accounttypedescription": "ECOM",
  "sitereference": "test_site12345",
  "baseamount": "2001",
  "paymenttypedescription": "PAYPAL",
  "returnurl": "https://yourwebsite.com",
  "cancelurl": "https://yourwebsite.com",
  "paypallocale": "GB",
  "paypaladdressoverride": "1",
  "paypalemail": "billing@email.com"
}

strequest = securetrading.Request()
strequest.update(order)
stresponse = st.process(strequest) #stresponse contains the transaction response

<?php

if (!($autoload = realpath(__DIR__ . '/../../../autoload.php')) && !($autoload = realpath(__DIR__ . '/../vendor/autoload.php'))) {
throw new Exception('Composer autoloader file could not be found.');
}
require_once($autoload);

$configData = array(
  'username' => 'webservices@example.com',
  'password' => 'Password1^'
);

$requestData = array(
  'currencyiso3a' => 'GBP',
  'requesttypedescription' => 'ORDER',
  'accounttypedescription' => 'ECOM',
  'sitereference' => 'test_site12345',
  'baseamount' => '2001',
  'paymenttypedescription' => 'PAYPAL',
  'returnurl' => 'https://yourwebsite.com',
  'cancelurl' => 'https://yourwebsite.com',
  'paypallocale' => 'GB',
  'paypaladdressoverride' => '1',
  'paypalemail' => 'billing@email.com'
);

$api = \Securetrading\api($configData);
$response = $api->process($requestData);
var_dump($response->toArray());

?>

curl --user webservices@example.com:Password1^ <DOMAIN>/json/ -H "Content-type: application/json" -H "Accept: application/json" -X POST -d '{
  "alias": "webservices@example.com",
  "version": "1.00",
  "request": [{
    "currencyiso3a": "GBP",
    "requesttypedescription": "ORDER",
    "accounttypedescription": "ECOM",
    "sitereference": "test_site12345",
    "baseamount": "2001",
    "paymenttypedescription": "PAYPAL",
    "returnurl": "https://yourwebsite.com",
    "cancelurl": "https://yourwebsite.com",
    "paypallocale": "GB",
    "paypaladdressoverride": "1",
    "paypalemail": "billing@email.com"
  }]
}'

{
  "alias":"webservices@example.com",
  "version":"1.00",
  "request":[{
    "currencyiso3a":"GBP",
    "requesttypedescription":"ORDER",
    "accounttypedescription":"ECOM",
    "sitereference":"test_site12345",
    "baseamount":"2001",
    "paymenttypedescription":"PAYPAL",
    "returnurl":"https://yourwebsite.com",
    "cancelurl":"https://yourwebsite.com",
    "paypallocale":"GB",
    "paypaladdressoverride":"1",
    "paypalemail":"billing@email.com"
  }]
}

<requestblock version="3.67">
  <alias>webservices@example.com</alias>
  <request type="ORDER">
    <merchant>
      <returnurl>https://www.example.com/return</returnurl>
      <cancelurl>https://www.example.com/cancel</cancelurl>
    </merchant>
    <billing>
      <amount currencycode="GBP">2001</amount>
      <payment type="PAYPAL">
        <locale>GB</locale>
        <paypaladdressoverride>1</paypaladdressoverride>
        <paypalemail>billing@email.com</paypalemail>
      </payment>
    </billing>
    <operation>
      <sitereference>test_site12345</sitereference>
      <accounttypedescription>ECOM</accounttypedescription>
    </operation>
  </request>
</requestblock>

Replace <DOMAIN> with a supported domain. Click here for a full list.

Field specification

Field	Format	Description
accounttypedescription XPath: /operation/accounttypedescription	Alpha (20)	Only “ECOM” (e-commerce) is supported.
baseamount XPath: /billing/amount	Numeric (11)	The amount of the transaction in base units, with no commas or decimal points, so €10 is submitted as 1000. This value must be greater than zero. (Max length may vary depending on your acquiring bank – Contact your bank for further info)
cancelurl XPath: /merchant/cancelurl	URL (2048)	The URL that the customer will be returned to if they cancel the authorisation on their PayPal account.
currencyiso3a XPath: /billing/amount/@currencycode	Alpha (3)	The currency that the transaction will be processed in (in ISO3A format). For a list of currency codes supported by PayPal, refer to the list found at the top of this page.
customerprefixname XPath: /customer/name/prefix	Alphanumeric including symbols (25)	The prefix of the customer’s billing name (e.g. Mr, Miss, Dr). At least one of the customer name fields must be submitted if paypaladdressoverride is set to "1". Otherwise, these fields are optional.
customerfirstname XPath: /customer/name/first	Alphanumeric including symbols (127)	The customer’s billing first name. At least one of the customer name fields must be submitted if paypaladdressoverride is set to "1". Otherwise, these fields are optional.
customermiddlename XPath: /customer/name/middle	Alphanumeric including symbols (127)	The customer’s billing middle name(s). At least one of the customer name fields must be submitted if paypaladdressoverride is set to "1". Otherwise, these fields are optional.
customerlastname XPath: /customer/name/last	Alphanumeric including symbols (127)	The customer’s billing last name. At least one of the customer name fields must be submitted if paypaladdressoverride is set to "1". Otherwise, these fields are optional.
customersuffixname XPath: /customer/name/suffix	Alphanumeric including symbols (25)	The customer’s suffix name (e.g. Bsc). At least one of the customer name fields must be submitted if paypaladdressoverride is set to "1". Otherwise, these fields are optional.
customerpremise XPath: /customer/premise	Alphanumeric including symbols (25)	The customer’s house name or number. These customer address fields are required if paypaladdressoverride is set to "1". Otherwise, these fields are optional.
customertown XPath: /customer/town	Alphanumeric including symbols (127)	The customer’s town. These customer address fields are required if paypaladdressoverride is set to "1". Otherwise, these fields are optional.
customercountryiso2a XPath: /customer/country	Alpha (2)	The customer’s country. This will need to be in ISO2A format. Click here for a full list of country codes. These customer address fields are required if paypaladdressoverride is set to "1". Otherwise, these fields are optional.
customerstreet XPath: /customer/street	Alphanumeric including symbols (127)	The customer’s street name.
customercounty XPath: /customer/county	Alphanumeric including symbols (127)	The customer’s county. For US addresses, the state would be entered in this field. Valid formats: Preferred: Two character state code, e.g. “NY”. Full state name, e.g. “New York”. Required if customercountryiso2a is one of the following: AR, BR, CA, CN, ID, IN, IT, JP, MX, TH, US
customerpostcode XPath: /customer/postcode	Alphanumeric (25)	The customer’s postcode or ZIP code. This must be a valid postcode/ZIP code for the customercountryiso2a submitted.
orderreference XPath: /merchant/orderreference	Alphanumeric including symbols (25) Recommended length 25 characters or less (exact length dependent on acquiring bank). Failure to adhere to this requirement may result in the text being truncated in the transaction.	Your unique order reference that can be stored on Trust Payments and PayPal’s system (this is your PayPal invoice ID). When submitted, please ensure that the order reference is unique to each order.
paymenttypedescription XPath: /billing/payment/@type	Alpha (20)	This value must be submitted as “PAYPAL”.
paypaladdressoverride XPath: /billing/payment/paypaladdressoverride	Numeric (1)	When using the ECM flow, the delivery address entered on your website is submitted to PayPal and cannot be modified by the customer on PayPal’s website. Please submit one of the following values: 1 – Customer will use the delivery address entered on your website. 2 – Customer will not be prompted to choose a delivery address on PayPal’s website (best suited to online services and downloads).
paypalemail XPath: /billing/payment/paypalemail	Email (255)	The email address that the customer will use to sign in to PayPal. Maximum of 64 characters allowed before the @ symbol.
paypallocale XPath: /billing/payment/locale	Alpha (2)	The language of the PayPal login page. Click here for a list of PayPal locales (link to external site).
requesttypedescription XPath: /@type	Alpha (20)	The value in the request must be “ORDER”.
returnurl XPath: /merchant/returnurl	URL (2048)	The URL that the customer will be returned to following a successful authorisation on their PayPal account.
sitereference XPath: /operation/sitereference	Alphanumeric & underscore (50)	The site reference relates to your individual account which you received on setup. If you do not know your site reference, please contact our Support Team.

ORDER response example

{
u 'requestreference': u 'A0bxh87wt',
u 'version': u '1.00',
u 'responses': [{
u 'transactionreference': u '72-32-20002',
u 'paymenttypedescription': u 'PAYPAL',
u 'settleduedate': u '2020-06-01',
u 'transactionstartedtimestamp': u '2020-06-01 15:35:40',
u 'errormessage': u 'Ok',
u 'accounttypedescription': u 'ECOM',
u 'errorcode': u '0',
u 'redirecturl': u 'https://webapp.securetrading.net/cgi-bin/webscr?token=72x32x20002&useraction=commit&cmd=_express-checkout&paypalemail=billing%40email.com',
u 'requesttypedescription': u 'ORDER',
u 'settlestatus': u '0',
u 'operatorname': u 'webservices@example.com',
u 'livestatus': u '0',
u 'paypaltoken': u '72x32x20002'
}]
}

array(3) {
  ["requestreference"] => string(9) "A349bdehj"
  ["version"] => string(4) "1.00"
  ["responses"] =>array(1) {
    [0] => array(13) {
      ["transactionreference"] => string(11) "72-32-20002"
      ["paymenttypedescription"] => string(6) "PAYPAL"
      ["settleduedate" ]=> string(10) "2020-06-01"
      ["transactionstartedtimestamp"] => string(19) "2020-06-01 15:35:40"
      ["errormessage"] => string(2) "Ok"
      ["accounttypedescription"] => string(4) "ECOM"
      ["errorcode"] => string(1) "0"
      ["redirecturl"] => string(137) "https://webapp.securetrading.net/cgi-bin/webscr?token=72x32x20002&useraction=commit&cmd=_express-checkout&paypalemail=billing%40email.com"
      ["requesttypedescription"] => string(5) "ORDER"
      ["settlestatus"] => string(1) "0"
      ["operatorname"] => string(23) "webservices@example.com"
      ["livestatus"] => string(1) "0"
      ["paypaltoken"] => string(11) "72x32x20002"
    }
  }
}

{
  "requestreference":"W23-fjgvn3d8",
  "version":"1.00",
  "response":[{
    "transactionreference":"72-32-20002",
    "paymenttypedescription":"PAYPAL",
    "settleduedate":"2020-06-01",
    "transactionstartedtimestamp":"2020-06-01 15:35:40",
    "errormessage":"Ok",
    "accounttypedescription":"ECOM",
    "errorcode":"0",
    "redirecturl":"https://webapp.securetrading.net/cgi-bin/webscr?token=72x32x20002&useraction=commit&cmd=_express-checkout&paypalemail=billing%40email.com",
    "requesttypedescription":"ORDER",
    "settlestatus":"0",
    "operatorname":"webservices@example.com",
    "livestatus":"0",
    "paypaltoken":"72x32x20002"
  }],
  "secrand":"zO9"
}

<responseblock version="3.67">
  <requestreference>X62d3qhev</requestreference>
  <response type="ORDER">
    <merchant>
      <operatorname>webservices@example.com</operatorname>
    </merchant>
    <transactionreference>72-32-20002</transactionreference>
    <billing>
      <payment type="PAYPAL"/>
    </billing>
    <timestamp>2020-06-01 15:35:40</timestamp>
    <paypal>
      <redirecturl>https://www.paypal.com/cgi-bin/webscr?token=56604A14170900854600&amp;useraction=commit&amp;cmd=_express-checkout&amp;paypalemail=billing%40email.com</redirecturl>
      <token>56604A14170900854600</token>
    </paypal>
    <settlement>
      <settleduedate>2020-06-01</settleduedate>
      <settlestatus>0</settlestatus>
    </settlement>
    <live>1</live>
    <error>
      <message>Ok</message>
      <code>0</code>
    </error>
    <operation>
      <accounttypedescription>ECOM</accounttypedescription>
    </operation>
  </response>
  <secrand>9yFfRJfI</secrand>
</responseblock>

Field specification

Field	Format	Description
accounttypedescription XPath: /operation/accounttypedescription	Alpha (20)	The value returned is “ECOM”.
errorcode XPath: /error/code	Numeric (1-5)	The error code should be used to determine if the request was successful or not. If the error code is “0” then the transaction was successful. If the error code is not “0” then the transaction was not successful. Click here for a full list of errorcode and message values.
errordata XPath: /error/data	Alphanumeric (255)	Additional information to help troubleshoot the error. Only returned if there has been an error.
errormessage XPath: /error/message	Alphanumeric (255)	This is the corresponding message to the above code. Click here for a full list of errorcode and message values.
livestatus XPath: /live	Numeric (1)	0 – Transaction processed using a test account. 1 – Transaction processed using a live account.
operatorname XPath: /merchant/operatorname	Alphanumeric (255)	The value of this field contains the name of the user that processed the request.
paymenttypedescription XPath: /billing/payment/@type	Alpha (20)	The value returned is “PAYPAL”.
paypaltoken XPath: /paypal/token	Alphanumeric (255)	The token relates to the customer’s session within PayPal’s system. You should log this, as you can then use it in relation to any relevant queries you may have with PayPal.
redirecturl XPath: /paypal/redirecturl	URL (255)	Redirect the customer’s browser to this URL, to allow them to sign in to their PayPal account.
requesttypedescription XPath: /@type	Alpha (20)	The value returned is “ORDER”.
settleduedate XPath: /settlement/settleduedate	Date YYYY-MM-DD	The date on which the transaction will be settled.
settlestatus XPath: /settlement/settlestatus	Numeric (3)	“0” indicates no issues have been raised so far that would prevent settlement from taking place. “3” indicates the request was unsuccessful.
transactionreference XPath: /transactionreference	Alphanumeric including hyphens (25)	A unique reference for the request assigned by Trust Payments.
transactionstartedtimestamp XPath: /timestamp	Date time YYYY-MM-DD hh:mm:ss	The time the request was processed.

Additional notes about ORDER requests

The customer name, customer premise, customer town and customer country are required when using paypaladdressoverride option “1”.
When PayPal declines a transaction while the customer is on their servers, a message will be displayed on-screen. The customer may be prompted to try again or cancel the payment attempt.
You can configure your PayPal account to disable the check on duplicate invoice IDs (values submitted in the orderreference). Contact PayPal Support for further information.

2. Redirect to PayPal

After successfully submitting an ORDER request, your system will be returned a redirecturl in the response. Your system will need to redirect the customer’s browser to this URL, which is a page hosted by PayPal, in order to process the payment.

When testing, our simulated PayPal login page (as shown below) is shown in place of a real PayPal login page.

After logging in to their PayPal account, the customer has the option to continue with the transaction or to cancel. When testing, you can replicate this by using one of the e-mails below on our test PayPal login screen.

Email address	Scenario	Result
auth@auth.com	The customer performs a successful transaction.	The customer’s browser is redirected to the URL specified in the returnurl that was submitted in the ORDER request.
cancel@cancel.com	The customer opts to cancel the transaction.	The customer’s browser is redirected to the URL specified in the cancelurl that was submitted in the ORDER request.

You must wait for the customer to return from the PayPal login page to the returnurl hosted on your servers before processing an authorisation.

3. Processing the authorisations

If the customer is redirected to the cancelurl:

Present your customer with alternative payment methods so they can try again.

If the customer is redirected to the returnurl:

Follow the instructions below.

ORDERDETAILS AUTH request example

This example demonstrates how to process an ORDERDETAILS followed by an AUTH request. Notice how the structure of the request is similar to that of a standard AUTH request, except “ORDERDETAILS” is included in the requesttypedescriptions field before “AUTH”.

#!/usr/bin/python
import securetrading

stconfig = securetrading.Config()
stconfig.username = "webservices@example.com"
stconfig.password = "Password1^"
st = securetrading.Api(stconfig)

orderdetailsauth = {
  "requesttypedescriptions": ["ORDERDETAILS","AUTH"],
  "sitereference": "test_site12345",
  "parenttransactionreference": "72-32-20002",
  "paymenttypedescription": "PAYPAL",
  "paypaladdressoverride": "1"
}

strequest = securetrading.Request()
strequest.update(orderdetailsauth)
stresponse = st.process(strequest) #stresponse contains the transaction response

<?php

if (!($autoload = realpath(__DIR__ . '/../../../autoload.php')) && !($autoload = realpath(__DIR__ . '/../vendor/autoload.php'))) {
throw new Exception('Composer autoloader file could not be found.');
}
require_once($autoload);

$configData = array(
  'username' => 'webservices@example.com',
  'password' => 'Password1^'
);

$requestData = array(
  'requesttypedescriptions' => array('ORDERDETAILS','AUTH'),
  'sitereference' => 'test_site12345',
  'parenttransactionreference' => '72-32-20002',
  'paymenttypedescription' => 'PAYPAL',
  'paypaladdressoverride' => '1'
);

$api = \Securetrading\api($configData);
$response = $api->process($requestData);
var_dump($response->toArray());

?>

curl --user webservices@example.com:Password1^ <DOMAIN>/json/ -H "Content-type: application/json" -H "Accept: application/json" -X POST -d '{
  "alias": "webservices@example.com",
  "version": "1.00",
  "request": [{
    "requesttypedescriptions": ["ORDERDETAILS","AUTH"],
    "sitereference": "test_site12345",
    "parenttransactionreference": "72-32-20002",
    "paymenttypedescription": "PAYPAL",
    "paypaladdressoverride": "1"
  }]
}'

{
  "alias":"webservices@example.com",
  "version":"1.00",
  "request":[{
    "requesttypedescriptions":["ORDERDETAILS","AUTH"],
    "sitereference":"test_site12345",
    "parenttransactionreference":"72-32-20002",
    "paymenttypedescription":"PAYPAL",
    "paypaladdressoverride":"1"
  }]
}

<requestblock version="3.67">
  <alias>webservices@example.com</alias>
  <request type="ORDERDETAILS">
    <operation>
      <sitereference>test_site12345</sitereference>
      <parenttransactionreference>72-32-20002</parenttransactionreference>
    </operation>
  </request>
  <request type="AUTH">
    <billing>
      <payment type="PAYPAL">
        <paypaladdressoverride>1</paypaladdressoverride>
      </payment>
    </billing>
  </request>
</requestblock>

Replace <DOMAIN> with a supported domain. Click here for a full list.

Field specification

Field	Format	Description
parenttransactionreference XPath: /operation/parenttransactionreference	Alphanumeric & hyphens (25)	Submit the transactionreference returned in the preceding ORDER response.
paymenttypedescription XPath: /billing/payment/@type	Alpha (20)	This value must be submitted as “PAYPAL”.
paypaladdressoverride XPath: /billing/payment/paypaladdressoverride	Numeric (1)	Must be the same value submitted in the ORDER request.
requesttypedescriptions XPath: /@type Note: The XML submission is comprised of two separate requests. We recommend using the example above to help structure this request.	List	Submit “ORDERDETAILS” and “AUTH”, as shown in the request example above.
sitereference XPath: /operation/sitereference	Alphanumeric & underscore (50)	The site reference relates to your individual account which you received on setup. If you do not know your site reference, please contact our Support Team.

ORDERDETAILS AUTH response example

Here is an example of a combined ORDERDETAILS then AUTH response. Notice how the response is divided into two parts; the first represents the “ORDERDETAILS” response and the second represents the “AUTH” response (as indicated by the values of the requesttypedescription fields).

{
u 'requestreference': u 'A0dcb11e6',
u 'version': u '1.00',
u 'responses': [{
u 'transactionreference': u '72-32-20003',
u 'merchantname': u 'Test Merchant',
u 'billinglastname': u 'PAYPALLastName',
u 'transactionstartedtimestamp': u '2020-06-01 15:36:00',
u 'paypalpayerstatus': u 'verified',
u 'parenttransactionreference': u '72-32-20002',
u 'accounttypedescription': u 'ECOM',
u 'errorcode': u '0',
u 'settleduedate': u '2020-06-01',
u 'billingcountryiso2a': u 'GB',
u 'paypalpayerid': u 'e018408a43pid',
u 'paypaladdressstatus': u 'Confirmed',
u 'billingemail': u 'paypal.email@example.com',
u 'requesttypedescription': u 'ORDERDETAILS',
u 'errormessage': u 'Ok',
u 'billingfirstname': u 'Andru00e9',
u 'operatorname': u 'webservices@example.com',
u 'livestatus': u '0',
u 'settlestatus': u '0'
}, {
u 'transactionreference': u '72-32-20004',
u 'merchantname': u 'Test Merchant',
u 'paymenttypedescription': u 'PAYPAL',
u 'authcode': u '44782-D149613359266',
u 'transactionstartedtimestamp': u '2020-06-01 15:36:00',
u 'errormessage': u 'Ok',
u 'parenttransactionreference': u '72-32-20003',
u 'accounttypedescription': u 'ECOM',
u 'errorcode': u '0',
u 'settleduedate': u '2020-06-01',
u 'currencyiso3a': u 'GBP',
u 'baseamount': u '2001',
u 'acquirerresponsecode': u 'None',
u 'requesttypedescription': u 'AUTH',
u 'operatorname': u 'webservices@example.com',
u 'livestatus': u '0',
u 'settlestatus': u '0'
}]
}

array(3) {
  ["requestreference"] => string(9) "A58cdfkpy"
  ["version"] => string(4) "1.00"
  ["responses"] => array(2) {
    [0] => array(19) {
      ["transactionreference"] => string(11) "72-32-20003"
      ["merchantname"] => string(13) "Test Merchant"
      ["billinglastname"] => string(14) "PAYPALLastName"
      ["transactionstartedtimestamp"] => string(19) "2020-06-01 15:36:00"
      ["paypalpayerstatus"] => string(8) "verified"
      ["parenttransactionreference"] => string(11) "72-32-20002"
      ["accounttypedescription"] => string(4) "ECOM"
      ["errorcode"] => string(1) "0"
      ["settleduedate"] => string(10) "2020-06-01"
      ["billingcountryiso2a"] => string(2) "GB"
      ["paypalpayerid"] => string(13) "e018408a43pid"
      ["paypaladdressstatus"] => string(9) "Confirmed"
      ["billingemail"] => string(24) "paypal.email@example.com"
      ["requesttypedescription"] => string(12) "ORDERDETAILS"
      ["errormessage"] => string(2) "Ok"
      ["billingfirstname"] => string(10) "Andru00e9"
      ["operatorname"] => string(23) "webservices@example.com"
      ["livestatus"] => string(1) "0"
      ["settlestatus"] => string(1) "0"
    }
    [1] =>array(17) {
      ["transactionreference"] => string(11) "72-32-20004"
      ["merchantname"] => string(13) "Test Merchant"
      ["paymenttypedescription"] => string(6) "PAYPAL"
      ["authcode"] => string(19) "44782-D149613359266"
      ["transactionstartedtimestamp"] => string(19) "2020-06-01 15:36:00"
      ["errormessage"] => string(2) "Ok"
      ["parenttransactionreference"] => string(11) "72-32-20003"
      ["accounttypedescription"] => string(4) "ECOM"
      ["errorcode"] => string(1) "0"
      ["settleduedate"] => string(10) "2020-06-01"
      ["currencyiso3a"] => string(3) "GBP"
      ["baseamount"] => string(4) "2001"
      ["acquirerresponsecode"] => string(4) "None"
      ["requesttypedescription"] => string(4) "AUTH"
      ["operatorname"] => string(23) "webservices@example.com"
      ["livestatus"] => string(1) "0"
      ["settlestatus"] => string(1) "0"
    }
  }
}

{
  "requestreference":"W23-fjgvn3d8",
  "version":"1.00",
  "response":[{
    "transactionreference":"72-32-20003",
    "merchantname":"Test Merchant",
    "billinglastname":"PAYPALLastName",
    "transactionstartedtimestamp":"2020-06-01 15:36:00",
    "paypalpayerstatus":"verified",
    "parenttransactionreference":"72-32-20002",
    "accounttypedescription":"ECOM",
    "errorcode":"0",
    "settleduedate":"2020-06-01",
    "billingcountryiso2a":"GB",
    "paypalpayerid":"e018408a43pid",
    "paypaladdressstatus":"Confirmed",
    "billingemail":"paypal.email@example.com",
    "requesttypedescription":"ORDERDETAILS",
    "errormessage":"Ok",
    "billingfirstname":"Andru00e9",
    "operatorname":"webservices@example.com",
    "livestatus":"0",
    "settlestatus":"0"
  },
  {
    "transactionreference":"72-32-20004",
    "merchantname":"Test Merchant",
    "paymenttypedescription":"PAYPAL",
    "authcode":"44782-D149613359266",
    "transactionstartedtimestamp":"2020-06-01 15:36:00",
    "errormessage":"Ok",
    "parenttransactionreference":"72-32-20003",
    "accounttypedescription":"ECOM",
    "errorcode":"0",
    "settleduedate":"2020-06-01",
    "currencyiso3a":"GBP",
    "baseamount":"2001",
    "acquirerresponsecode":"None",
    "requesttypedescription":"AUTH",
    "operatorname":"webservices@example.com",
    "livestatus":"0",
    "settlestatus":"0"
  }],
  "secrand":"zO9"
}

<responseblock version="3.67">
  <requestreference>X538160153</requestreference>
  <response type="ORDERDETAILS">
    <merchant>
      <merchantname>My Test Site</merchantname>
      <operatorname>webservices@example.com</operatorname>
    </merchant>
    <customer>
      <town>PAYPAL City</town>
      <county>MI</county>
      <street>MORE STREET</street>
      <name>
        <last>PayPalShipToName</last>
      </name>
      <premise>1 PayPalStreet</premise>
      <country>US</country>
      <ip>1.2.3.4</ip>
    </customer>
    <transactionreference>72-32-20003</transactionreference>
    <billing>
      <name>
        <last>PAYPALLastName</last>
      </name>
      <country>GB</country>
      <email>paypal.email@example.com</email>
      <telephone type="M">0777777777</telephone>
    </billing>
    <timestamp>2020-06-01 15:36:00</timestamp>
    <paypal>
      <addressstatus>Confirmed</addressstatus>
      <payerstatus>verified</payerstatus>
      <payerid>4d22e2606apid</payerid>
    </paypal>
    <settlement>
      <settleduedate>2020-06-01</settleduedate>
      <settlestatus>0</settlestatus>
    </settlement>
    <live>1</live>
    <error>
      <message>Ok</message>
      <code>0</code>
    </error>
    <operation>
      <parenttransactionreference>72-32-20002</parenttransactionreference>
      <accounttypedescription>ECOM</accounttypedescription>
    </operation>
  </response>
  <response type="AUTH">
    <merchant>
      <merchantname>My Test Site</merchantname>
      <operatorname>webservices@example.com</operatorname>
    </merchant>
    <transactionreference>72-32-20004</transactionreference>
    <timestamp>2020-06-01 15:36:00</timestamp>
    <acquirerresponsecode>None</acquirerresponsecode>
    <operation>
      <parenttransactionreference>72-32-20003</parenttransactionreference>
      <accounttypedescription>ECOM</accounttypedescription>
    </operation>
    <settlement>
      <settleduedate>2020-06-01</settleduedate>
      <settlestatus>0</settlestatus>
    </settlement>
    <billing>
      <amount currencycode="GBP">2001</amount>
      <payment type="PAYPAL"/>
    </billing>
    <authcode>83154-D140912749345</authcode>
    <live>1</live>
    <error>
      <message>Ok</message>
      <code>0</code>
    </error>
  </response>
  <secrand>oSs0Vl</secrand>
</responseblock>

Field specification

Because many of the fields returned in this response are also found in a standard AUTH response, we have only listed the most important fields below, which are relevant when handling PayPal responses.
Click here for the full AUTH specification.

	Field	Format	Description
	accounttypedescription XPath: /operation/accounttypedescription	Alpha (20)	The value returned is “ECOM”.
	errorcode XPath: /error/code	Numeric (1-5)	The error code should be used to determine if the request was successful or not. If the error code is “0” then the transaction was successful. If the error code is not “0” then the transaction was not successful. Remember to check the error response in both ORDERDETAILS and AUTH responses. Click here for a full list of errorcode and message values.
	errordata XPath: /error/data	Alphanumeric (255)	Additional information to help troubleshoot the error. Remember to check the error response in both ORDERDETAILS and AUTH responses. Only returned if there has been an error.
	errormessage XPath: /error/message	Alphanumeric (255)	This is the corresponding message to the above code. Remember to check the error response in both ORDERDETAILS and AUTH responses. Click here for a full list of errorcode and message values.
	livestatus XPath: /live	Numeric (1)	0 – Transaction processed using a test account. 1 – Transaction processed using a live account.
	merchantname XPath: /merchant/merchantname	Alphanumeric (255)	These are details associated with the account used to process the transaction. To amend these fields, please contact our Support Team. Depends on your account configuration.
	operatorname XPath: /merchant/operatorname	Alphanumeric (255)	The value of this field contains the name of the user that processed the request.
	parenttransactionreference XPath: /operation/parenttransactionreference	Alphanumeric & hyphens (25)	This field is returned in both sections of the response, referring to previous requests processed in the sequence.
Only returned in AUTH response	paymenttypedescription XPath: /billing/payment/@type	Alpha (20)	The value returned is “PAYPAL”.
Only returned in ORDERDETAILS response	paypaladdressstatus XPath: /paypal/addressstatus	Alpha (25)	The status of the address with PayPal. Either “Confirmed” or “Unconfirmed”.
Only returned in ORDERDETAILS response	paypalpayerid XPath: /paypal/payerid	Alphanumeric (255)	Unique PayPal customer account number.
Only returned in ORDERDETAILS response	paypalpayerstatus XPath: /paypal/payerstatus	Alpha (25)	The status of the payer with PayPal. Either “verified” or “unverified”.
	requesttypedescription XPath: /@type	Alpha (20)	“ORDERDETAILS” and “AUTH” are returned in their respective responses.
	settleduedate XPath: /settlement/settleduedate	Date YYYY-MM-DD	The date on which the transaction will be settled.
	settlestatus XPath: /settlement/settlestatus	Numeric (3)	The value returned in the AUTH response is used to determine the transaction status. Click here for further information on the settlestatus field and the settlement process for PayPal.
	transactionreference XPath: /transactionreference	Alphanumeric including hyphens (25)	Unique references for both requests, assigned by Trust Payments.
	transactionstartedtimestamp XPath: /timestamp	Date time YYYY-MM-DD hh:mm:ss	The time each request was processed.

Further reading on this topic