Developing a site that requires monthly subscriptions via PayPal. If a buyer has an account this is no problem via ExpressCheckout. The client has a (UK-based) Pro account though and wants to provide the option of payment by card.
As far as I can work out from the ‘Website Payments Pro Integration Guide’ this requires setting up a dual payment option on my site, giving the user the option of paying ‘via Paypal’ (ie ExpressCheckout) or by card, at which point my site would provide a PCI compliant card capture form that would submit to PayPal using DirectPayment. Going through PCI compliance isn’t really an option. It seems weird that PayPal doesn’t offer a hosted solution for this, or am I just being stupid?
TL;DR: Is it possible to process recurring card payments via PayPal in the UK using a PayPal hosted card capture form?
Site is bespoke PHP.
The PayPal API allows for recurring payments with Direct Payment:
PayPal holds the account number and other pertinent information (including billing frequency) while your application stores the Profile ID.
PCI compliance is never an option. It is always a requirement. However, the rules for compliance are far less stringent (including forgoing auditing) for companies that don’t perform a high volume of transactions per year.