The title says it all. Anyone care to guess?
Here's the email:





Dear ****,

We're sending this notification today to inform you of enhancements to the Payment Review feature coming this September. Most importantly, if you are using Instant Payment Notification (IPN), Payment Data Transfer (PDT), or the GetTransactionDetails API, we want to make sure your integration will be ready for these enhancements.

As you may recall, the Payment Review feature identifies high-risk transactions and notifies merchants of the review so they can hold shipments until PayPal has evaluated the transaction risk. PayPal currently notifies merchants of the review via email, as well as transaction status within their PayPal account. For on-eBay transactions, eBay GetItemDetails API and payment status within My eBay also provides notifications of Payment Review.

Please note: Payment Review is typically applied prior to completing the transaction (instantly), but will occasionally be applied minutes after the transaction completes. PayPal plans to migrate entirely to instant Payment Review by early 2009.

In September, PayPal is introducing new ways to determine which payments are placed under review. The enhancements will allow you to access the status of all transactions under review through Instant Payment Notification (IPN), and by checking the status of transactions with the GetTransactionDetails API or with Payment Data Transfer (PDT).

Here’s what you need to know about the Payment Review enhancements. You should prepare for potential integration changes to ensure that you can support the new payment status and pending reason.

Changes to GetTransactionDetails API

When PayPal places a payment under review, the GetTransactionDetails response will contain the following:

The Status field will be set to Pending
The PendingReason field will be set to PaymentReview
We’ve also implemented a ProtectionEligibility field that tells the merchant what kind of protection applies to the transaction.

As Payment Review can be applied minutes after the initial payment, an API call 15 - 30 minutes post-payment would determine if the transaction has been placed under review.

Changes to IPN

Merchants will receive the following IPNs when PayPal places a payment under review prior to completing the transaction (with release 54.0, this will only occur for reviews applied instantly – in early 2009 Payment Review IPNs will be available for all transactions under review):

The payment_status IPN variable will be set to Pending
The pending_reason IPN variable will be set to PaymentReview
Note: A Payment Review IPN will not be sent if the transaction is placed under Payment Review minutes after the transaction completes. In this case, the GetTransactionDetails API can be used to determine status.

When the transaction review has been resolved, you’ll receive the following IPNs:

If the transaction was successful and the payment accepted, the IPN’s payment_status variable will be set to Completed
If the transaction failed and the payment rejected, the IPN’s payment_status variable will be set to Reversed
In addition, we have a new protection_eligibility IPN variable that notifies merchants of the kind of protection applicable for the transaction (e.g., ExpandedSellerProtection means the seller is protected by Expanded Seller Protection, and SellerProtection means the seller is protected by the PayPal Seller Protection Policy).

Changes to PDT

The following PDT variables reflect the status of a transaction placed under review:

The payment_status will be set to Pending

The pending_reason will be set to PaymentReview

As with the IPN and GetTransactionDetails API operations, you can also find out about seller protection through the new protection_eligibility variable.

Download the PayPal Order Management Integration Guide for more information on IPN and PDT.

For more information on GetTransactionDetails, review the Name-Value Pair API Developer Guide and Reference or the SOAP API Developer Reference.

If you have any questions or need support in integrating, visit the Integration Center.

Sincerely,

PayPal Merchant Support



© 2008 PayPal Inc. All rights reserved. PayPal is located at 2211 N. First St., San Jose, CA 95131.

Are you programing API's for Paypal/Ebay? Do you have a E-store with Paypal integrated? If not, then it is a mystery why you received that email... as always, DON'T REPLY from the email, go directly to Paypal and ask. Anything else is dangerous to your financial status :)

I don't even know what an API or an e-store is. I buy and sell on ebay and have an account with pay pal but that is about it.

I received one of these as well and promptly deleted it. I suggest you do the same.

You can contact paypal direct or send that e-mail to paypal by forwarding it to spoof@paypal.com. I reccommend that be the first thing you do as it looks like a scam

I got one also-- me thinks it was aimed at another type of user besides us common sellers... API's use the features of one program to grab info/resources of another program to and make use of that info or resource... basically I think the email is telling us that if we used these specific "calls", what we get in the future will be a bit different from what we got in the past. In other words, "If you program API's for your store, get ready to make changes; and by the way, this is an improvement." :)

More and more today online entities are 'exposing' elements of their systems via API (Application Programming Interface) to others for the purpose of integration.

The easiest way to determine if the email is legit or not is this:
If the email addresses you in a generic fashion ("Dear valued PayPal customer") as opposed to the actual username you registered with them, then it's absolutely a phish attempt. Immediately forward it to the legit entity so they can take the appropriate action. And remember: NEVER click on any links provided in a suspicious email.

It might be a spoof email. Check with PayPal. I'm a PayPal member and I did not get any forms that look like that. Also never click on any links in the email.

It might be a spoof email. Check with PayPal. I'm a PayPal member and I did not get any forms that look like that. Also never click on any links in the email.

Spoofers do not generally send out emails describing changes to the values returned by API functions.

It's legitimate. Another reason I only use Paypal if I have to as a seller.

Paypal is enhancing many seller services over the next few months. If you have used eBay's turbo lister, or more advanced management tools; or if you have been a power seller; if you have used Paypal's shipping label and postage capabilities for eBay purchases, or have sold more than a certain number of $$$ through eBay/Paypal, then you got this e-mail, or will probably get it shortly.

Paypal has taken a lot of flack for their decision to withhold some proceeds for 21 days or longer from transactions they consider as potentially problematic. Criteria included categories prone to problems (like used electronics and collectibles), and inexperienced Paypal/ eBay sellers. I think this e-mail is trying to show that there will be tools and support for sellers as well.

As a victim of the chargeback scheme, I was pleased to see that Paypal will begin offering protection to all sellers (not just power sellers) who follow Paypal guidelines (quick shipment to the Paypal address, use of tracking and insurance, etc.)

Paypal has hinted that sellers will get more advanced information, especially about International purchasers, that can help sellers to avoid problems. This e-mail seems to say that if you sell something, and Paypal thinks the payer or payment might be problematic, then they will let you know almost immediately after the payment is made, meaning before you ship your item. This can allow a seller to take extra precautions (like signature confirmation, or even calling the buyer before making the shipment). In a worse case, it might make the seller decide to refund the payment, although you might get feedback slaps for this.

If true, this will be a tremendous help to me. I try to be careful, and this will add another tool for me to use.

It likely means PayPal has determined yet another incremental way to stack the deck in their favor.