Paypal – "Referencing Customer ID"

Hey guys,

I was wondering if there was another way to secure the “customer ids” which are sent to paypal.

Cheers
Mike

does the paid version have some control on what is sent to paypal?

Hello Michael,

No with the pro version you don’t get this extra control. As I’m aware, the only non-hacky way to get the customer’s ID is by checking the replacement codes available under Dashboard -› s2Member® -› API / Notifications.

Although you would need to find it under the “event” in which you need to grab the customer ID. Although I’m not sure if s2Member offers access to this ID, you’ll have to check.

– Eduan

Actually i dont want to grab the ID i prefer if something else was sent to paypal such as the email so that if the request was intercepted it wouldn’t give out the wordpress ids

Ah I see. For this you would need to edit s2Member itself I’m afraid. Don’t know where though. :/
I will contact Jason about this so that he can consider this. :)

– Eduan

Thanks Eduan. I just think from a security perspective its probably best to not send the user’s id, same way we try to protect the admin id.

Yes I understand what you mean. :)

I contacted Jason sharing this opinion, if he says anything I’ll tell you. :)

– Eduan

Thanks Eduan

No problem. :)

Thanks for the heads up on this thread.

A User’s ID is not top secret information. I’m not aware of any security issue related to the use of a Customer’s ID in transaction details sent to PayPal as a reference to that User. It would actually be more secure than sending, oh say, their email address, which would be a privacy concern for sure.

That being said, if you’d like to upgrade to s2Member Pro, with the use of Pro Form there are no payment “Buttons”, and thus there is no reason for s2Member to send a Customer ID or email address through a “Button”. In the case of s2Member Pro, all communication with PayPal is handled via the PayPal Pro API. So that would allow you to bypass any details being sent to PayPal in the button, if you prefer.