I hope you can help us with a question regarding taking PayPal smart button payments on our website.
We are aiming to implement the smart buttons solution – though we have some existing constraints due to other dependencies, namely we are limited to using .net framework 4.5.1.
So as a result, we’ve implemented a javascript solution as explained in the example here: https://developer.paypal.com/docs/checkout/integrate/#5-capture-the-transaction
We are concerned that it may be possible for a malicious user to tamper with the page source and modify the purchase unit amount value in the script before submitting their payment:
purchase_units: [{ amount: { value: '0.01' } }]
So that they can avoid paying the full amount for our services.
Is this a feasible scenario or is there an alternative method of processing the payment server side without using the PayPal SDK as it is dependent upon 4.6.1?
Thanks,
Matt
