A few weeks ago I looked into Amazon FPS (Flexible Payments Service), just to see what our options are for premium services like commercial support. You know, the stuff we can't give away even if we wanted to because their are real costs involved which we couldn't subsidize without going bankrupt.
Note that we're probably not going to be using FPS in the near term but I did research it exhaustively before I ruled it out (for now). While it's fresh in my mind here's the summary for the benefit of those who might be considering it as an option.
FPS has two modes of operation:
- the regular web service mode
- the "hosted" Amazon Simple Payments mode
Let's start with the regular web service mode.
Amazon Flexible Web Payments (web service)
The documentation is hundreds of pages long and it can seem complex but most of it just repeats a few basic concepts.
Payment authorization => Payment token
The underlying concept is simple. Amazon is your payment service. They mediate transactions of all sorts with your users, which may not fully trust you or your (potentially) insecure website with their financial stuff. But they trust Amazon.
To resolve this trust issue Amazon, unlike other financial services (e.g., merchant account providers or payment gateways) are always part of the user experience loop. Your site can't settle things with Amazon Payments in the background. One way or another authorization is always provided on Amazon's site, which your users of course have to log into.
As a small consolation, Amazon's payment pipeline can be co-branded by adding your logo, but that's as far you can go.
After authorizing the payment, the user is redirected back to your site bearing a gift: a payment token, which is really just a random unique ID that points to an entry in Amazon's payments database which represents the payment "contract" the user has just authorized.
You can ask Amazon to ask the user to authorize a range of payment authorization types. A one-time payment, a multi-use payment, a recurring payment at regular intervals, a prepaid balance which you can decrement value from, and a postpaid credit balance.
A one-time payment authorization is like asking for cash and is the simplest. However if you use it exclusively you'll have to keep asking the user to authorize more payments which can provide for a bad user experience.
Other payment authorization types fall somewhere between a cash one-time payment and a credit card which I just trust you to charge me appropriately.
What they have in common is that unlike a credit card they are strictly defined and limited in advance. The user sees all the fine print and has to accept it.
And that's a big gotcha. Multiple payments or postpaid? User has to authorize in advance a maximum spending limit after which the authorization expires. Recurring payments (e.g., a subscription)? Automatically expire after one year after which the user has to create a new payment authorization.
For example, the experience of authorizing a postpaid payment (I.e., the closest thing to a credit card type authorization that FPS offers) is all too close to signing up for a new credit card. And then signing up for a new credit card when the previous credit card maxes out a year later.
Amazon do this to minimize charge-backs on credit cards by for most users I expect the experience would be complex and kind of scary. You can't just skim through this part or do it drunk.
Back-end processing of payment tokens
Getting a payment token isn't the same as getting payed. It's just half the story, though once you get the token the user's involvement is finished (for this payment authorization).
It's still up to your application's back-end to pass the token to Amazon's payment API to make money change hands. Amazon doesn't make any assurances that the API will always be in-order so you'll probably want to add retry logic to your application, for robustness, even if you are just processing a one-time payment.
In case it's not clear, multi-use or recurring payment tokens don't operate themselves. Your application's billing logic will have to make a request to Amazon API whenever it's time to charge, just like with a credit card, except with more restrictions.
To make all of this complex logic and back-end stuff a bit easier to digest Amazon (like PayPal and others) provides a free development sandbox you can use to test your site before it goes into production with play money.
- There doesn't seem to be a Python interface for FPS. We would probably have to implement our own. Boto has something really simple in there but I don't what it's worth.
- Amazon payments can only withdraw to US bank accounts
- Accepting international credit cards costs an extra 1% in fees.
- Transactions below $10 are even more expensive: start off from 5% (compared with 3%).
- Even bank account debits cost 2%. Once you have volume, most credit card merchant accounts would competitively charge less then than for credit cards! (I've seen 1.9% quoted)
The above is the ghist of it. Obviously hundreds of pages of documentation contain much more detail. You can do more things with tokens than I mentioned. For example, you could reserve a payment for up to 7 days before actually settling it, you can cancel transactions, provide refunds, cancel tokens, etc.
Amazon Simple Payments
After about a couple of years I think it became clear to Amazon that FPS was way too difficult to implement for most potential users so they created a simpler version called Amazon Simple Payments.
It's based on FPS but has the back-end stuff hosted by Amazon. It doesn't support payment methods that woud need back-end calls such as prepaid or postpaid balance but the one-time and recurring payments are supported.
For some simple usage scenarios you wouldn't need any programming at all to integrate with it. Just create a of static payment button on Amazon's web site and put the HTML on your site.
For more complex usage scenarios (e.g., marketplace) where you want to have dynamic payment buttons you would just need to integrate the code that creates the HTML on your web site. The only slightly tricky part is the button signature that prevents users from changing the input variables (e.g., price) passed to Amazon for authorization.
The user provides authorization on Amazon's site, gets redirected back to your web site. No token. You just get the money deposited to your Amazon Payments account which you can then withdraw to your (US) bank account.
You can leave it at that if you don't care about security but then users can fake a payment/subscription by going through the pipeline and faking a redirect back to your web site after it was "completed". You could deliver the goods, but never get paid.
To prevent this sort of thing Amazon Simple Payments allows you to register an IPN (Instant Payments Notification) callback url which Amazon Payments will use to call up your web site once a payment is concluded.
The recommended best practice is to provide UI feedback based on the redirects but only update your database based on IPN.