Monthly Archives: September 2013

Battle Hack Austin Day One


Austin is famous for their BBQ, music scene and hosting the SXSW conference each year, so it was natural for us to head south to hold the seventh in the Battle Hack hackathon series. Being in “Silicon Hills” was exciting — and great to connect with the tech community there.

Austin Battle Hack was unique because of the event’s location — we teamed up with TechShop Austin. TechShop has several locations around the country and provides access to tools, software and space to create all types of hardware hacks. Because of it’s unique service to the tech community, TechShop was able to provide demos on laser cutting and water jets. Attendees toggled from working on software hacks and playing with all that TechShop had to offer, including creating some great projects like this Raspberry Pi housing:


Want more details on Day One of Battle Hack Austin? Check out our Storify here.

Open sourcing genio


The PayPal Developer team strives to build SDKs and Tools that make it easy for developers and integrators to work with PayPal APIs. Our SDKs are designed with a shared core component that handles cross cutting concerns and different API specific components that contain model classes and utility wrappers.

When we sat down to write the API specific components, lazy developers that we are, we looked out for code generation tools that we could bootstrap on. We found a few open source code generators such as java2wsdl but none that had support for custom templates or could generate classes in multiple languages. So we sat down to write genio (pronounced ‘genie-oh’), our very own code generator that we are happy to now open source.

genio is a pluggable code generation system that can parse various API specification files into a generic model. The parsed model is pumped through a set of templates to generate full fledged classes with class documentation from the API specification file and custom logic for plugging into our core SDKs. The SDKs that you see on GitHub have all been generated using the tool. genio has helped us upgrade our SDKs and other tools within minutes of a new release. The upgrade is often triggered by a git commit hook on the API repo. When we released the new REST APIs back in February, we wrote a new WADL parser that produced genio compliant model objects and with a few minor tweaks to our templates, we were ready with the first version of our REST SDKs. Subsequently we switched to using the Google discovery format and it was a trivial task for us to start generating the SDKs using the new specification format. In all, the current release has parsers for WSDL, WADL and the Google discovery format. We will follow up this release with API documentation generation features and support for JSON schema version 4.


How genio can be useful to you

What has been useful to us is potentially useful to other developers as well. When we saw other groups in eBay Inc. show interest in genio, we plugged new templates to the genio parser to build API references, testing tools, API explorers and so on. And now, we are open sourcing it, hoping that the developer community can benefit as well and also contribute with enhancements.

Any project that implements or consumes APIs can use genio to generate service stubs, client stubs, testing tools etc. genio is being released as two ruby gems:

  • genio-parser that parses service specification files into a generic model and
  • genio that provides a set of templates and uses genio-parser to generate code.

The client templates shipped with genio in this release generate client stubs that can be plugged directly into our core SDKs. If you have a preferred service framework, you can write new templates that are specific to your framework. You can contribute new templates to genio or add support for new specification formats in genio-parser. We will be thrilled to accept those that target widely used open frameworks / API specification formats.

Look at the genio samples repository for example code generated using genio. Do look out for our next blog post that will tell you how genio can be extended to suit your needs.

PayPal Agrees to Acquire Braintree: What it Means for Developers


As you’ve probably heard by now, we will be acquiring Braintree and it will be a separate service within PayPal. Separately, our two companies have worked to achieve a similar vision—to create the world’s leading payments platform. Together, we offer a compelling combination of scale, expertise, and disruptive technologies that will enable us to achieve this shared vision at a greatly accelerated pace.

As exciting as this announcement is for us, we believe that developers are the real winners here. For PayPal, one of the most important goals behind the acquisition of Braintree is to deepen our commitment to developers and strengthen our ability to provide you with the best tools and best service possible. By joining forces with Braintree, we can accelerate the creation of innovative developer solutions that are global in scale and relevant in any market and in every channel.

Now that Braintree is joining PayPal, it’s safe to assume that there will be questions within the developer community about what you can expect going forward. So we wanted to take a few moments to share our thoughts about how we’ll work together, and what this acquisition means for you.

Our plan is for Braintree to be offered as a separate service within PayPal under the continued leadership of Braintree CEO Bill Ready. There will be no major changes or disruptions—PayPal’s developer team will continue to support you and your business. Our developer team will continue to build upon our existing products and innovate to create new ones. On the Braintree side, their management team will stay in place and Braintree’s technology and support teams will continue to have the freedom to innovate and provide world-class support to developers.

Our ultimate goal is to extend Braintree’s mobile technologies and support team to access the rich capabilities of the PayPal global network and make it easier to create seamless payment solutions that span online, mobile, and in-store experiences.

In the short time that the leadership teams from PayPal and Braintree have worked together, it has become clear that our vision is very closely aligned. We know many of you have a similar vision. We look forward to working with you to continue to push the boundaries of innovation.

John Lunn Global Director of PayPal’s Developer Network

Continue reading

How does PayPal Beacon work


As you probably heard, we announced a very cool piece of hardware today called PayPal Beacon. As a geek, of course I wanted to find out how exactly it works and what this means as a developer.

First, it is important to understand how PayPal check-in works and then we can delve into how Beacon fits in. If you have the new PayPal app, you will notice that there is a “Shop” tab that allows you to find stores nearby that accept PayPal. Once you have found a location, you can check in by swiping the button fromleft to right.

The merchant makes a call every so often from their point-of-sale system (it could be PayPal Here or one of our partners like MICROS, NCR, ShopKeep, Vend, etc.). This call asks “who is in my store?” and returns the ID and photo of consumers that are present. These are displayed on the POS, ready for use by the merchant when you enter the store.

When the merchant wishes to bill you, she selects your name and photo. The POS makes a call to PayPal requesting money from your user ID and the transactions occurs. So, how does Beacon change this? Basically it makes it even easier for anyone with a cell that supports BLE (Bluetooth Low Energy). Just entering the store activates the PayPal app on a consumer’s cellphone and checks them in automatically. There’s no need for them to take their phone out of their pocket or purse. If this is their first visit, the app will ask them if they want to check in. If they decline, or ignore the prompt altogether, their information is never shared with PayPal or the merchant.

Let’s dig deeper into how BLE actually works in this model. A BLE connection consists of a central device and a peripheral device. A common example is a heart rate monitor (peripheral) sending pulse readings to the phone (central) during exercise. BLE assumes that the central device is likely to be more sophisticated and have more batterythan a peripheral device. In the case of PayPal Beacon, the phone is the central, and our beacon is the peripheral. The peripheral sends out advertising beacons on a regular basis that embed a service UUID as well as a few bytes of advertising data. The central device observes these services and can then establish a connection if it understands the UUID. The peripheral then exposes an attribute dictionary, the central can read and write to this dictionary, as well as subscribe to be notified of any changes. In the typical use case, the peripheral would be observing some activity and reporting results to the central.

In our case, we expose a more generic set of request/response values in the dictionary. When the phone wants to make a request, it writes to the request entry; responses are notified through the response entry. PayPal Beacon, rather than observing local events, either handles requests directly or passes them on to the PayPal servers. The server provides a response to be sent back through the response entry. In short, the Beacon acts as a communication bridge for requests that it cannot service itself. This allows PayPal Beacon to handle sophisticated queries from the phone—fetching information about a particular location, making requests to check in, getting a check-in response, or receiving a payment notification.

When the consumer comes in range of a Beacon, the PayPal app wakes up, connects to the Beacon, and requests a Beacon token. The Beacon selects an unused Beacon token from its cache, and sends across a cryptographic nonce, some metadata, and a cryptographic signature. The phone verifies the signature with a public key embedded in the app, and then makes a check-in decision based on the metadata. If the phone has never seen this location or merchant before, the app asks the consumer whether they’d like to check in, and whether they’d like to check in automatically in the future.

The app then encrypts some data, for the Beacon to forward on, uninterpreted, to the PayPal servers. The server decrypts the data and checks in the consumer. The server then returns an encrypted message back to the Beacon, which forwards it back to the app. The app decrypts and verifies the response and disconnects from the Beacon.

If, on the other hand, the consumer decided not to check in, the app simply disconnects from the beacon. The initial interaction was completely anonymous; it cannot even be detected whether the same phone had made a request before. This means that neither PayPal nor the merchant can track or identify the consumer unless they actively opt in. The final exciting thing about this design is that PayPal Beacon still works in places that where cell phones have no network or wireless coverage. This is common in many stores around the world as consumers are usually indoors.

As a developer working with the mobile in-store API, you will do many of the same things as I mentioned at the beginning of the blog. You make a call that asks “who is at my location?” and then a follow-on call to charge this individual.

I’m sure your brain is now spinning with ways you could use Beacon. If you want to be one of the luckypeople to get one of our early release devices and access to the API, please go to and tell us what you would build. We will pick the winners and be in touch.

PayPal boosts entrepreneurship in Latin America alongside Start-Up Chile


Our commitment to strengthen eCommerce in emerging markets across the Latin American region began at the merchant and consumer level—but now PayPal is investing in developers to foster entrepreneurship in Chile, and as a result expand global opportunities.

Today we are proud to announce our collaboration with Start-Up Chile, a government program focused on encouraging world-class entrepreneurs to use Chile as a launchpad to start their business and grow globally. This strategic alliance marks an important milestone for PayPal’s developer expansion in Chile during the year of innovation in the country.

Through these efforts, Start-Up Chile members will be able to leverage PayPal’s developer platform and latest technologies as well as attend webinar events while receiving a discounted processing fee.

In addition, we have also launched new REST APIs and tools for Latin American developers. By building our new APIs on modern, standards-based technologies such as REST, OAuth and JSON, we’ve made it even quicker, easier and more secure for developers to integrate PayPal into their applications.

To get started, developers must go to and log in with their PayPal account. They may start coding using our dynamic documentation and integration tools. It’s very simple—in fact, one of our New York City Battle Hack teams had only five weeks of coding experience, and incorporated it into their application within a few hours.

We are confident that working alongside Start-Up Chile, local entrepreneurs will have larger opportunities to grow their business globally as well as expand their network.

We will continue releasing new developer capabilities throughout the year and encourage developers to give us feedback about these APIs via Twitter using the following handle: @PayPalDev.