The Design Part review for Lay‑Buys Virtual Terminal
Feb. 8, 2020
Honnestly, this app should get a serious review of the Shopify app store... The first red flag for me was that the copyright on their user-interface says 2014... I mean, in how far should you trust a payment gateway system that hasn't updated their copyright since 2014, or even taken the time to add the necessary code that shows the current year? (What about GDP regulations of 2019?) I installed the app and honestly was very skeptical from the start: there are countless grammar errors on the user-facing side of the app, the whole user experience doesn't make any sense, as it displays different installation processed in different places + it seems like there are no actual fixed names for any of the functionalities. I believe that this app was written by a single person, which also leaves me a little worried. Now, the actual installation doesn't actually work... The "install embedded app", which I believe should either take you to an app that would create an embed on the front end of the website or install the code for it, simply redirects you to the first page of the app. I then contacted support, which I believe wrote the app (Warrin), he didn't address the issue that I mentioned in my message but instead asked me to "Then finally do a copy of your PayPal credentials into your dashboard, per steps below". Strangely enough, the app doesn't have any inputs for these Paypal credentials, which I also mentioned in my message, but he didn't address the issue. Then, what I found very strange, is that the app and he specifically ask you for the Paypal credentials. (Email address + Password + Signature). * This is against Paypal's terms. A third-party app that functions with Paypal, should make use of the technology using API keys or webhooks, and never ask a user for the account email or password directly. Anyway, I now deleted the app from the store, and I believe that Shopify should seriously review this, and I believe that the developer should make sure to update the app, remove the bugs, have a clear user experience (not use different terms in different places), and review its functionality to ensure it's actual operations are legal. I wouldn't waste my time downloading, as the actual app simply doesn't even work...
Hi Max, I saw your rating for our App. I will review with my development team in our weekly meeting this week. Please see my comments below in response to your points: “”user-interface says 2014... I mean, in how far should you trust a payment gateway system that hasn't updated their copyright since 2014, or even taken the time to add the necessary code that shows the current year? (What about GDP regulations of 2019?)”” This is a fair point and we need to update our 2014 text. We did update our privacy and other regulations to adhere to GDP in 2019. We will have this updated this/next next week. “”grammar errors on the user-facing side of the app, the whole user experience doesn't make any sense, as it displays different installation processed in different places + it seems like there are no actual fixed names for any of the functionalities.”” We will check for these grammar errors. Don’t really understand your other comment “”I believe that this app was written by a single person, which also leaves me a little worried.“” No, a team of 1 designer, 2 developers. Behind the App is a payment gateway with in/out APIs that communicate with PayPal. So also a PayPal developer. “”Now, the actual installation doesn't actually work... The "install embedded app", which I believe should either take you to an app that would create an embed on the front end of the website or install the code for it, simply redirects you to the first page of the app.”” You state that you believe an install of embedded app will either take you to an app that would create an embed on the front end of the website or install the code for it. Our App does not function this way. The App only performs reporting functionality and resides within a merchant store’s backend admin, for their payments tracking for all lay-buy orders. “”The app doesn't have any inputs for these Paypal credentials”” The App doesn’t have a tab or input section for PayPal credentials because the App only performs reporting functionality. Our gateway and APIs, webhooks communicate with PayPal’s APIs (seven PayPal APIs) “”A third-party app that functions with Paypal, should make use of the technology using API keys or webhooks, and never ask a user for the account email or password directly.”” As stated above, the App performs only a payments reporting function. We do not ask merchants for their PayPal email and password - as a third party gateway partner, we ask merchants for their three credentials in order for us to match the recurring payment transactions to their profile for payments to be paid directly into their PayPal accounts. We are a global PayPal partner with our gateway and APIs, webhooks communicating with PayPal’s APIs (seven PayPal APIs). This partnership includes PayPal tracking all global payments, we pass for their processing. Thanks Warrin Warrin Van Deventer Chief Executive Lay-Buy Financial Solutions Pty Ltd