I have some doubts i'm creating paypal express getaway with omnipay library. I want the fields Username and Password to be stored in database. So admin can edit this settings from the settings menu in my app.
Should they be vissible i mean should be stored in database like plain text. What are the damage user can do if get the API password and username? also the signature will be here.
Any help will be appreaciated. Thanks
It's theoretically possible for someone to make a payment from your PayPal account with the username and password, and so therefore you should make sure that they are encrypted or protected in some way.