There are two ways that DPD prevents the unauthorized download of your products:
- Processor / Sale Authentication
- Vendor Configured Download Controls
Processor / Sale Authentication:
DPD downloads must be authenticated by the processor that collected payment before a download URL is authorized and activated.
Using the Instant Payment Notification (IPN) from processors, DPD checks the sale and payment amount against the product's record in DPD- if the authentication and product price match, a download is authorized and a download URL, unique to that specific transaction, is activated on the DPD site. The customer is then both automatically directed to their download URL and sent an email containing their unique download URL if it's needed later.
This processor / sale authentication process is 100% automatic and happens in a fraction of a second- no vendor intervention is necessary.
Vendor Configured Download Controls:
Vendor configured download controls include the following:
- Download Attempt Limit
- Download Time Limit
Download Attempt Limit
Set at the website / store level, the download attempt limit sets the number of times a buyer can successfully click the download button on their unique download URL. After the limit has been reached the download page will no longer work for the buyer and they will have to contact you to reactivate the purchase in DPD.
This prevents the buyer from sharing their download URL with friends or on a forum, etc. and everyone downloading your product.
DPD recommends this limit be set to 3 or higher to prevent unintentional lockout of your buyers from downloading your products. Many buyers utilize download accelerators that pre-fetch or cache links on pages before they even click on them- each hit by these accelerators also counts as a click in the DPD system, so it's possible for a buyer to be locked out before they even click on the link when the limit is set too low!
Download Time Limit
The download time limit is the length of time that the unique download page for this transaction remains active. After the time limit has expired the download page will no longer work for the buyer and they will have to contact you to reactivate the purchase in DPD.
This is another measure to prevent sharing of your link with others, and in the even that it is shared prevents permanent download access to your products.
The download time limit should be set based on the size of your products. Also, many buyers purchase items at work and then download them later when they get home. For these reasons, we recommend that you allow download links to remain active for at least 48 hours so that the buyer has ample time to download your product after they have paid you. If your product is very large, for example a 1GB video, then you may want to allow more time to ensure that they can return to their download later if they need to stop.
DPD recommends you use one vendor configured download control or the other and not both. If you do decide to use both, resist the urge to overly restrict your buyers by setting your controls too low. Your buyers may lose their internet connection or need to wait to download your product until they are at home- setting your download controls too strictly will prevent legitimate buyers from downloading your products, making them extremely unhappy customers.
From our experience nothing makes a buyer more angry than paying for a vendor's product and then getting locked out before they can successfully download it, so think of your customer's purchasing experience when setting download controls!