PayPal recurring payments with Trial period

Question

I'm trying to implement PayPal subscriptions system with following features:

• 1st month of service on the application would be completely free after which user will pay monthly amount.

I have written the following code like below:

BillingPeriodType periodType = BillingPeriodType.MONTH;
                    switch (subs)
                    {
                        case("Month"):
                            periodType = BillingPeriodType.MONTH;
                            break;
                        case("Year"):
                            periodType = BillingPeriodType.YEAR;
                            break;
                    }
                    BasicAmountType paymentAmount = new BasicAmountType((CurrencyCodeType)EnumUtils.GetValue("USD", typeof(CurrencyCodeType)), subType.Price);
                    BillingPeriodType period = periodType;
                    BillingPeriodDetailsType paymentPeriod = new BillingPeriodDetailsType(period, 1, paymentAmount);
                    ScheduleDetailsType scheduleDetails = new ScheduleDetailsType();

                    /*Free trial period of 1 month for monthly sub*/
                    if (periodType == BillingPeriodType.MONTH)
                    {
                        scheduleDetails.TrialPeriod = new BillingPeriodDetailsType(BillingPeriodType.MONTH,1, new BasicAmountType((CurrencyCodeType)EnumUtils.GetValue("USD", typeof(CurrencyCodeType)), "0.01"));
                        scheduleDetails.TrialPeriod.TotalBillingCycles = 1;
                    }
                    else if (periodType == BillingPeriodType.YEAR)
                    {
                        scheduleDetails.TrialPeriod = new BillingPeriodDetailsType(BillingPeriodType.YEAR, 1, new BasicAmountType((CurrencyCodeType)EnumUtils.GetValue("USD", typeof(CurrencyCodeType)), "0.01"));

                    }

                    scheduleDetails.Description = "//Some description"
                    scheduleDetails.PaymentPeriod = paymentPeriod;
                    createRPProfileRequest.CreateRecurringPaymentsProfileRequestDetails.ScheduleDetails = scheduleDetails;
                    CreateRecurringPaymentsProfileReq createRPProfileReq = new CreateRecurringPaymentsProfileReq();
                    createRPProfileReq.CreateRecurringPaymentsProfileRequest = createRPProfileRequest;

This raises to me a huge security concern...

So let's suppose user subscribes for monthly subscription and get 1 month for free... 

This way, nothing stops the user to cancel the subscription the last day and then to re-subscribe once again and re-use the 1 month trial period for free...

Currently of the users's information on PayPal I only store ProfileID information into the DB....

Is there any efficient way to see if the user has used free trial period on my website?

Also another security concern to me is that user can simply re-register with new account and subscribe once again under completely different ProfileID

How would you guys solve this?

Answer 1

I just hope I don't misunderstood your question:

Why don't you link the users PayPal e-mail address to the registered account? In this case the user has to use a different paypal account, so it's much easier to avoid people like this.

And at the users registration, the users should already provide his billing informations. Including his PayPal e-mail address.