Sample our learning content for free!

STEMventor LMS
Digital Payments Part 2
Vikas Mujumdar | April 2, 2020

As we read in part 1, the Electronic Funds Transfer (EFT) protocols laid the foundation for digital payments. These protocols were the basis for self-assisted transactions by customers remotely using the bank's Internet or mobile banking services, thus doing away with the need to visit a bank branch and the dependency on bank staff.

There are two other major payment systems that have evolved over the last few years: Mobile Wallets and the Unified Payments Interface (UPI).

Mobile Wallets

Mobile wallets are an innovative payment solution that work especially well for e-commerce. They are extremely simple virtual accounts maintained by the mobile wallet provider and accessed from an app on your smart phone. They should not be confused with a regular bank account, because one of the main limitations in a mobile wallet account is that you cannot withdraw currency from it like you can from a regular bank account. The technical name as per RBI regulations is Prepaid Payment Instruments (PPI) and they are also a regulated product just like other banking products, with quite stringent requirements and limits on how much money can be spent using wallets and for what.

The first step to using a mobile wallet after creating one, is to load money into it. This can be done using Net Banking or a Debit or Credit card via a Payment Gateway. So, the loading of a mobile wallet is just like an e-commerce transaction. Subsequently, you can pay for any e-commerce transaction, whether it be shopping, ordering food or a cab, using the wallet, at merchants that accept the wallet.

On the face of it, Mobile Wallets seem more cumbersome to use as they need to be pre-loaded before they can be used from the same channels (Net Banking and Credit or Debit cards) that could also be used to pay for the transaction. Which is a valid observation. Also, while bank transfers and debit/credit card payments have universal acceptance, mobile wallets have relatively limited acceptance with Merchants. The success of a mobile wallet business is highly dependent on its ability to build a network of merchants that accept the wallet.

There are two main reasons why Mobile Wallets are a still a popular option. One, you can load a small amount depending on your usage and thereby limit your potential liability due to fraud as compared to exposing your bank account or debit or credit card details. Two, you can transfer money between Mobile Wallets of family and friends. So parents can load their wallets and transfer money to their children's wallets who may not yet have access to Net Banking or Credit or Debit cards.

Unified Payments Interface (UPI)

All the payment systems we have read about so far, while extremely efficient and useful, do have some drawbacks.

  1. Net/Mobile banking is quite cumbersome to use since you have to login with a user id and password every time. For each beneficiary you want to transfer money to, you need to know their bank details and account number, which are difficult to remember and prone to errors when entering into the system.
  2. In the case of Debit/Credit cards need you to have a physical card with you when completing a physical transaction with a merchant and for an online transaction you need to enter a 16-digit card number and other details for every transaction.
  3. Mobile Wallets first need to be loaded with money using either Net/Mobile banking or Debit/Credit cards or from another wallet. They also have very low limits on the amounts you can load and transact.

UPI, developed and offered by the National Payments Corporation of India (NPCI) is the newest payment solution and it seeks to overcome all these drawbacks and establish itself as the leading payment solution in the country.

UPI follows a very different approach from any of the other payments systems. First of all, a user of the UPI system must have a smart phone and the UPI app installed on it. NPCI has its own UPI app, but other UPI service providers (not necessarily banks) can create UPI apps, adhering to the specifications laid down by NPCI. These entities are known as Payment Service Providers (PSPs) and they invest in the effort and infrastructure required to integrate with the NPCI UPI engine, which is quite complex.

The UPI app is bound to the smartphone it is installed on, which means that when the app is registered with your mobile number, some of the phone details are also stored and verified every time you try to access the UPI system. The smartphone must have a SIM card with the mobile number registered with the bank account you intend to use for payments. And finally, access to the app is protected by a 4-digit personal identification number (PIN). This makes the app quite secure as no other installation of the app can ever access any account linked to your mobile number.

Once the UPI app is installed on your phone, the next step is to create what is known as a Virtual Payment Address (VPA) also referred to as a UPI Handle. This is a simple identifier which looks very similar to an email id. For example, if you are using the NPCI UPI app, then the VPA will be your_mobile_number@upi (so for example, 9820098200@upi). If you are using your bank's UPI app your VPA could be 9820098200@bank, where bank is a shortened name of your bank. This identifier is unique across all UPI users.

The final step is to link your VPA to a bank account that you would like to use to send and receive money. It can be any bank account, not necessarily with the bank whose UPI app you are using.

When one UPI user wants to transfer money to another UPI user (could be an individual or a merchant) they enter the VPA of the beneficiary, verify it if they like (the app fetches and shows the account name), enter the amount to be transferred and send.

Under the hood, the UPI engine at NPCI maintains a mapping of VPAs and bank accounts. When a money transfer request is received by the UPI engine, it first sends a request to the bank who holds the account mapped to the sender's VPA. If funds are available, the UPI engine instructs the sender's bank to transfer via IMPS money to the UPI holding account. The UPI engine then sends a request to the bank who holds the account mapped to the receiver's VPA to confirm that the account is in good standing and can receive money. With the confirmation, the UPI engine transfers the money from its holding account to the receiver's account. If a confirmation is not received, the money from the holding account is transferred back to the sender's account.

As you can see, there is no need to provide a whole lot of receiver's account details, you just need to enter a short VPA, to identify the individual or merchant you would like to send money to. The actual money transfer happens from sender's bank account to receiver's bank account as always. Having said that, UPI also allows money to be transferred by providing the receiver's account number and bank IFSC code, the traditional approach.

UPI also offer some interesting features, such as a Collect Request. Instead of the sender initiating a payment, the receiver can request money from the sender, who then just has to approve the transfer. This is especially useful for merchants, who can send a collect request for the value of the transaction and the customer just has to approve the transaction making the process very seamless.

UPI is not without its drawbacks:

  1. You expose your bank accounts to the UPI application, without having the security provided by the bank's authentication and authorisation layer, and having to trust the security layer provided by the UPI app and the UPI engine.
  2. UPI needs an underlying bank account to work and therefore is not an option for those without a bank account. UPI also needs the user to have a smartphone and the UPI app installed.
  3. Banks have a robust KYC process that ensures that the account name and the name of the individual or business are legally the same. When you transfer money to a bank account using the account name and number, you do so with confidence. With a VPA there is no such robust process yet, which means that you could transfer money to the wrong (or a fraudulent) VPA (and the associated bank account). This can be avoided by verifying the VPA before transferring money, which displays the account name.
  4. And finally, the UPI engine and mobile app are quite difficult to develop and have to follow extremely stringent performance guidelines laid down by NPCI. Which is not a bad thing, but overly complex solutions can also lead to complex problems.

The UPI process "under the hood" is illustrated below:

UPI Process

Payment Gateways

The real value of digital payments is in that they enable a customer to complete a purchase transaction seamlessly from start to end by integrating the payment process within the transaction.

For example, a customer can visit an e-commerce store (a website that sells goods and services online), browse their catalog, select products to purchase and then seamlessly pay for the purchases and have the products delivered. Or, a customer can visit a service provider's website (utilities, cable services, cellular services) pull up their latest bill and pay them online. Or, a customer can visit an airline reservation site, select flights, pay for the tickets and have them issued, all in one seamless flow.

To make this happen, an intermediate solution that acts as an interface between an e-commerce store and the payment systems was required and this took shape in the form of what are known as Payment Gateways. A Payment Gateway is a service that allows e-commerce stores to enable customers to pay for goods and services purchased online using any of the multiple payment systems available.

The e-commerce store takes the customer through the shopping journey until the point where they are ready to pay. At this point the e-commerce site passes some details of the transaction, most importantly the amount the customer needs to pay and its payment information (for example, its bank account). The Payment Gateway now displays to the customer a web/mobile page that offer a choice of payments systems. The customer can choose any payment system and complete the payment process. The payment process differs for each option but all processes end by returning a success or failure message to the Payment Gateway which in turn forwards it to the e-commerce store which can confirm the transaction and start processing delivery or decline the transaction.

The first option is Net Banking, where the payment gateway redirects the customer to the payment authorisation page of the bank they select. The customer logs in using their bank credentials and authorises the transfer of funds to the merchant's account for the amount of the transaction. The bank system uses IMPS to immediately transfer the authorised funds to a holding account with the Payment Gateway (or declines the transaction if there is a problem). On receiving the money the Payment Gateway sends a confirmation to the merchant to proceed with and confirm the customer transaction. All this happens in a few seconds while the customer is online, providing a seamless experience from browsing to paying. The Payment Gateway then settles the dues to the Merchant at an agreed upon frequency.

The major advantage Payment Gateways bring to the table is that now an e-commerce site does not have to integrate their systems with every bank their customers may want to pay from. Hundreds of banks and tens of e-commerce sites would mean thousands of integrations which would be a challenge to manage. Now, an e-commerce sites only has to integrate with one Payment Gateway who in turn will manage the integrations with as many banks as possible to give the customer a wide choice.

The second option is Debit (or Credit) cards, where the Payment Gateway redirects the customer to a web or mobile page that asks the customer to enter their debit or credit card details. The Payment Gateway is integrated with all the card processing networks. It passes the customer card details and the transaction amount to the selected processor for verification and processing, The card processor further checks for the card validity and availability of funds with the Issuing Bank. The Issuing Bank responds with an approval or a rejection which the Payment Gateway forwards to the merchant. The merchant complete the customer transaction based on the approval from the card processor. The card processor and the banks subsequently settle the dues to the merchant.

Again, the advantage for e-commerce sites is that they don't have to integrate with the card processor systems, which can be quite a challenge.

The third option is Mobile Wallets. Payment Gateways offer all Mobile Wallets as payment options, thus giving the customer an even wider choice in terms of the payment system they would like to use. Again, an e-commerce site doesn't have to integrate with every mobile wallet system, the Payment Gateway manages the integration, continuously upgrading their choices as new wallets become available.

And the fourth option is UPI. Payment Gateways take care of the integration with NPCI and the customer only has to enter the VPA that is mapped to the bank account to be used to pay for the transaction and then approve the transaction from the UPI app once the request for approval is received.

The Payment Gateway process flow is illustrated below:

Payment Gateway Process

Other than the ease of integration, which in itself is a huge benefit to a Merchant, there are several other features and services that Payment Gateways offer such as data storage security and fraud detection to check for validity of bank accounts, cards and even transaction patterns. The criteria for selection would include the range of payment options offered to customers, the fees charged, settlement times, complexity of system integration, security and performance (a poor response time during payment can result in customers cancelling transactions).

So far we have been discussing payments systems from the customer perspective. But to allow customers to pay for goods and services using these digital payment systems, sellers have to implement online payment acceptance solutions.

We can break up sellers into small or large B2C business (who we are calling Merchants), largely selling goods and services directly to their customers and large B2B businesses that sell to other businesses (who we are calling Enterprises).

B2C transactions are generally high volume but low value and need to cater to a wide and open group of customers. The solution for Merchants is clearly to integrate with a Payment Gateway of their choice.

In the case of Enterprises (B2B) businesses, again an integration with a Payment Gateway is an option but B2B transaction are generally high value but low volume and generally cater to a smaller, known group of customer. In such cases a more traditional payment mechanism such as a direct transfer using one of the EFT protocols may be a better option.

Connecting it all together

If you have been following the series from the beginning and in sequence, you must have understood the Internet of Things, Blockchain and Digital Payments systems. In the next article will talk about how the three can integrate and work together to provide an automated end-to-end enterprise supply chain solution with zero human intervention.