- Cards (Credit/Debit/Prepaid)
- Customer enters card details and initiates the transaction via the Payment aggregator.
- The card details are matched with the VISA/Mastercard directory and the Access Control Server(ACS) page of issuing bank is opened.
- The ACS page will trigger an OTP for authentication to be entered by the user.
- The issuing bank validates all the details including card number, CVV, expiry date, available balance/credit on the card.
- Lastly, all the stakeholders are informed about the successful transaction and process of fund movement(settlement) commences.
There are two variations of the same:
- Off-us: When the issuing and acquiring banks are different.
- On-us: When the issuing and acquiring banks are same and hence, the directory lookup step is skipped.
Transactional flow via Cards
- Transaction done via without redirecting to ACS of issuing bank
This process is two folds:
- Merchants triggers OTP via PA/acquiring bank to authenticate the transaction.
- Customer receives the OTP and is validated when the PA makes the second API call.
Transactional flow via Direct OTP
This is pretty straightforward. The customer is redirected to the bank's online netbanking page to authenticate and complete the transaction.
A Net-banking Third-Party Validation(TPV) flow is similar to regular net-banking except the account details are matched against the ones saved with the merchant.
Transactional flow via Netbanking