NPCI 's UPI Circle: What you need to know about Delegate Payment on UPI Account
RBI and NPCI's UPI Circle allows secondary users to delegate payments via primary accounts. But what vulnerabilities should you watch out for? The Fintech Chronicler investigates.
Just days ahead of the Global Fintech Fest, NPCI launched the much touted RBI’s Delegate Payments on UPI! Makes you wonder, what else does RBI and NPCI have planned for us in the week ahead right?
But till we get to GFF 2024, your Friendly Fintech Chronicler thought of covering this brand new toy, understanding the market that it serves, and also take a look at the dark side. Of potentially how this could be used to hack away and scam people out of their money, if they aren’t too careful. Of course, more details will follow their demo at GFF, but till then, in this edition here is what we will cover:
· Product description of UPI Circle,
· How UPI works, and the current economic structure for UPI,
· Market share of UPI in India’s digital payment ecosystem,
· Economics of UPI,
· Technical details of Delegate Payments,
· Biggest security threats with respect to Delegate payments.
Without further ado, lets get started
.
UPI circle: All you need to know about delegate payments on UPI
If you’re a parent, or even a single child like me, living away from parents, haven’t you ever felt like you wished you had a clone of yourself who could monitor and safeguard your wards whenever they make payments online? Well, the folks at NPCI have cooked up something even better – UPI Circle! It's like creating your own financial squad, minus the superhero capes (although I am totally for adding those, extra security and what not!).
Key Highlights about UPI Circle and delegate Payments:
UPI Circle is a feature introduced by the National Payments Corporation of India (NPCI) that allows the primary holder of a UPI account to delegate transaction rights to secondary users. This feature is designed to enhance digital payment accessibility, particularly for families, joint account holders, and small businesses.
Technical Architecture of UPI Circle (Because We Know You Love the Details)
Here is 10 second primer on UPI Circles
1. Primary and Secondary Users: The primary user is the account holder who initiates the Circle and controls the delegation. The secondary user is a trusted individual granted access to the account for making payments. While a Primary User can add upto 5 Delegates, but a secondary user can have only 1 Primary User linked. There is limit of 5k per transaction per delegate payer, and 15k at a monthly level, ostensibly to limit the frauds and exploits on this product.
2. Delegation Types:
a. Full Delegation: The secondary user can make payments up to a specified limit without requiring the primary user’s approval for each transaction. There is a maximum monthly limit of ₹15,000 and a per-transaction limit of ₹5,000.
b. Partial Delegation: The secondary user can initiate payment requests, but the primary user needs to approve and complete the transaction with a UPI PIN.
3. Security Measures: UPI Circle incorporates security protocols such as mandatory biometric authentication or app passwords for secondary users. The primary user retains control over transaction limits and can view the transaction history of secondary users.
4. Linking Process: The primary user can link secondary users by scanning a QR code, entering the UPI ID, or selecting the secondary user’s contact from their phone. Manual entry of mobile numbers is restricted to enhance security.
5. Transaction Monitoring: The primary user has full visibility of transactions performed by secondary users, both on their UPI app and bank account statements. This transparency is crucial for monitoring and managing delegated transactions.
System Flow
1. Setup: The primary user sets up the UPI Circle by linking secondary users through their UPI app. This involves selecting the type of delegation (full or partial) and setting transaction limits.
2. Transaction Initiation: Secondary users can initiate transactions within the limits set by the primary user. For full delegation, transactions are processed without further approval. For partial delegation, the primary user must authorize the transaction.
3. Approval and Execution: In partial delegation, the primary user receives a notification to approve the transaction, which is then executed upon entering the UPI PIN.
4. Reconciliation and Settlement: Transactions are reconciled and settled according to existing UPI flows. A new purpose code in the UPI raw file and additional line items in the Net Settlement Report will help to identify and settle UPI Circle transactions.
Why You'll Love It (As If I Needed More Reasons)
• Family-Friendly: Now the whole clan can join the digital payment party, even if they didn’t have UPI enabled on their accounts prior to this!
• Inclusion Illusion: Embracing even those without a bank account into the UPI fold.
• Control Freak's Dream: Set limits, watch transactions – it's like being a benevolent financial overlord.
Now that we have the good stuffs out of the way, lets talk about the details of UPI, and why I still have that notch in my stomach when I think of this product.
For which the first step would actually be to understand how UPI works.
How does UPI work ?
The Unified Payments Interface (UPI) offers different transaction flows to cater to various user needs, primarily focusing on UPI Collect and UPI Intent flows. Here is a detailed comparison of these two flows, including their transaction and settlement processes.
Here is a quick side by side comparison for those in a hurry:
UPI Collect Flow
Transaction Flow
• Initiation: The merchant sends a payment request to the customer's UPI app by entering the customer's Virtual Payment Address (VPA) or UPI ID.
• Notification: The customer receives a notification on their UPI app about the payment request. This requires the customer to open their UPI app to review the request.
• Authorization: The customer reviews the payment details and enters their UPI PIN to authorize the transaction.
• Completion: Once authorized, the transaction is completed, and both the customer and merchant receive confirmation.
Settlement Flow
The settlement process involves the NPCI aggregating transactions and facilitating interbank settlements through the Reserve Bank of India (RBI). The settlement ensures that the funds are transferred from the customer's bank to the merchant's bank, usually in batches throughout the day.
UPI Intent Flow
Transaction Flow
• Initiation: During checkout, the customer clicks on a UPI Intent payment button on the merchant's website or app. This action triggers the UPI app on the customer’s device.
• App Launch: The UPI app automatically opens with pre-filled transaction details such as the amount and merchant information.
• Authorization: The customer verifies the transaction details and enters their UPI PIN to authorize the payment.
• Completion: After authorization, the transaction is processed, and the customer is redirected back to the merchant's app or website, receiving a confirmation of the successful payment.
Settlement Flow
Similar to the UPI Collect flow, the settlement in the UPI Intent flow is handled by the NPCI, which aggregates transactions and processes settlements through the RBI. The process is designed to be efficient and quick, ensuring funds are transferred between banks in a timely manner.
Economics of UPI: Who makes money?
The National Payments Corporation of India (NPCI) earns revenue through various fees, including interchange fees and switching fees. The switching fee is a charge levied on banks for facilitating the routing and processing of UPI transactions. However, specific details about how much NPCI earned from switching fees in the fiscal year 2024 are not readily available in the search results.
NPCI's Revenue Sources
• Interchange Fees: NPCI charges interchange fees on certain UPI transactions, primarily those involving prepaid payment instruments (PPIs) for transactions above ₹2,000. This fee ranges from 0.5% to 1.1%, depending on the merchant category.
BTW, Interchange fees also applies to all transactions on the Rupay credit and debit cards, albeit, much lower than the likes of MasterCard and Visa
• Switching Fees: NPCI charges banks a switching fee for processing UPI transactions. This fee is part of the cost structure that banks incur to use NPCI's infrastructure for transaction routing and settlement. The exact amount NPCI charges for switching fees is not made public, although it ranges from 0.2% -0.5%. This is an estimation, basis their financial reporting for the year ending March 2023.
In the fiscal year 2023, the NPCI's total income, which includes both revenue from operations and other income, was ₹2,225 crore, and the total revenue from operations of ₹1,987 crore. In the same year, the Unified Payments Interface (UPI) processed transactions totaling approximately ₹139 lakh crore. Now assuming, 75% of that revenue from operations came from UPI Switching fees alone, that means that per transaction they charge around 0.2%.
Just how large is UPI? And how much more market can UPI serve?
All that is great, but just how many people are using UPI? As per the latest report, there are 350 Million active users transacting using this payment rail.
Assuming that India has 65% adult population of our bulbous 1.45 Billion people, that means we are round about 942 Million. So, UPI has only about managed to capture 37% of the adult population, with room to grow and touch the remaining 63%!
Need for Delegate payments on UPI?
However, only about 47% of the adult population is employed, meaning the remaining 53% are pretty much dependent on the others. Which makes UPI Circle a perfect match for them.
What is a Delegate Payment?
Insimple terms, in a delegate payment system, the delegator (the original party responsible for the payment) grants authority to a delegate (another party) to execute payments. This can be useful in scenarios where the delegator is unavailable or lacks the resources to manage payments directly.
Now that we have a gist of these delegate payments, let us deep dive into the system architecture that allows for this to function.
To implement a delegate payment functionality, below are the components and tech consideratiosn:
1. Delegate payment systems often use an API-first approach, which provides standardized APIs for seamless integration with core banking systems and payment gateways. This architecture allows for flexibility and scalability, enabling quick deployment and updates
2. Secure Electronic Transaction (SET) protocols and encryption methods like SSL/TLS are used to safeguard payment data during online transactions
3. Strong Customer Authentication (SCA) and two-factor authentication (2FA) are employed to verify user identities and authorize transactions. These methods help reduce fraud and ensure that only authorized users can initiate or approve payments
4. A delegation framework manages the authority of proxies over delegated transactions. It assigns roles and permissions, ensuring that proxies can only access the necessary components for the delegated tasks
5. Transaction Authorization Algorithms: Algorithms are used to determine whether a transaction should be approved based on predefined criteria such as transaction limits, user roles, and authentication status
6. Tokenisation: This algorithm replaces sensitive card and account data with a unique token, making the original data inaccessible to unauthorized parties. It enhances security by ensuring that even if data is intercepted, it cannot be used maliciously
7. Delegation Management Algorithms: These algorithms manage the assignment and revocation of delegated authority, ensuring that proxies have the correct permissions for the duration of their delegation period
Security Vulnerabilities in Delegate Payments
But despite how cool this technology sounds, its not without its peril! In fact, the recent WazirX saga also started with a delegate call being exploited by the hackers. So, let us understand some of dark side of Delegate payments.
• Identity Spoofing and Unauthorized Access: Delegate payment systems can be vulnerable to identity spoofing, where attackers impersonate authorized users to initiate transactions. This can occur if authentication mechanisms are weak or if there is inadequate verification of the delegate's identity, like what happened in the WazirX – Liminal case.
• Data Tampering and Manipulation: Attackers may exploit vulnerabilities in the system to tamper with transaction data. This includes altering payment details or redirecting funds to unauthorized accounts.
• Malware and Phishing Attacks: Malware can be used to intercept and manipulate payment data. Phishing attacks can trick users into revealing credentials, which attackers can then use to access the delegate payment system and initiate unauthorized transactions
• Delegatecall Vulnerability: n smart contract implementations, especially those using the ERC-2771 standard, vulnerabilities can arise from improper use of the delegatecall function. This can lead to arbitrary address spoofing, where attackers manipulate calldata to impersonate others. Attackers can append a victim's address to transaction data, causing the system to misidentify the attacker as the authorized user. This allows the attacker to perform unauthorized actions under the guise of the victim.
In the context of UPI delegate payments, fraudsters have been known to exploit vulnerabilities by spamming UPI IDs with multiple requests or using social engineering techniques to trick users into authorizing transactions.
And the recourse mechanism in most cases often do not result in those exploited seeing their money back.
So, to conclude, I’d like to leave you with just one question! Does Delegate Payments open the doors for scamsters to easily get access to the accounts of the old and the vulnerable?
That is it for this edition, and I shall see you next week, with a wrap of all the good things that happened at the Global Fintech Fest!