Digital Wallets – Technology

Digital Wallets are hyper-personal solutions. Hence, a large part of the adoption will be driven by the user experience (UX) of the linked mobile app that the user interacts with. The solution typically has a server part that is usually deployed in a private or public cloud infrastructure, and a mobile app, through which users interact.

The software component of the DW that lies within the mobile app has to deal with multiple functions; some of the key ones are listed below:

1.    User Registration

2.    KYC automation

3.    Registering bank accounts as payment source

4.    Registering cards as payment source

5.    Tokenizing payment credentials for pay-outs and pay-ins

6.    Loading money to the wallet

7.    Making payment from the wallet

8.    Taking out money from wallet

9.    Accepting payments using static or dynamic QR codes

10. Contactless payouts through NFC, QR

11. Interacting with BLE devices

12. Accumulation of Loyalty Points

13. Alerting for appropriate usage of Loyalty Points

14. Dashboards for balance enquiry, transaction history, status of transactions, spend profile, loyalty point accrual, spending, etc.

15. Commerce enablement for partner businesses – like travel tickets, entertainment tickets, mobile top-up, restaurants, rent pay, school fee pay, subscription pay, insurance purchase, and much more

While the app needs to have compelling UX, the actual functionalities are implemented in the server part of the application – some of which could be from yet another service provider and surfaced as an integrated service, and rest would be part of the core system of the digital wallet itself. As bank accounts and cards would be used, the server application will need to have appropriate integrations with bank services and card services.  

Automating the KYC process and improving the customer onboarding

KYC deals with collecting information about the customer and then validating that in order to be sure that the person is the one s/he is claiming to be.

Nowadays, most countries have certain citizen identification documents – like passports, Citizen ID cards, and Biometric Linked Citizen ID (such as Aadhaar in India). The document can be scanned with a phone camera and then using Optical Character Recognition (OCR), the “typed” information such as name, address, date of birth, etc. can be extracted to fill the registration details.

AI/ML is used to verify the face (captured by the camera in the mobile) and the photo in the ID.

The phone and email are verified by sending one-time codes via the respective channels and having the customer enter the same.

In case of accounts and cards, penny-drop process is used to verify the validity of the account and the card.  

Along with these, the credit scores of the customers are used by integrating with credit bureaus such as Experian, CIBIL, etc. to get the credit-worthiness of the individual.

Tokenization of payment credentials

The payment credentials of cards and accounts are typically converted to “tokens” after the same are verified. These are then used for transacting and hence the sensitive credentials are not resident in the mobile or parts of the infrastructure that are vulnerable to external threats.

Typically, card tokens are provided by the card schemes and bank accounts tokens are either available from a federal service (like VPA in case of UPI maintained by NPCI) or by third-party token providers.

Pay-out and pay-in enabled by proximal technologies

It is common for DW to support a scan-and-pay mode, where the phone camera is used to scan a QR or Bar code to get the target account and sometimes amount details and then used to make the remittance. In cases where the QR scanned is dynamic, i.e., have the amount encoded as well, the convenience of scan-and-pay is much more.

Another popular mode is using NFC. Mobile phones today come embedded with NFC capability. As this is short range radio-based communication, it becomes a reliable channel to exchange information securely and thus is used for making payments by tapping the mobile device on the acceptance machines.

In both these cases, the mobile app of the DW needs to be equipped to leverage the device capability and convert that to enable commercial convenience.

Proximity based information exchange

Many a time the retailer likes to provide promotional incentives when the customer is in the proximity of the retail opportunity. Here, low energy Bluetooth (BLE) is very appropriate. Mobiles today are Bluetooth enabled and hence BLE based communication for hyperlocal promotions can be affected. Here again, the mobile app of DW needs to be capable of leveraging the BLE technology and converting that to a commercial event.

Scheduling and Alerts

DW mobile apps can help customers to schedule payments. This feature of unattended automated payment helps to avoid late fees. In case the customer is not very comfortable with automatic debit, s/he may have an alarm set so that instead of auto debit, it can alert the customer to make the payment.

As DWs are hyper-personal solutions, they can mine the behavioural data of the customer over time and “learn” a pattern, which it can use to alert the customer when required. Here the usage of AI/ML helps.

We have discussed some of the technologies of DW mobile app. Now, let us look at some of the technologies that help the server-side part of the application.

Services implemented as APIs

The server-side services are exposed as APIs. The mobile app consumes these APIs to surface the UX services. It is typical to use an API Management product that controls the usage of the APIs and throttles the API pipes as per service needs.

The services are built as micro-services so that one can deploy the services across different numbers of servers based on the processing needs. Moreover, with the micro-service architecture, it becomes easier to create service mashups to provide a course-grained service of higher value.

External service integration

DW would need to integrate with bank infrastructure, card infrastructure, KYC enablement infrastructure, credit scoring services, information services regarding risky personnel, loyalty services, varied commerce applications, and more.

Some of these integrations are real-time / online and expect real-time response (like obtaining a credit score), others could be getting feeds in batches (like a list of risky personnel), still others can work in store-and-forward mode (like a set of scheduled payments). The technology of invoking the requests, processing the responses, and handling of the exceptions (like non-arrival of response, etc.) can widely vary from modern APIs to legacy technologies. Appropriate design is needed to handle different scenarios.

For commerce application integration there are workflows and thus multi-step data exchange is needed. These require yet another technique for integration and service orchestration.  

To know more you may visit the site:

Before we conclude this part of the series, we would like to leave you with a thought. Why do digital wallets require KYC but faster payments do not?

Stay tuned.

Leave a Reply

Your email address will not be published. Required fields are marked *

Comment moderation is enabled. Your comment may take some time to appear.