Epic: SM-229 - Cards: Card Management System CMS In Progress
SM-1967 - Card Security: Review mTLS and RS256 Cloudflare setup for incoming requests from Euronet Blocked Task
SM-1961 - Euronet Gateway: Incoming Transaction requests from Euronet Cancelled
SM-1962 - Card Transaction Processor Manager: Reversal requests from Euronet-Gateway Cancelled
SM-1963 - Card Transaction Processor Manager: Incoming requests processing Done
SAF-1192 - Card Transaction Processor Manager: ATM withdrawal Fee Backlog
SM-1965 - Card Manager: Push notification to output-manager Done
Priority: TBD
Effort estimate: TBD
Review status: APPROVED
Role: Client
Objective:
The client can manage a payment via card (online)
Reason:
The client must be able to use a card for any payments. Digital payments should be managed via a payment gateway that requires the card number, expiration date, card holder name, and CVV code.
Functional requirements:
mTLS security
HMAC signature verification
Integration with Corebank TM
Euronet Gateway to accept incoming payment requests
Push notification
BE>FE Sync
UI requirements:
as in Figma
Process flow:
We will treat incoming requests from Euronet as if Payment-instruction creation.
We will need to collaborate with Euronet to give us at least the owner of the transaction. Whether accountno, or customer cardno. Then we use customer cardno to validate if it is indeed belong to the account no.
We will need externalId which will be mapped to uuid transactionId. So card-manager later on will rely on cardDB to manage this uuid.
Below is Payment Instruction model, we will remove what we don't need.
{ "additionalInformation1": "string", "additionalInformation2": "string", "additionalInformation3": "string", "additionalInformation4": "string", "code": "PI_AUTO_SAVE", "referenceId": "string", "referenceSource": "CONTACT", "executionDate": "2019-08-24", "amountType": "FIXED_AMOUNT", "amount": 0, "transactionCurrency": "IDR", "sourceAccountNo": "string", "sourceBankCode": "string", "bankCode": "string", "beneficiaryAccountNo": "string", "paymentServiceCode": "string", "paymentServiceType": "WALLET", "type": "MANUAL", "recurring": "ONE_TIME", "approvalType": "JUST_DO_IT", "endDate": "2019-08-24", "timeOut": "2019-08-24", "note": "string", "urlPicture": "string", "externalId": "string", "extra": { "skuCode": "string", "billerCode": "string", "secondaryBillKeys": [ { "key": "string", "value": "string" } ] }, "categoryCode": "C056", "maxAmountPerTransaction": 0, "dailyLimitAmount": 0, "monthlyLimitAmount": 0, "useAuth": true, "alternativeExecutionDate": "NEXT_WORKING_DATE", "feeAmount": 0, "epic": "string", "multiTargetAccountNo": [ { "percentage": 0, "accountNo": "string", "accountName": "string", "targetBankCode": "string", "beneficiaryCif": "string", "accountType": "string" } ] }
Now for Card. I will list only relevant params below:
additionalInformation1
Type of transaction : - Partner Transaction : filled with partner id - ATM Transaction : filled with ATM location code - SKN transaction : filled with beneficiary type [Individual/Corporate] - Card transaction : filled with merchant name
additionalInformation3
Field for versatile payload as additional info, usually used by partner transaction, or particular type of transaction Type of transaction : - ATM Transaction : filled with card status [Card Present/Card Not Present] - Card Transaction : filled with card status [Card Present/Card Not Present]
code
Field for define Payment instruction code, it will be required for which instruction parameter will be take available valid values: - PI_PAYROLL: for payroll transaction - PI_TRANSFER: for common transaction - PI_BILLER: for bill transaction - PI_AUTO_SAVE: for Saving with targets - PI_CREDIT_CARD: for Credit Card Payment - PI_JAGOPAY: for Transfer between Jago account - PI_PAYME: for Payment request transaction
referenceId
Field for define payment instruction name based on id correlation, for example: - Contact id - Account id - Biller id - Static id
referenceSource
Field for define payment instruction name based on beneficiary type Available valid values: - CONTACT = payment instruction name base on contact, referenceId = contact id - BILLER = payment instruction name base on biller, referenceId = biller - ACCOUNT = payment instruction base on account number, referenceId = account number - VIRTUAL_ACCOUNT = payment instruction base on virtual account number, referenceId = virtual account number - STATIC_VALUE = payment instruction base on value given from FE, referenceId = given from FE'
amountType
Enum: "FIXED_AMOUNT" "PARTNER_AMOUNT" "BILLER_AMOUNT" "INPUT_AMOUNT" "BLOCKING_AMOUNT"
paymentServiceCode
Field for define payment service code will be use, example valid values: - RTOL - SKN - RTGS - SIT01
paymentServiceType
Enum: "WALLET" "TRANSFER" "GIN_PAY" "PAYME" "CREDIT_CARD" "CASHBACK" "MDR" "THIRD_PARTY_TRANSFER" "THIRD_PARTY_ATM_WITHDRAWAL" "THIRD_PARTY_BALANCE_INQUIRY" "DOMESTIC_PAYMENT" "INTERNATIONAL_PAYMENT" "DOMESTIC_VOID_PAYMENT" "INTERNATIONAL_VOID_PAYMENT" "INTERNATIONAL_ATM_WITHDRAWAL" "INTERNATIONAL_BALANCE_INQUIRY" "IRIS_TO_JAGO" "JAGO_TO_IRIS" "JAGOATM_TRANSFER" "THIRD_PARTY_JAGO_TO_JAGO_DEBIT" "THIRD_PARTY_JAGO_TO_JAGO_CREDIT" "JAGOPAY" "JAGOPAY_REFUND" "GENERAL_REFUND" "OFFER" "PAYROLL" "INCOMING_SKN" "INCOMING_RTGS" "VOID_SKN" "VOID_RTGS" "BRANCH_DEPOSIT" "BRANCH_WITHDRAWAL" "BRANCH_TRANSFER" "TD_PENALTY" "CARD_OPENING" "LOAN_DISBURSEMENT" "LOAN_REPAYMENT" "LOAN_ADMIN_FEE" "LOAN_REPAYMENT_REVERSAL" "LOAN_DISBURSEMENT_REVERSAL" "LOAN_ADMIN_FEE_REVERSAL" "BIBIT_INSTANT_REDEMPTION" "RDN" "CONVERSION" "SETTLEMENT" "LOAN_DIRECT_DISBURSEMENT" "LOAN_DIRECT_REPAYMENT" "OVERBOOKING" "MAIN_POCKET_TO_GL_TRANSFER" "TD_PENALTY_SYARIAH" "LOAN_FORWARD_PAYMENT_DEPOSIT" "LOAN_FORWARD_PAYMENT_WITHDRAWAL" "TD_SHARIA_PLACEMENT" "TD_SHARIA_REPAYMENT" "QRIS" "LOAN_DEPOSIT_REPAYMENT" "INCOMING_BIFAST" "VOID_BIFAST" "VOID_QRIS" "BONUS_INTEREST" "MIGRATION_TRANSFER"
type
Field for define payment instruction type Available values: - MANUAL (for direct execution, partner transaction execution, and need some approval for pi scheduled) - AUTO_DEBIT (for scheduled PI and no need approval for pi scheduled)
recurring
Field for define payment instruction recurring mechanism Available values: - ONE_TIME (one time execution, most used for direct transaction or one time pi scheduled will be execute) - DAILY (day to day pi scheduled will be execute) - WEEKLY (week to week pi scheduled will be execute) - MONTHLY (month to month pi scheduled will be execute) - YEARLY (year to year pi scheduled will be execute) - ANYTIME (no contract or term condition for the date execution, most used for partner / third party transaction)
approvalType
Field for define approval type of payment instruction will be used before execution Available valid values: - 'JUST_DO_IT' = will be execute automatically without prompt or user permission - 'OVER_LIMIT' = user will be notify and need input amount manually before execution - 'EVERY_TIME' = user will be notify and require permission before execution
timeOut
Field for define timeslot that system wait for 3rd party to confirm for the payment format : YYYY-MM-DD hh:mm:ss may consider using TM feature
externalId
Field for define externalId, use for unique identifier for each transaction by default will be generate by system if we're not define format: uuid.v4 with max lenth 40 char
We will need to reconsider having the same usage counter and bankcode mapping etc as tables within card-manager DB.
Execution steps:
Internal dependencies:
External dependencies:
Alternative scenarios: n/a
Acceptance criteria:
Links to wireframes/UI:
https://www.figma.com/file/dkDQHRa1zq7tU58MiL6hBR/SaFi---UI---MVP-(Shared)?node-id=9%3A3466