Online Payment Fraud: What Is It and How Razorpay Prevents It

FeaturedFraud Prevention for Online Businesses

This is the second blog in our series on online security and fraud prevention. To understand more about online safety (how to distinguish between a secure and non-secure website, how to ensure you are making a secure payment) read the first part here. To understand how online payment fraud occurs and the steps to prevent it, read on!


There is a reason why banks put up disclaimers announcing that their employees do not ask you for sensitive data, or that you should never reveal details like your OTP to an unknown person.

Online payment fraud is a reality of the internet age we live in and the numbers are only set to increase with the increasing digital adoption in India. According to a study by the credit information company

Experian and the International Data Corp (IDC), the fraud risk in India is currently pegged at 8.1 points; second only to Indonesia (8.7 points) and significantly higher than the average 5.5 points in the Asia Pacific region.

A 2016 consumer study conducted by ACI Worldwide places India at the fifth position in terms of total card fraud rates; behind Mexico, Brazil, United States, and Australia.

As they say, the best weapon against any problem is education; so let’s begin by understanding the different types of payment frauds that occur in India and how online sites and payment gateways like Razorpay prevent it.

Online Payment Fraud: The Different Types

The most common types of online fraud occur via phishing or spoofing, data theft, and chargeback or friendly fraud. We have explained these in detail below.

Online Phishing or Spoofing

Phishing is the process of accessing one’s personal information through fraudulent e-mails or websites that claim to be legitimate.  The information gathered this way can include usernames, passwords, credit card numbers, or bank account numbers.

The most widely used method for phishing is to redirect an online user (from an email or SMS) to an “official” website where they are asked to update their personal information.  You are thereby tricked into revealing personal information that you would ideally not reveal to anyone else.

Phishing can also occur via other electronic means such as SMS, instant messaging, and on email. You can be redirected to make a payment on a website that looks legitimate, but which is created to capture your card details so they can be used later.

According to reports, India is the third-most targeted country for phishing attacks, after the US and Russia.

Data Theft

Sometimes, dishonest employees or partners can steal credit card data from businesses and use this for committing fraud. Most online sites take stringent measures to ensure that such privacy breaches do not occur.

Instead of storing credit card details as is, for instance, websites and payment gateways use methods like tokenization and encryption to keep the data secure.

Razorpay takes data security very seriously. We are a certified ISO-27001 compliant organization, which means we undergo stringent audits on our data privacy processes.

Chargeback Fraud or Friendly Fraud

Let’s say a customer makes an online purchase. Later, they claim that the purchase was made fraudulently and ask for a chargeback – even though they made the purchase themselves! (A chargeback – in the simplest of terms – is an order from a bank to business, asking it to return the amount paid for a possibly fraudulent purchase.)

This is known as chargeback fraud or friendly fraud, where business processes a transaction since it seems legitimate; only to be issued with a chargeback later on.

Chargeback frauds cause GMV losses and are a hassle for any business. We have a Razorpay Chargeback Guide that will help you understand why chargebacks happen and take steps against fraudulent charges.

The Effect of Payment Fraud on Businesses

As per the current terms and conditions, a credit card issuer (i.e., the bank) does not consider the cardholder liable for any fraudulent activity; for both card-present and card-not-present frauds.

Therefore, payment frauds involving credit cards have a significant effect on the business community and a significant impact on a merchant’s bottom line. Every time a customer issues a chargeback, it leads to loss of both inventory and GMV. This is especially true for retail establishments, where the profit margins are usually small.

Regarding industry, the subscriptions industry continues to have the highest rate of fraud for two main reasons:

  • Subscriptions are essentially a card-dependent service; wherein the USP of the service is that the customer does not have to make manual payments. It is easy to claim that one’s card was used without knowledge in such a scenario.
  • Fraudsters and hackers use subscription services to ‘test’ cards. Online subscription services usually provide a one-month free trial, but one needs a credit card to initiate the trial period. Since the value is negligible, such payments usually go unnoticed by a card owner. If the card details are incorrect, the subscription business shares a detailed authorization error; thus making it easy for the hacker to modify their strategy and continue using the cards.

Razorpay: How We Help Businesses Reduce Fraud and Mitigate Risk

Apart from the mandatory protocols, Razorpay has its processes (developed in-house by our tech whizkids) to detect and prevent fraud and mitigate risk. As a payment gateway and a converged payments solution company, we take data security very seriously.

By delving into our data and analyzing patterns, we have been able to institute processes that ably discern between a ‘normal’ and a ‘suspicious’ transaction with credible accuracy. These systems are divided into two types:

a) Systems for detecting ‘Merchant Fraud’

Merchant fraud occurs when someone creates a fake or bogus company with no intention of selling any product to the customer. The business appears legitimate; but since it offers no actual goods or services, all users who make an online purchase only end up losing their money.

As a payment gateway, Razorpay has strict processes in place to vet every company which uses our gateway for processing payments. Some of the ways how we check for merchant fraud include:

KYC checks: Adhering to strict KYC norms even before we onboard a business is an integral part of fraud mitigation. We have an in-house ‘Risk and Activation’ team that runs background checks on new businesses and vets them before they are ‘live’ on our payment gateway.

At Razorpay, we take this check one level higher by monitoring all suspicious and potentially fraudulent businesses, and the transactions that originate from them.

Transaction monitoring: Razorpay Payment Gateway has an inbuilt ‘Risk’ logic which can sniff out a possible fraud faster than a K9 squad. Let’s say a merchant who gets 3-4 online orders in a day suddenly starts to get 300 daily orders.

A sudden spike in transaction velocity (number of transactions per minute/hour/day), volume (amount transacted for), or pattern (international orders for a local brand) is an indicator of fraud and our systems immediately flag such transactions for further investigations.

Our ‘Risk’ logic also has 72 odd rules for monitoring the thousands of transactions on our payment gateway on a daily basis. This logic is designed according to the merchant, and our logic pathway can easily differentiate between standard day-to-day transactions and those that carry a high probability of risk.

b) Systems for detecting ‘Customer Fraud’

Customer fraud occurs when a stolen or lost card is used for suspicious activities. It can also occur for other payment modes. Not only does this affect the user, but it is also detrimental to e-commerce websites as it increases cases of refunds and chargebacks, and leads to loss of GMV.

At Razorpay, we strive to protect both our merchants and our customers. Which is why we conduct extensive transaction monitoring as well to protect both their interests. How do we do it? Here’s a peek:

Checking for hotlisted cards: Every time a card is used for payment, our gateway connects with the card provider to check if the card has been hotlisted. (Hotlisting means that the card has been blocked temporarily or permanently for use). This is done in real-time so that a verified transaction is still completed within seconds, while the suspicious ones get flagged.

Pattern-based transaction monitoring: We also use geographical and pattern-based transaction monitoring (as for detecting merchant frauds) to identify suspect transactions. This helps us in preempting and preventing chargeback frauds and other types of customer frauds. We have a hit ratio of being able to identify 85% of fraudulent cases in advance.

Online Fraud Prevention: The Future

Online fraud will remain a contentious issue even in the days to come. The more we connect and transact online, the bigger the threat. Moreover, since we cannot eliminate it, the solution must be to remain on guard every single second. The only way to prevent online fraud is through vigilance and regulation.

A good example here is the 3D Secure (3DS) protocol that VISA had developed to keep its customers safe, and which has since been adopted by other card companies like American Express, MasterCard, and JCB International.

A similar process is the 2FA used in India, which is mandatory for all cardholders and card-issuing banks. The RBI has also mandated online alerts for all card transactions – even those where the cardholder physically swipes their card at a PoS system.

For all transactions considered suspicious, cardholders have the option to issue a ‘de-activation request’ immediately and hotlist their cards.

The Indian government’s decision to appoint a nodal agency for dealing with phone frauds – called the FCORD initiative – is another praiseworthy step. We at Razorpay are also in touch with the MHA, which has designated the FCORD as the Nodal Agency for reporting and preventing Cyber Crime frauds in India, regarding the same.

While a zero-fraud system will take some days to achieve, we are constantly building new processes to minimize fraud risk for all consumers.

The bottom line though remains this: If you are building an e-commerce website, remember to follow all the protocols mentioned above and minimize the risk of fraud. Alternatively, find a payment gateway (hello there!) that has stringent security protocols already in place. We’re just a click of a button away!

How Secure Are Your Online Payments?

Featured

At Razorpay we strive to make every transaction done via our payment gateway a secure payment. We’re a technology-first online payments company and online payment security is in our DNA. We employ a ‘no stones unturned’ approach to safeguarding the interest of both the online businesses who use our products, as well as their consumers.

We also understand the assurance of secure payments is one of the primary drivers behind the choice of a payment gateway.

With the growing number of e-commerce users and transactions in India,, it is important that we are all aware of the mandatory security protocols for e-commerce websites; so that we can avoid fraudulent situations. As the saying goes, prevention is better than cure.

In this article, let me walk you through the security protocols and processes followed at Razorpay, and which you should look for, too, every time you transact online.

online payment security architecture and information flow

1. TLS Encryption

Data security on e-commerce websites or an online payment system begins the moment a user lands on the site. The TLS Certificate tells users that the data transmitted between the web server and their browser is safe.

As a payment provider, Razorpay uses the highest assurance SSL certificate on its website which is the EV SSL (Extended Validity SSL) certificate.

Without TLS Encryption in place, all data sent over the Internet is unencrypted and is visible to anyone with the means and intent to intercept it. An easy way to check if the e-commerce websites you frequent are SSL certified is to look at the URL and see if it uses ‘http://’ or ‘https://’ protocol.

The additional ‘s’ signifies a secure e-payment system. You can also look for the padlock icon at the beginning of the URL. Modern web browsers in their race to make the Web secure by default are now following the opposite paradigm – mark HTTP sites as “insecure”.

2. PCI-DSS Compliance

The PCI Security Standards Council is a global organization that maintains and promotes compliance rules for managing cardholder data for all e-commerce websites and online payment systems.

The Payment Card Industry Data Security Standards (PCI-DSS) is in effect a set of policies that govern how sensitive cardholder information should be handled.

Fact: The PCI Security Standards Council was created as a joint initiative by the four major credit-card providers: American Express, Visa, MasterCard, and Discover, in the year 2004. Over the years, the PCI-DSS standard has become the guiding principle for online security across the globe.

For an e-commerce website or an online payment system to be PCI-DSS compliant they have to follow certain directives:

Maintain a secure network to process payments: This involves using robust firewalls which can protect against malicious security threats. Further, the website or payment gateway should not use default credentials like manufacturer provided PINs and passwords, and must allow customers to change this data as needed.

Ensure all data is encrypted during transmission: When cardholder data is transmitted online, it is imperative that it be encrypted. Razorpay encrypts all information you share using checkout via TLS (Transport Layer Security). This prevents data interception during transmission from your system to Razorpay.

Fact: On the Razorpay Payment Gateway, all the details entered by a user like their name, address, and credit/debit card information are used only to process and complete the order. Razorpay never stores sensitive information like CVV numbers, PINs etc.

Keep infrastructure secure: This directive involves keeping abreast of new PCI-DSS mandates and using updated software and spyware to protect against known software vulnerabilities, running regular system and software scans to ensure maximum data protection.

Restrict information access: An important part of securing online payments on e-commerce websites is restricting access to confidential information so that only authorized personnel will have access to cardholder data. Cardholder data must be protected at all times – both electronically and physically.

3. Tokenization

Tokenization is a process by which a 16-digit card number gets replaced by a digital identifier known as a ‘token’. This is done to ensure the safety of the original data while allowing payment gateways to securely access the cardholder data and initiate a secure payment.

Fact: Even if a website gets breached and the tokens stored are hacked, it is immensely difficult to reverse-engineer the actual card number from the token itself. To do this, one needs access to the logic used for tokenization, which is not publicly available.

Credit card tokenization helps e-commerce websites improve security, as it eliminates the need for storing credit card data, and reduces security breaches. For more on how tokenization works and impacts online payments, you can read our in-depth blog.

4. Two-Factor Authentication

Two Factor Authentication, aka 2FA, or two-step verification is an extra layer of security added by e-commerce websites to ensure a secure payment for a customer.

This is a customer-facing authentication process, mandated by regulatory bodies like RBI, in that the transaction is processed only after the user enters a detail that only they could know, or have at hand (like a physical token or a security key). Many banks and other e-payment gateways also use the 2FA for their own payment modes.

Fact: 2FA is not a newly-minted technology, but it has recently become the de-facto method of authentication in the digital age. In 2011, Google announced 2FA for heightening online security for its service. MSN and Yahoo followed suit.

When you use Net Banking for a transaction, you are first asked to enter your username and password. As a final confirmation, the bank sends you an OTP on your registered mobile number. This process has been mandated by the RBI, is divided into two levels of authentication:

What the user knows: In this step, users fill in their card/Net Banking details such as username and password. This helps the payment gateway recognize which bank the card belongs to.

What the user (and only the user) has: This step is known as ‘Authorization‘ and is done through the OTP/PIN/CVV. The bank (and the payment gateway) can then confirm that the request for payment is initiated by the rightful user.

5. Fraud Prevention

Apart from these mandatory protocols, most e-commerce websites and payment gateways have their own fraud and risk prevention systems. Big data analytics and machine learning play a huge role in devising these risk prevention and mitigation systems.

By delving into our customer’s data and analysing patterns, we at Razopray can discern between a ‘normal’ and a ‘suspicious’ transaction with credible accuracy. Apart from this, there is a lot that you as a customer can do to reduce the risk of fraud. 

Always remember that:  

– Anyone of importance will never ask for your card data/passwords up front. Banks and financial service providers have a safe protocol to gain admin access to an account if the need ever arises.

– Passwords are safer when you don’t write them down. Keep strong passwords that you can remember, change them frequently, and refrain from writing them down somewhere.

– You have the right to dispute suspicious charges on your card or accounts. Raise a chargeback request for any unidentified transaction on your card. You have a legal right to a resolution.

If you are building an e-commerce website, remember that fraud prevention requires that you follow all the above-mentioned protocols. Or find a payment gateway (hello there!) that has stringent security protocols already in place. We’re just a click of a button away!

GST Invoices : Create and Send GST-compliant Invoices with Razorpay

FeaturedRazorpay-GST-Invoices-Launch

With GST coming into effect in 2017, all Indian businesses are now required by law to create GST-compliant invoices – both on paper and electronically.

The number of e-invoices across the globe is on the rise (volume of e-invoices in 2016 was approx. $30 billion worldwide, with an average growth of 10-20% per year); as has the volume of e-retail, with global transactions crossing the $2.3 trillion mark in 2017.

This led the think tank at Razorpay to have another of our lightbulb moments – we already had the infrastructure for businesses to accept payments online.

Why not merge it with an invoicing feature so that accepting payments against a GST-compliant invoice becomes easier for everyone? This would automatically cut down the need for multiple software and make the payment process more seamless for everyone included.

So, we set to work. And the outcome is an intelligent software that provides automation of GST incorporation into invoicing – a feature that very few products in the market currently allow. As the Product Manager for this new feature, I am proud to introduce you to ‘Razorpay GST-compliant Payable Invoices‘.

gst invoicing software

Razorpay GST Invoices – How Do They Help?

Invoices have been in trend since the ancient times when merchants used clay tablets to keep a record of supply. In the simplest of terms, an invoice is a “document which states the supply of goods and services and forms the basis for a tax levy”.

GST-compliant invoices differ from the earlier VAT invoices by a few crucial factors:

  • It is important to mention details like GSTIN of the supplier and the customer, the place of supply, the HSN/SAC codes which are specific to the goods/services being sold.
  • The invoice needs to have a clear breakup of the tax levied. Just stating the value of tax is not enough; there needs to be a breakup of the CGST/SGST/IGST components.
  • It is mandatory to issue invoices for all registered supplies as not doing so will be considered an offence under the law.

For a B2B business, e-invoices are an effective way of managing compliance as well as saving costs. It is estimated that creating invoices online can help reduce operational costs by 60-80% vis-a-vis paper-based invoicing. However, this saving does not mean much if you spend money on multiple software for payment, accounting and for invoicing.

GST Sample Invoice

The Benefits of Using Razorpay GST Invoices

The Razorpay GST Invoices gives you access to a single powerful system- where you generate invoices and collect payments via the same software.

Ultimately, this helps your business reduce operational costs, reduce payment delay and delinquency, and manage cash flow in a better manner.

Most importantly, it adds an informational element to the transaction. The customer knows exactly what they are paying for upfront.

The hallmark of any good product is that it simplifies an industry pain point and helps improve business processes. Our invoicing feature helps you in the following ways:

  • You can create ‘Payable Invoices‘ for B2B or B2C transactions easily and accept payments via a single process. For monthly recurring invoices, you can use our APIs to create invoices in bulk.
  • Automatically include the GST breakup in your invoices. Since this is linked to the HSC/SAC codes of the supplied items, there is zero chance of error in levying taxes. Remember, GST tax rates vary according to the tax bracket of the item and correctly calculating tax is an important part of creating GST-compliant invoices.
  • Your customers can choose to pay from multiple payment options available on Razorpay or even use Virtual Accounts to make offline payments against the invoices. This enables customers to make instant payment – anywhere, any time – and helps businesses maintain regular cash flow for important tickets.
  • The ‘Dashboard Tracking’ option allows you to tally Account Receivable (outstanding amount) and the money collected/received from your Razorpay dashboard. There is no need for a separate accounting software for this.
  • In certain cases, your customers may want to make partial payments against an invoice. Let’s say they only wish to credit a small amount as an advance and expect to be able to pay the rest when they receive the goods. Razorpay GST Invoices come with a ‘Partial Payment’ option for such use cases.

Most importantly, you can use our software to create invoices even if you’re not registered under GST. Our intuitive and intelligent software can be used to create normal invoices without GST taxes that can be sent to your customers as proof of transaction.

Creating GST Invoices with Razorpay – The Process

At Razorpay, we have always been very particular about keeping the user flow/user experience simple, so that our users – whether they be a startup or an established business –  can use the product seamlessly. We have tried to do the same with the GST Invoices and I have detailed the process below.

For easy understanding, I have broken down the process into five steps from creation to reconciliation.

GST Invoice Generation

Step 1: Creation and Generation of GST Invoices

  • To create an invoice for a customer, begin by adding all the necessary details such as the GSTIN of the customer, PAN details, mobile phone, and email id.
  • Next, add item details of the goods/services sold to the customer. You can choose the HSN/SAC codes for the same, and add it to the invoice.
  • Once you add the item details and the place of supply, the GST will be automatically calculated by the software. The GST rate is linked to the item code and the place of supply; hence there is zero chance of error.

You can save the details for further use. This will help in the mass creation of invoices and faster creation of recurring invoices.

Step 2: Sharing of GST Invoices

  • The invoices are shared via email and SMS (you added these details in the first step).

Note: Even in legacy software, the sharing has to be done manually. However, Razorpay automates the process so that it is easier and faster.

Step 3: Payment

  • You can share your bank details over the same mail to facilitate online payments. This works for ‘Payable’ invoices that need to be paid online.

Step 4: Notification

  • If the invoice is paid online, you will receive notifications via the webhooks available on our site. If the payment is done via RTGS or NEFT, then it needs to be manually tallied.

Step 5: GST Reconciliation

  • Reconciliation for Razorpay GST invoices is done the same way as for any other invoice. You will have to account for the monthly ‘Account Receivables‘ and ‘Invoices Issued‘ and ensure that they both tally.

So there! The easiest invoicing solution for businesses is now in town – Razorpay GST- compliant Payable Invoices. Have you used it yet?

TDR, MDR and Other Payment Terms Simplified

Featured

So, there I am. A newbie in the world of geeks, trying my best to understand terminology I wouldn’t have been caught dead using just a few days back.

Yes, it’s KT (knowledge transfer) time at Razorpay and as the new kid on the content block, I need my grey cells to absorb as much of the payment-related terms as they can.

And that’s when it hits me. If understanding these bywords is hard for someone who’s been in the fintech industry for a while, I wonder what others go through.

So, whether you are a startup enthusiast, SME owner, or just a curious Lannister who likes to know things, here’s a simplified introduction to payments and some of the oft-used terms in the industry. I hope you find them useful!

For the purpose of this blog, let’s take a look at a simple payment flow and the terms associated with this:

[Blog] First Image

1. Aggregator/Gateway

A payment gateway is a technology that allows merchants to accept online payments from their customers. PayPal, WorldPay, MIGS are some well-known examples of payment gateways.

Now, customers have their own preferred method of making a payment. If I was buying my favorite beverage on ChaiPoint, I might pay for it via NetBanking, while somebody else might prefer a wallet or UPI.

A payment aggregator brings together all these various modes of payment in a single interface, thus allowing the user the flexibility of choice.

2. Authentication

When you are dealing with high volumes of money on a daily basis, fraud and risk must be minimized. The authentication process is what helps payment gateways verify that you are who you say you are and prevent fraudulent transactions.

As mandated by the RBI, every online transaction in India undergoes two levels of authentication:

  • Verification of payment details: This helps the payment gateway recognize which bank your card belongs to so that they can process your payment faster.
  • Verification of user or Authorization: This is done through the OTP/PIN/CVV. When you enter these correctly, you essentially tell the bank (and the payment gateway) that you are the person using the payment mode, and have initiated the request for payment.

3. Acquiring/Issuing Bank

Now, these are two very similar-sounding terms which can get a bit confusing at first. So, listen closely! Simply put, an acquiring bank is a bank which facilitates the transaction through its gateway. And the issuing bank is the one used by the customer when making a transaction.

Let’s say that I used my HDFC credit card for a purchase at ChaiPoint. The transaction was processed via Razorpay. The issuing bank – which gave me my card – is, therefore, HDFC.

Now, Razorpay has to channel my money to ChaiPoint, and it does so via the gateway provided by SBI. Thus, the acquiring bank, in this case, will be SBI. In a sense, the acquiring bank is the partner bank for the payment gateway.

**These terms become even more important when we talk of issues like refunds, or card holder’s verification. The onus is on the issuing bank to verify the details entered by the cardholder and validate the transaction.

4. Merchant/Nodal Account

As defined by the RBI, a nodal account is an account created by an e-commerce, payment gateway, wallets, and aggregators specifically in order to accept digital payments. A merchant account is a temporary virtual account that a business creates with a payment gateway.

For instance, Razorpay has a nodal account for accepting and processing payments. When a merchant signs up with Razorpay to use our services, we create dedicated merchant accounts for them, which act as temporary vaults for payments.

Every payment made by a user is first directed to the Razorpay nodal account and managed through the specific merchant account.

Once the funds are deposited into the merchant account, the merchant is free to do as they please with it. So, they can effectively choose to send the whole amount to any of their business’ current accounts, or use it to make payments to their vendors and other associates using a feature like the Razorpay Route.

Most Indian banks offer the facility to open a current account. You can also create one through a private service provider.

Now, I know what you are wondering about and here’s the answer to your query – a merchant account and a business’ current account are indeed two separate entities.

Provided by your payment processor, you can use the merchant account only to accept digital payments from your customers, and disburse it to your vendors. Your current account, on the other hand, is where funds from both cash and card transactions are added, and which you use to pay salaries and bills.

5. Capture

To help you understand this term better, let’s analyze the anatomy of the transaction I made at ChaiPoint earlier.

The process began with me choosing to make a purchase online. I picked my favored mode of payment, entered the details, and confirmed the payment.

Voila! I see that the money has been debited from my HDFC account and credited to Razorpay’s nodal account. It now needs to reach ChaiPoint’s account and for this to happen, ChaiPoint has to ‘capture’ the payment so that Razorpay knows where to forward it to – almost like sending out a virtual Thank You, and a confirmation that the money indeed belongs to them.

And if ChaiPoint does not raise this ‘capture’ request within a stipulated time (5 days from the date of payment) then the amount is automatically refunded to my account.

6. Settlement

Once the transaction has been ‘captured’, the payment gateway i.e. Razorpay has to ‘settle’ the amount with ChaiPoint. Note that the money has still not been transferred to ChaiPoint’s merchant account. This is because even though the authorization, authentication, and capture (in most cases) happen in real time, the fund transfer follows a separate cycle.

Banks transfer the amount to Razorpay’s nodal account first, and this usually takes 1-2 days. Razorpay then sends it to ChaiPoint’s merchant account, and this happens 2-3 days after the transaction was first made. This is known as a settlement

[Blog]Second Image

So far, we have looked at the flow of money from the user to the merchant and understood the terminologies involved. Now, let us understand the process of reversing a transaction (as in the image above) and the terms used in this flow.

7. Refunds

Refund is as refund does. Come on, we have all done this at least once in our lives!

A refund is, in essence, a reversal of a transaction made by a user. In cases where the user is not happy with the goods or services purchased, or if they have paid for said purchase without actually receiving anything, they can ask for their money to be refunded.

The process is complicated and if you have ever wondered about it, here’s a wonderful blog that should clear all your doubts.

**Refunds and chargebacks may seem similar, but there is a difference in their machinations. A refund is initiated by the merchant (with or without a request from the user) because they failed to provide the goods/services agreed upon. A chargeback is a customer asking the issuing bank to forcefully remove money from the merchant account because the charges levied by the merchant are not valid.

8. Chargeback

The world of online payments is not just APIs and code. Every once a while, it can read like an interesting whodunit. Imagine a scenario where a customer has been charged for transactions on his credit card, which he claims he did not make. Is this a case of amnesia? Sour grapes, or a shopping affair gone wrong? Or, an intent to defraud? Whoa!

When a customer contests a charge made on their card, the issuing bank immediately issues a ‘chargeback’.

Again, in the example that we have used till now, let’s assume I ask my issuing bank to initiate a chargeback against ChaiPoint for transactions billed to my credit card. ChaiPoint will now get its best Sherlocks on the case to prove the validity of these charges within 15 days, failing which I am entitled to get my money back. End of story.

While as a payment gateway Razorpay is not directly involved in initiating chargebacks and refunds, we are a part of this digital infrastructure and do our best to resolve such issues quickly. Ideally, a business would like to stay away from chargebacks because it causes both loss of inventory (if you did make a sale), as well as money.

All the charges levied on a digital transaction are also levied in case of a chargeback.

**The Fair Credit Billing Act of 1974 (USA) is widely considered as the genesis of chargebacks. In India, this would fall under the ambit of the Consumer Protection Act, 1986.

9. TDR/MDR/Bank Charges

As we have seen till now, there are a lot of steps and entities involved in a successful online transaction. Since all of these entities offer a service to the user, they are entitled to a small fee which we have detailed below:

Bank Charges: This is the amount that the acquiring bank charges for providing card payment services. This rate is in guidance with specifications provided by the RBI (Reserve Bank of India). One of the components included is the ‘Interchange’ which is a fee given by the acquiring bank to the issuing bank for their card transactions.

Processing Charges: Your payment aggregator might also have to pay certain fees to other players in the loop like online wallets or banks for processing payments of a specific type. They would include this in the amount they charge you for every successful transaction.

TDR – Transaction Discount Rate: This is the amount that the payment gateway charges the merchant while transferring the money to their merchant account. This is specified by the gateway itself and includes the above charges. In India, this is interchangeably used in common speech with MDR (Merchant Discount Rate).

In conclusion, TDR = Bank Charges + Processing Charges + Taxes

**Payment Aggregators also provide additional services and products for managing your payments and hence on a case-to-case basis, may charge an additional service component.

And there’s more, but that’s for another time!

This obviously is not the end of the terminologies, but this is where we will stop for now. The Indian payments industry has been evolving rapidly and payment gateways have become essential for all businesses; whether online or operating out of a brick-and-mortar space. Hopefully, these jargons have helped you understand our world better!

RazorpayX – How We Built a Startup in a Startup

RazorpayX

If you’re someone who’s interested in the Indian fintech industry, then you surely know of Razorpay. 

Razorpay’s extensive product suite caters to accepting, processing, and disbursing payments. Founded in 2014, the journey of Razorpay over the years has been incredible, powering disruptors of all scale. With product after product, we have been able to provide the best payment solutions for all sorts of business cases, no matter how complicated or straightforward.  

With over 800,000 merchants using Razorpay’s payment solutions, the biggest names in the market ride with us. Being the 7th employee at Razorpay, I’ve seen the company unfurl into a fintech superpower in India. And, I can’t be more proud to be a part of the overall growth and mission of the company.

Today, I’d like to shed some light on the most exciting product I’ve been working on – RazorpayX, our neobanking platform.

The story is interesting because it is not just about a great product that we are building, but also about how we came about it. 

In 2018, we announced our entry into business banking with RazorpayX in our flagship event, FTX.

You may wonder – why?

The gap in the system

How business banking is carried out is not the most efficient way to manage finances. With traditional business banking, businesses spend way too many hours on manual labor every month, while dealing with buggy software and complex infra systems. 

Several Razorpay merchants conveyed to us how their business banking experience is flawed, which got us thinking – we’ve already enhanced the payments experience. Who better to take business banking forward?

So, we validated the opportunity we had at hand and delved into some primary research.  We talked to 400+ merchants to understand their experience with business banking and drew insights from our conversations.

Next, we surveyed 1,500 CxOs and gathered

  • 64% of companies believe their payment service providers are best equipped to solve their payment challenges as opposed to banks
  • 10x as many companies polled believe payment service providers innovate better than banks
  • 36% of businesses believe manual dependency and reconciliation are the biggest challenges in their current money management

Our solution to bridging the gap – RazorpayX

Since we deal with many different payment flows, we wanted to create a whole new platform that would be dedicated only to building a product that would do away the challenges of business banking. We began to create a platform on which we can further build products that would ease the process challenges for businesses, like integrations with payroll software, and more.

During the early access, merchants were able to use the platform with virtual accounts. We created an entire API and dashboard payouts platform over a virtual account setup. In a few months, thousands of merchants started using it to make payouts at scale to vendors, customers, and even employees. 

From then to now, the platform has gone through major upgrades.

A few use-cases for RazorpayX

  1. Lending companies like Kissht and EarlySalary have been unable to disburse loans to their customers instantly owing to their dependencies on manual processes and cumbersome banking tech. With RazorpayX, these companies were able to disburse loans within seconds
  2. E-commerce companies that provide multiple payment options to their customers have traditionally not been able to process refunds for all methods with equal speed owing to an inconsistent customer experience. Cure.fit, Voylla.com, and other players in the market use RazorpayX to make instant refunds to their customers, irrespective of the payment mode (including CoD)
  3. A key component of making successful games is the process of ensuring winners get rewards, and fast. Dependencies on net-banking and manual methods were not optimal for progressive gaming companies. RazorpayX has helped companies like Mobile Premier League, RummyCulture, Pokersaints, and many more to transfer winnings immediately, and with ease

As we scaled, we realised current accounts would be integral to the product because of the growing demand to support higher volumes of transactions and superior customer experience. We wanted businesses to have the freedom to define their processes, unlike traditional current accounts.

During our event FTX 2.019, we announced RazorpayX’s expansion into current accounts, payroll, and corporate credit cards.

We built RazorpayX with Current Accounts in partnership with RBL bank and included all standard banking services like cheque book, debit card, and accounting statements. We merged these banking services along with powerful tech capabilities like API banking, approvals workflow, and insightful reports.

Next, we wanted to have a payroll system within RazorpayX’s platform. And, payroll is fragmented without a clear-cut solution, which got thinking – should we build? Should we buy? Or should we partner?

The more we thought, partnering made more sense, and we found the best company to partner with. Opfin, a payroll and HR management software company, turned out to be just right to automate the entire payroll process of a business, seamlessly.

Opfin does more than just payroll and fund transfers. It also manages tax filing and compliance via a unified platform, without having to hire any external vendors. 

Ok, current account, check.

Payroll, check.

What next?

We wanted to go just one step further. 

Corporate credit cards.

We’re partnering with banks and networks to build corporate credit cards from the ground up that offer immense flexibility with limited-time credit period and auto-repayment for businesses. These cards powered by our credit intelligence engine can be used to make payments towards Google Ads, Facebook Ads, AWS, Business Travel, and so much more.

So far and more

Even in early access, we’ve hit 3 billion annualised TPV serving thousands of merchants. We’re also processing over 2 Lac payouts every day, out of which 1 Lac is consumer loans.

We are perpetually endeavouring to make the RazorpayX platform more and more stable every day. We want to further grow the platform by building and integrating products that can extend to simplify business banking while providing the best possible experience to prove all businesses a viable alternative to traditional business banking.

We are constantly working towards reimagining and redefining business banking in India, and we’re looking forward to all of you joining us in our journey.

Manage Working Capital Efficiently with 100% Visibility in Settlements

razorpaysettlements

Working capital is more than just a financial metric. It is the fuel that allows companies to run their day-to-day business operations. Its management, or mismanagement, can have a very direct impact on a company’s financial health and operational success.

For businesses that accept payments online, working capital is a function of incoming settlements from their partner payment gateways. As a result, a lack of visibility in settlement timelines can end up creating a plethora of  challenges for companies. Some of these include:

  1. Lack of clarity around settlement timelines: Wondering when their payments will get processed can keep businesses worried and make it difficult for them to manage working capital efficiently
  2. Expected settlement amount: Knowing how much they are going to be paid is a crucial piece of information for companies to plan their day-to-day operations
  3. Settlement status on the transaction page: It is important for businesses to know which transactions have already been paid for and which are still pending
  4. International payments: Answers to questions regarding the settlement cycle of their international payments and service fees on the same are crucial for businesses
  5. Route settlements: Companies organized in a parent/child network or partner network should not find it very difficult to keep a track of how much each entity will be paid and by when

Settlement UX changes

To equip our merchants with the armor to handle these challenges, we’ve made the following UI/UX enhancements on the Razorpay dashboard:

Transparency on upcoming settlements 

  • The amount and date for your next settlement will now be visible on your Home page, Transactions page & Settlements page
  • This is the go-to metric for businesses of any size to quickly assess when their next settlement will happen and how much will they be paid

Settlement cycle in the ‘My Account’ section

  • New to Razorpay and want to check what your default settlement schedule is? This information is readily available on the dashboard. No need to reach out to the support team
  • Want to start accepting international payments? Check your international settlement schedule through your dashboard to better manage your cash flow

 

Settlement status for each and every transaction

  • No more confusion on which transaction you have received payment for and which is still pending
  • This feature also provides visibility on service fees paid to Razorpay

The above changes will significantly enhance visibility on settlements and provide our merchants with the information they need to efficiently manage their working capital. 

An essential quality of a payments solution is the ability to scale to meet the growing demands for our customers. Transparency in settlements is another endeavour by us to give you the best payments infrastructure.

Are you ready to simplify the way you accept online payments? Sign up on Razorpay if you haven’t and leave all your payment worries to us!

Bangalore Contributes 35% of All UPI Transactions in January

It’s interesting to note that within two years, UPI has created a league of its own. If you recall, UPI overhauled cards (debit & credit) for the first time ever in September 2019. And it continues to do so with a 44.23% contribution in January ‘20. 

One of the major reasons for its massive adoption is the push from the government, multiple banks, and wallet players.

When launched in 2016, UPI was just an addition to the evolving modes of P2P payments. However, the easy, instant, and hassle-free usage has led this payment mode to become the champion of digital payments today. 

This January, PhonePe is catching up to Google Pay. Let’s take a look at more numbers. 

All findings in this report are based on the P2M UPI transactions made on the Razorpay platform.

 

It does not come as a surprise anymore to see Google Pay as the first choice for UPI transactions. Almost half (49.08%) of the total UPI transactions on Razorpay were carried out via Google Pay alone. 

Close to Google Pay’s heels was PhonePe with an impressive share of 30.08%. And, in the third spot,  PayTM contributed 10.21%.

The other UPI apps that did not make it as big but got some traction are ICICI, SBI, Axis, and HDFC with 1.44%, 0.38%, 0.11%, and 0.06% respectively. 

Let’s also have a look as to how each of these apps grew individually. With a high spike on the charts of PhonePe and PayTM (growth of 13.6% and 17.95% respectively), Google Pay, one of the most preferred options saw a growth of 1.56% while BHIM saw the other side of the story, a decline of 3.24%. 

The other UPI apps on the list were the brick and mortar banks making their way into the wall-less world. SBI saw a growth of 15%, Axis climbed up by 4.95% while HDFC saw a growth of 1.83%. 

Move over, plastic money (January ’20)

While the users have given a safe corner to UPI on their screens and minds, the race between UPI and cards have gotten the most interesting spectators.

Here are some insights:

  • UPI contributed  44.23% of the total transactions that were made on the Razorpay platform
  • Cards comprised of 39.62% of the digital transactions while Netbanking stood third with a share of 9.05%
  • The rest of the modes were wallets (3.56%), bank transfers (2.41%), e-mandate (1.06%), and EMI (0.06%)

UPI in India – adoption and usage (January ’20)

In the effort of enabling digitalization across the nation, UPI has been a role player. In other words, UPI has easily been able to bridge through the set norms about the hassles of digital payments. The mobile-only payment option has made its way to become the primary payment option. But do you know how the individual states and cities contribute to the overall economy via UPI? 

Take a look:

  • Karnataka gets the tag of the most digitized state yet again by making up to 24.94% of the total UPI transactions that took place across the country. Among cities,  Bengaluru was the biggest contributor eating up a whopping 35.5% of the share
  • Maharashtra stood second in the row by contributing 15.2% with Pune contributing to 10% 
  • Thirdly, the southern state of Tamil Nadu contributed 10.21% to the overall UPI transactions in the month of January

Note: You may wonder how Karnataka’s contribution is 24.94% while Bangalore is 35.5%. The reason is, the state split is different from the city split. We consider the whole country to provide state-wise contribution, whereas we look into top 15 cities and calculate their contribution.

UPI in the last 6 months

Now, let’s also take a look at the past 6 months to understand this game-changer.

UPI saw its biggest growth jump in the month of September 2019. This was a striking hike of 39.56%! Just once in the past six months was there a dip in UPI usage, which was in November. From December 2019 to January 2020, UPI climbed up the ladder by 6.89% marking an incredible start to the new year, setting a benchmark for UPI in the months to come. 

UPI in 2020

In the upcoming months, we expect UPI to move ahead at this very pace. Being one of the most groundbreaking innovations in the payments space, UPI has come a long way from where it started. 

UPI will also be a gamechanger in the recurring payments space. NPCI has announced that consumers will be able to make recurring payments through UPI very soon. We believe that this will be the next big thing to take UPI forward by leaps and bounds in 2020.

Let’s wait and see how UPI will continue to explore new grounds in the Indian payments space in 2020. 

Now Collect Payments Faster with Payment Links Reminders

payment links reminders

Here’s an interesting fact: More than 40% of the B2B sales made in India are given on credit! This has been the nature of business in India for a very long time. And it’s not changing anytime soon. The relative or absolute pain of chasing after payments is immense. Almost every business, big or small,  endures this ordeal almost every day.

If it is one thing to close a deal with the ambivalent Indian customer, it is quite another to collect payments from him or her. It often happens that a customer or client leaves the business hanging with unrequited payment requests.

Razorpay Payment Links has been one of our earnest endeavours in trying to solve this problem. Instant links to collect payments instantly! In the last one year, we have seen a tremendous growth of our product with more than 1 crore payment links being created.

While this makes us feel proud about being able to help the smallest of businesses to the mightiest of banks collect hassle-free payments without any coding in a matter of minutes, we also know that getting payments on these links is certainly one of the most daunting challenges for them.

The typical ordeal for an MSME goes like this.

Day 0 – “Hello ma’am, we are so happy you want to buy our service, let me send out a payment link to you right now..”

  • Link sent 

Day 1 – “Hi, I hope you liked our service. Just wanted to check if you are having any difficulties in finding the payment link? Please let me know.”

  • Few days later 

Day 5 – “Hello ma’am, for the service you had used last Friday, we still haven’t received the payment. I have resent the link to you“

  • Business resends the payment link 

Day 6 – “Ma’am, payment is still pending”. To this, the customer says, “Can I pay you by an account transfer or UPI?” The businessman replies, “Of course, you can open the link and do so. I will also send you the account details and UPI ID additionally.”

  • The customer finds it difficult to find the link and sends the money via account transfer
  • The business spends half a day in carrying out the payment reconciliation, using the UTR of the transfer and again calls up to confirm with the customer

This is probably a softer version of what really happens. It is not unheard of for businesses to even send someone over to collect the payment in cash. While some of this is problematic owing to structural and possibly, cultural underpinnings, there is still a window of opportunity for us to deliver more value to our merchants.

Introducing reminders on Razorpay Payment Links

Payment Links will now come with automated reminders, which are orchestrated by the system based on the payment status of the link. These automated reminders will help you do the following:

  • Increase the number of paid invoices and links
  • Reduce cost and manual effort required to collect payments
  • Reduce the number of days taken by your customer to make the payment

You can either schedule the reminders based on the date of sending the payment link, or if you set an expiry to the payment link, you can have the reminders sent before the payment link expires.

“Schedule a reminder 1 day before expiry”
“Schedule a reminder the day after you send the link”

The reminders will be sent on SMS/email or on both.  The reminders will be sent at a time in the day based on our analysis of the payment patterns that we have noticed across a wide range of consumers and industries.

razorpay payment links reminders

Our merchants cited that automated reminders can complement the pursuit process in terms of the number of touchpoints through the collections process (SMSes were cited to have a better impact in this regard.) This can also be of help in nudging customers if they have been issued a link, which they haven’t paid yet. A classic example would be where a customer has expressed interest to buy but hasn’t crossed the threshold to go ahead and make the payment

We already have over a few hundred merchants sending 100,000 reminders using this product, just through organic discovery in the early rollout phase. I would suggest you go ahead and take a crack at it as well.

Yes, we can …get paid faster!

Don’t use Razorpay Payment Links yet? Start collecting payments without a website or app today!

Also read: Introducing the Payment Links Chrome Extension

Big Bang Reforms to Bring the Economy Back on Track

budget 2020 startups esops msmes

It took quite some time coming, but when they did, the reforms came as big bangs in Budget 2020.

Our Honorable Finance Minister, Nirmala Sitharaman presented her second Union Budget at a time when the Indian economy is witnessing its biggest slowdown since 2008. The economy needed a Budget to bolster growth by way of increased consumer demand, higher employment rates and ease in corporate as well as personal taxation. The FM delivered on all three counts.

And she adopted a three-pronged approach to do that – by focusing her Budget speech around aspiration, economic development and compassion. There was the possibility that this Budget would end up being merely a vision statement of the government, but thankfully, we believe it will give the economy that impetus it really needs. 

Of course, even though the Budget had a lot for businesses, big and small, the highlight will remain the new personal income tax regime. Income tax slabs have been revised to lessen tax burden on the middle class, thus increasing their disposable income and purchasing power. This is great news not only for consumers, but businesses as well. Higher purchasing power translates into higher sales for businesses, after all. This encourages businesses to innovative job creators.. 

Like the Finance Minister said, entrepreneurship has always been the strength of India. Indian businessmen are risk takers who come up with disrupting solutions. And as someone who belongs to the robust startup ecosystem of India, I can say for all of us that the proposals presented in the Budget for startups and MSMEs will go a long way in boosting the economy.

For me, the two most important announcements in the Budget were around reduced compliance for MSMEs and relief in ESOP taxation.

The FM has proposed that the audit threshold for small traders and MSMEs will be raised from Rs 1 crore to Rs 5 crore. This means that there will be no requirement for businesses to get their accounts audited  if their annual turnover doesn’t exceed Rs 5 crore. The one caveat here is that this will apply to only those businesses that carry out less than 5% of their transactions in cash. This move will decrease compliance requirements for small businesses and give them one more strong reason to accept digital payments.

For startups and their employees, the relief in ESOP taxation is a major positive to have come out of the Budget. The perquisite taxation at the time of exercising ESOPs has been deferred to 5 years or till they leave the company or till they sell their shares, whichever is earlier. This move will incentivise talent to work for startups. I had spoken about this to the media in my pre-Budget expectations as well. ESOPs are often a significant component of a startup employee’s compensation, and not having to pay tax at the time of allotment of shares will work wonders for the best talent in India to continue being a part of this burgeoning ecosystem.

Another huge plus for startups for the increase in turnover limit for tax exemptions, from Rs 25 crore to Rs 100 crore. The eligibility to claim this exemption has also been hiked from 7 years to 10 years. What this means is that startups with turnover below Rs 100 crore will not have to pay tax on profits up to 10 years.

Coming back to the MSME sector, it was heartening to hear the FM say that 5 lakh MSMEs have so far benefited from the restructuring of loans. I am happy that the Finance Ministry has asked the RBI to extend this debt restructuring window by one more year. This, along with the proposals to introduce an app-based invoice financing product and a new logistics policy, will make MSMEs more competitive and ease their working capital issues

Among the other notable Budget highlights that caught our ear were on the lines of encouraging entrepreneurship within the country. The single investment clearance cell that will aim to expedite the process of setting up a business by merging all required licences into a single hub is great news. In a similar vein, the digital platform for seamless application and capturing of intellectual property rights will help startups protect their original ideas. India is already moving up in the Ease of Doing Business index and both of these endeavors will further help. 

Overall, I can only say that the traditional bahi-khata wrapped in a red cloth, which has replaced the corporate briefcase, seems to be bringing good news for the economy. India needs a clean, reliable and robust financial sector to pull the economy out of the slump. And Budget 2020 was a step in the right direction. There is spirit, there is hope and now, there is also a clear roadmap. 

This article was first published in Financial Express.

budget 2020 highlights startups msmes

Razorpay Partner Program: Earn Commissions by Becoming a Reseller

razorpay partner program

The payments landscape in India is at its most evolutionary path. Digitization of payments is a win-win for everyone involved, after all.

Having already offered digital payment solutions to over 8,00,000 businesses in India, we believed it was time for us to build an affiliate program for partners to bring more businesses on board the digital payments ecosystem. 

We had opened the doors to the Razorpay Partner Program a few months back with that in mind.

With the Razorpay Partner Program, not only will you have a channel to earn a sizable side income but also assist growing MSMEs in combating one of the biggest challenges – hassle-free and secure online payment systems.

What is the Razorpay Partner Program?

The Razorpay Partner Program is a referral program through which you can offer the Razorpay product suite to your clients or customers and get rewarded for the same. The program then becomes a source of additional income for Razorpay partners.

razorpay partner program

This affiliate program is not just limited to agencies and companies alone. Even individuals, freelancers or unregistered businesses can be a part of this program and earn commissions by referring businesses to Razorpay.

Who can be a part of the Razorpay Partner Program?

Simply put, anyone from a student to an e-commerce consultant can partner with Razorpay for the affiliate program. Here’s some of the popular categories amongst existing Razorpay partners:

  • Web & app developers
  • Digital marketing service providers
  • Web hosting services
  • Bloggers and influencers 
  • Freelancers & unregistered businesses
  • E-commerce consultants
  • Individuals & students

Anyone ranging from an enterprise business to an individual with a client base that needs online payments solutions for their business can be a part of this referral program.

Here are the primary reasons to help you understand why should you become a part of the Razorpay referral program:

  • Fast & seamless onboarding: Get started with Razorpay in less than 5 minutes with 100% paperless onboarding
  • Lucrative rewards for all: Earn commissions for every transaction carried out by your affiliate accounts
  • Extensive partner support: Get features like bulk email, chatbot support, refund tracking system along with a dedicated account manager
  • Powerful dashboard: Take better business decisions by analysing detailed reports about payments, settlements and refunds
  • API driven products: Save on time by using our ready-to-use integration kits for leading service providers like Magento, WooCommerce, Shopify and so on
  • Multi-currency support: Razorpay supports over a 100 foreign currencies 
  • Robust product suite: Get a solution to all your payment issues on one platform: Payment Links, GST-compliant invoicing, Payment Gateway, subscriptions and a lot more

We are trusted by thousands of partners coming from all across India.

Here’s what Shashwat Swaroop from Marmeto has to say about the Razorpay Partner Program:

The suite of products Razorpay has is just amazing. They are easily integrable, super user-friendly and highly reliable. The Partner Program has pushed the horizons even further with an amazing support and handhold approach. We now have more power to build secure and scalable solutions for all our merchants. Kudos to the team!

How to get started with the Razorpay Partner Program

The process to start referring and earning is as simple as it could be. Just follow these steps:

Step 01- Visit https://razorpay.com/partners/ and enter your details 

Step 02- Once the signup is complete, you will get access to the Partner dashboard 

Step 03- Add your merchants’ details and invite them to complete their KYC 

Step 04- Earn a fixed commission the first time a merchant transacts and continue earning a variable commission right through his journey with Razorpay 

What makes the Razorpay Partner Program different from others?

While there is a list of affiliate programs that are up and running, there arises a question: What makes the Razorpay referral program better than the rest? Here’s your answer:

  • Widest range of payment methods, ranging from credit cards, debit cards, netbanking, EMI, wallets, UPI, BharatQR. You name it, we have it
  • 100% online onboarding for merchants across any line of business
  • Dedicated account manager for each partner
  • 24*7 assistance by our team for a hassle-free experience
  • Personalized dashboard for every partner for easy tracking and better decision making

What’s in it for your customers to onboard?

No more worries about collecting online payments! While you as a business will earn awesome incentives, the customers you onboard enjoy a list of perks like:

  • No setup fee, no annual maintenance charges
  • 24/7 fraud protection via Razorpay Thirdwatch
  • Wide range of products
  • Frill-free solutions like Payment Links and Payment Pages
  • Easy and quick integration kits 
  • Industry best success rates 
  • Subjective free credits

The Razorpay Partner Program is a win-win for partners and their customers. While partners earn commissions by providing the most trusted payments solutions at special prices, their customers are able to grow their business & earn their trust.

Become a Razorpay Partner today!

Digital Payments in Delhi Grew by 235% in 2019 – The Era of Rising Fintech

Here we are with our 4th edition of ‘The Era of Rising Fintech’!

2019 was particularly a good year for fintech. Many innovations contributed to India becoming one of the most advanced countries in terms of digital payments. With the new year kicking in, we wanted to bring you a few insights on how India carries out digital transactions. 

As Razorpay oversees enormous volumes of digital transactions from all over the country, we were able to derive these insights based on how Indian businesses accept payments from their customers. Further, we also analysed how Indian consumers transact. 

All findings in this report are based on digital transactions made on the Razorpay platform from January 2018 to December 2019.

Here are a few nuggets:

  • Demand for digital payments have been at a consistent rise – 338% from 2018 to 2019
  • Bangalore was the most digitised city in 2019 with a contribution of 23.3% of the total digital transactions carried out in the year, followed by Delhi and Hyderabad at 10.4% and 7.4% respectively
  • UPI overhauled netbanking, cards, and other digital payments in September 2019, becoming the most preferred payment mode in India for the very first time
  • UPI also saw the highest growth at 885% in 2019 from 2018

Growth of digital payments in India

We enable payments of over 800,000 merchants from all over India. We studied all the P2M (Person to Merchant) transactions made in 2018 and 2019 throughout the country. Here are a few points that are mention-worthy.

  • Karnataka pitched in the majority of digital payments in both 2018 and 2019, at 30.7% and 24.6% respectively
  • After Bangalore (23.3%), Delhi (10.4%) and Hyderabad (7.6%) were the most digital payments friendly cities in 2019
  • In 2019, UPI exceeded its previous contribution at 38%, eating into cards’ share while credit and debit cards collectively contributed 46%
  • Google Pay’s reign continued through 2019 at 59%, becoming the most preferred UPI app of all time
  • Top sectors in 2019 were food and beverage (26%), financial services (12%), and gaming (8%) industries
  • Lending, mutual funds, and insurance were the top three verticals in the financial services industry, contributing 83%, 9%, and 8%

The Era of Rising Fintech – Delhi edition

In our last report, we focused on Hyderabad and its growth towards becoming one of the advocates for digital payments. Our star for the 4th edition is Delhi. 

We pooled in the transactions carried out in Delhi during 2018 and 2019 and inferred these insights.

  • Digital payments in Delhi saw a huge spike at 234.97% from 2018 to 2019 
  • In 2019, cards were mostly preferred for digital payments at 64% over netbanking and UPI 
  • UPI contributed 12% of the total digital transactions made in 2018, but saw a rise in adoption and usage in 2019 at 20%
  • Google Pay was the #1 UPI app in Delhi throughout 2018 at 39%, as well as 2019 at 50%
  • Amongst wallets, Ola Money (27%) was mostly used, followed by Amazon Pay (25%)

What we can expect in 2020

We, at Razorpay, love numbers. Over the years, we have spent long hours analysing numbers to draw insights, patterns, and trends. And, based on data and research, here’s what we can look forward to this year.

Trust is something fintech did not immediately win over from Indian consumers. But, with innovations that have made payments easier and much more secure, we believe more and more consumers will trust fintech, resulting in more innovations in 2020. 

We predict that this trend will continue in 2020, where UPI will thrive as the most preferred payment mode.

We also believe tokenisation of cards will cause the next big wave this year, helping credit card frauds go down. Also, consumers and businesses will become more aware of what neobanking is and how it can simplify financial operations. 

We can also expect the potential launch of next-gen NEFT that can lead to a higher degree of automation and features that conform to the global standards.

End of the line

India is becoming one of the leaders in fintech and digital payments. While tier 1 cities contributed to this growth, we are very excited to see tier 2 and 3 cities jumping on the bandwagon. 

Let’s meet again in our next edition of The Era of Rising Fintech, with insights about a whole new city!

fintech report razorpay delhi

Turnover of Over Rs 50 Crore? You Now Need to Accept Payments Using RuPay & UPI

The Indian government’s push for a digital economy is very much real. In the past couple of years, we have seen numerous endeavours from the government to drive the adoption of digital payments. The recent removal of MDR charges on transactions done using UPI and RuPay is a case in point. 

Coming on the heels of this move, the Central Board of Direct Taxes (CBDT) released a notification under Section 269SU that aims to increase the use of UPI and RuPay for business-to-business (B2B) payments. And why not? UPI has grown by leaps and bounds in the consumer payments space. Google Pay, PhonePe are now common household names and synonymous with P2P money transfers. It makes sense that the convenience and speed of UPI payments be utilized by businesses as well.

Hence, as per the government’s latest notification, businesses with gross receipts of more than Rs 50 crore need to provide the facility to their customers of making payments through UPI, UPI QR codes and RuPay debit cards. 

Here’s the circular for your reference.

Source: IncometaxIndia.gov.in

This notification under Section 269SU came out from the Central Board of Direct Taxes on 30th December 2019. It set the deadline of 31st January 2020 for businesses to install this facility into their systems. The penalty for not meeting this deadline has been set as a fine of Rs 5,000 per day from 1st February 2020 onwards.

The nitty-gritty of the notification is that the rule has to be followed by businesses where the turnover exceeds Rs 50 crore in the immediately preceding fiscal year. Besides any electronic payment modes you may already have, every applicable business needs to mandatorily also support:

  • Debit card powered by RuPay
  • Unified Payments Interface (UPI) (BHIM-UPI)
  • Unified Payments Interface Quick Response Code (UPI QR Code) (BHIM-UPI QR Code)

UPI and RuPay are both properties of the National Payments Corporation of India (NPCI). Apart from promoting digital payments within the country, the government also aims to increase the adoption of state-sponsored payment infrastructure through the adoption of UPI and RuPay.

As mentioned earlier, UPI has seen immense rise in usage all through 2019. It contributed to 37.7% of all digital payments through 2019 on the Razorpay platform. While most of this contribution came from the B2C space, we believe that UPI has great usability in the B2B space as well.

How to accept B2B payments in UPI and RuPay

Coming back to the CBDT notification, with the 31st January deadline looming, the best way for businesses to fulfill the notification would be by integrating with a payment platform like Razorpay.

A payment gateway is a system that is designed to handle end-to-end payments. A payment gateway, when integrated with a business’s website or app, allows the business to accept domestic as well as international payments through all electronic modes. This includes netbanking, credit cards, debit cards and the notification’s requirements of UPI and RuPay. 

The best part about the Razorpay Payment Gateway is the ease of integration. With well-documented SDKs, RESTful APIs and support for popular plugins, getting onboard with Razorpay Payment Gateway will be a breeze to help your business meet the government’s deadline.

Features of Razorpay Payment Gateway:

  • Quick onboarding and integration
  • Developer-friendly APIs and plugins
  • PCI-DSS Level 1 security
  • Support for all payment modes 

The other options that your business can explore are Razorpay Payment Pages and Razorpay Payment Links. Payment Pages allows you to build a custom-branded page to showcase your brand, products and services, and accept payments on the go. 

Features of Razorpay Payment Pages:

  • No coding required
  • Go live in minutes
  • Meet your brand guidelines
  • Create a memorable URL

razorpay payment pages

With Payment Links, your business can send individual links to customers through email, SMS, chatbots and messengers. The recipient has to just click on the link to make the payment.

Features of Razorpay Payment Links:

  • Customise to your brand guidelines
  • No coding required
  • Automate through powerful APIs
  • Get started instantly 

razorpay payment links

Both Payment Pages and Payment Links support all payment modes, including the ones stipulated in the notification, that are supported by our Payment Gateway. If integrating with the Payment Gateway would be difficult before 31st January, then the best bet for your business would be to set up a Payment Page and fulfill the government’s ask in a matter of minutes. 

The CBDT notification under rule 119AA has come into force under the Income Tax Act from 1st January 2020. If your business exceeds the turnover of Rs 50 crore, you should get the facility to accept UPI and RuPay payments right away. Write to us at enterprise@razorpay.com to expedite the process through our banking partners.

Data Engineering at Scale – Building a Real-time Data Highway

At Razorpay, we have data coming into our systems at an extremely high scale and from a variety of sources. To ensure and enable that the company can operate by placing data at its core, enabling data democratization has become essential. This means, that we need to have systems in place that can capture, enrich and disseminate the data in the right fashion to the right stakeholders. 

This is the first part of our journey into data engineering systems at scale, and here, we focus on terms of our scalable real-time data highway. 

In the subsequent articles, we will be sharing our ideas and implementation details around our near real-time pipelines, optimizations around our storage layer, data warehousing and our overall design around what we call a “data lake”.  

Understanding data classification

The idea of building a data platform is to collate all data relevant to Razorpay in every way possible in a consolidated place in its native format, that can be later processed to serve different consumption patterns. 

And, in this regard, the data platform needs to handle a variety of things (included but not limited to) like data governance, data provenance, data availability, security, integrity, among additional platform capabilities. 

In order to do any of the above, we need to understand the nature of the data. At a bird’s eye level, data within Razorpay, will broadly fall into 2 categories: 

  1. Entities: Capturing changes to our payments, refunds, settlements, etc will happen at an entity level where we maintain the latest state (or even store all the states) of each entity in our storage in multiple manifestations that can serve all kinds of consumers later
  2. Events: Applications (internal, external, third party) sending messages to the data platform, as part of any business processing. And by this, we broadly mean any and every system that ever interacts with the Razorpay ecosystem, which can potentially end up sending data to the data platform. As much as the respective databases can only answer the final state, the events help us understand, how each system/service reached its final state

Evolution and need for a scalable real-time data highway

To understand why we need to build a real-time data highway, and with the explosive growth we have seen, we have constantly been in the quest to answer some of the following questions:

  • What has been the result of some experiments we do?
  • What is the success rate of different gateways, payment methods, merchants etc?
  • How do we make our internal business metrics available to all the respective business and product owners?
  • How can our support, operations, SRE and other teams monitor and setup alerts, around the key metrics across different products and services?
  • Ability to slice and dice all our products, across 100s of different dimensions and KPIs

What was before?

Before we jump into solving some of our above asks, let us briefly look at what we used to have to answer some of these. We built a traditional ETL pipeline, that queries our application database (MYSQL) on a batch interval and updates an internal elasticsearch cluster. 

Not only does this power our customer facing analytics dashboard, but also was fronted by an authenticated kibana dashboard for doing all the above activities. For a certain set of business folks, the data was piped into tableau over s3/athena. For managing the ETL pipeline, we had written a framework on top of apache beam to pull the respective tables, with the joins and transformations, in a composable  ETL pipeline. What this meant was simply a matter of updating a few configurations for a new pipeline. 

At a very high level, the architecture of such a system, looks like the following: 

data engineering razorpay

  1. Input data is read through MySQL in a window period and make a PCollection of payments with payment ID and details as <K-V> pair
  2. In the next transform, we fetch key merchants and use payments formatter to get output data PCollection
  3. In the final step, we write the PCollection to elasticsearch.
  4. Kibana is used as a BI tool to monitor the payment success rates, dashboards

And to serve our customer facing analytics dashboard, we wrote an internal python framework and an API layer that translates an SQL query to an elasticsearch query. As of today, elasticsearch versions 7 and above support built in SQL query. We have, however, been running this framework, successfully in production for over 2 years(much before such a feature was available on elasticsearch) and is serving all our merchant analytics, straight, using the above.

Even with the recent versions of elasticsearch, some our aggregations cannot be directly translated into elasticsearch SQL query format. So, in essence, the merchant/customer dashboard, queries our internal analytics API, using a rest endpoint with the SQL like query, which is converted internally into an elasticsearch query, with the respective aggregations run and presented back to the front end layer for building the visualizations. 

This only solved the need for physical database related changes. In addition to the above, our applications, also emitted events specific to different use cases. 

To initially get this working, after trying several expensive tools, we settled at using newrelic insights to power all our events use cases. We have been using newrelic for all our APM use cases and we ended up powering our events and other metrics using insights. 

As much as it worked for over 2 years, it started becoming quite expensive. In addition, detailed funneling and long term queries became extremely difficult. More than all, it couldn’t be easily correlated to our database changes, primary due to the fact that the events were real time, while the data capture was in batch mode. Also, joining visualizations across newrelic and kibana was turning out to be painful. In essence, the architecture for this system looked like the below.

data engineering razorpay

The following were some of the additional issues we saw with newrelic:

  • Data is locked with newrelic, not easily exportable, data retention for 3 months only (retention is calculated based on usage)
  • Some of our funneling queries, produce incorrect results for old data
  • Subqueries are not possible
  • The number of results capped at 1000 rows max
  • Negative funnels are not possible
  • Reference to a property from a top-level query in a bottom-level query for the funnel is not possible
  • Order of events is not regarded in funnels. While creating funnels, if your funnel says A -> B -> C, even those sessions will be counted for the funnel when the actual order of events was C -> A -> B
  • Since newrelic is an external system, any data enrichment(e.g.: key mappings, customer mappings etc) cannot be applied on the fly. Data enrichment cannot be done, post facto. This poses a heavy challenge when multiple services want to enrich a request that spans across different services
  • In addition, we cannot maintain any specific lookup tables(if needed) to enable custom enrichments(e.g.: geo ip lookup, mobile device mapping, user agent mapping etc)

What was the problem with the above?

While the above system has been serving all the above needs, it presented us with the following challenges:

  • As it is a traditional batch system, we will have delays in terms of being able to slice and dice in real time
  • Scaling elasticsearch for heavy business queries was challenging. As a result, we had to setup multiple elasticsearch clusters(for internal and customer facing use cases). In addition, tuning elasticsearch for our needs became a constant challenge
  • Data governance: We had to build a whole lot of access control mechanisms on top of kibana to ensure role based access control. Elastic search only supported search guard, which came with its own performance issues
  • Joins: Some of our dashboards required us to join across a variety of databases and tables. Elasticsearch, inherently does not support joins. So, the above means, we had to make constant modifications to our ETL pipelines, to ensure we are able to keep our indexes, upto date, based on these every growing needs
  • Schema Evolution: In addition to the above, our internal application schema is constantly evolving and for every such evolution, we had to rely on elastic search index versioning and aliasing strategies to ensure data correctness. In addition, this required us to backport data across different indexes
  • Cross join events with db changes: As mentioned above, we couldn’t easily do causation-correlation analysis at any given point easily. We had to export reports from each of the above systems(newrelic, tableau, elasticsearch) and needed manual intervention to understand any issues at hand
  • Availability: We also wanted all of this data, in some fashion, to be available to our data scientists and that also was turning to be cumbersome. This again, needed multiple different kinds of exports. In addition, the data governance rules become worse to deal with, for all these situations

In addition to the above, we had multiple BI solutions being used internally for different stakeholders:

  • Engineering wanted to query through SQL like interface
  • Product Analysts preferred custom dashboards
  • Business analysts wanted richer visualizations
  • Marketing wanted other integrations around Hubspot, Google Analytics etc

In essence, there was a strong need to converge all our BI use cases into a single unified platform. The above issues, were inhibiting us, in terms of exploring and analysing the data within the entire ecosystem. Earlier this year, our product team arrived at a single BI tool, to which all data will be tied to.  

Evolving to a real-time data pipeline

Sometime early this year, post the decision on unifying the BI tool, the data engineering team was given the task of building a real time pipeline, served through the unified BI tool for handling the above issues. 

The data engineering team was already building a scalable data lake for resolving some of the above issues. However, with the need to handle some of our peak load transactions and improve our operational excellence, the product team prioritized having a real time capability that needed to be exposed to all our internal stakeholders, within the lake. 

The long-term idea is to expose these capabilities to our customers, on a real time basis, thereby eliminating our older version of the analytics dashboard. The data engineering team started having a close look at the scale of the problem to be handled. Here is a high level summary of our findings:

  • We do several million transactions per day(~100M)
  • With just a small fraction of our application stack integrated into the data engineering platform, we are generating close to 0.5 billion events a day
  • The compressed size of our data within the lake, at this point was close to 100+TBs.

All of the above, just within a few months of building the data lake!

Lets understand the above in a little more detail, before we present the solutioning here:

  • We have a variety of micro services that run as part of our core payment gateway system to handle a single successful payment
  • Post a successful payment, there are a variety of other services that handle different post payment processing activities like refunds, settlements etc
  • In addition to the above, we have other products that directly and indirectly use the core payment gateway services like subscriptions, invoices etc
  • Our front end and mobile SDKs emits a variety of events into our system. We cannot use third party systems like google analytics etc, as per PCI norms and other CORS issues. So, all these events have to be piped into the lake
  • Over and above these, our internal micro services also emit events during different stages of their processing lifecycle

To solve all the above issues, we divide our discussion into real time entities and real time events. 

Real time entities

Writing to a database is easy, but getting the data out again is surprisingly hard. If you just want to query the database and get some results, that’s fine. But what if you want a copy of your database content in some other system like data lake for real-time analytics?

If your data never changed, it would be easy. You could just take a snapshot of the database (a full dump, e.g. a backup), copy it over, and load it into the data lake. This poses 2 different kinds of problems:

  1. Most of the data goes through a state machine and hence, the state of the data changes rapidly
  2. Getting the up-to-date view of this data is challenging in real time.

Even if you take a snapshot once a day, you still have one-day-old data in the downstream system, and on a large database, those snapshots and bulk loads can become very expensive, which is not great.

So, what does the above mean?

  • We will need to incrementally load data into a real time streaming pipeline that directly manifests into the lake
  • We cannot expose our internal primary database to our BI tool as it stores a lot of sensitive information
  • We want our real time stream to be as performant as possible
  • We do not want to keep the data in our real time stream for eternity, as its primary use case is around instantaneous monitoring, visualization and alerting

Keeping the above in mind, the data team had made the following assumptions:

  • We do not need all of this data for eternity, unlike our traditional OLTP store. So, we decided to store the data as a rolling window update over seven days(1 week)
  • We will still want to maintain some basic governing facts loaded here for eternity(e.g. Merchants, customers, card bins etc)
  • We will want this system to be extremely performant and being able to query as fast as possible
  • Some of the rolling aggregations are fairly complex and needs to be computed with as much data as possible to achieve the desired latency
  • We will want the change data to be captured here, as soon as possible
  • In essence, all operations on this store will only be upsert operations, as we do not want to keep a copy of any older/stale data

At a very high level, our architecture for solving this problem looks like the following:

data engineering razorpay

 The flow of data will look something like this:

  • MySQL Read Replica instance used to pull the data
  • We use maxwell to handle the CDC(change data capture) and also ensure, we filter out sensitive information before reading the bin log
  • A Maxwell daemon detects change data capture (CDC)  to this DB and pushes them to a Kafka Topic
  • A spark consumer will now keep reading from the kafka stream and keep batching updates every few seconds(note: the minimum batch duration available in spark is 100 ms)
  • Finally, Change data is pushed to the real time data store, where the queries can be executed from the BI tool.

Choice of real-time data store

We did a variety of evaluations on some of the existing data stores for the real-time use case. In essence, we wanted SQL capabilities to be used by the unified BI tool. Most folks within the organization are comfortable with SQL and hence, we wanted something that fits the bill. 

After evaluating a bunch of OLAP engines, we arrived at timescaledb as a choice of this engine. Timescaledb is an underlying postgres engine with a timeseries extension. This gives us the ability to not compromise on the SQL like capabilities and also gives some of the advantages over rolling aggregate computation etc.  In addition, we will want the operational cost to be extremely lesser with self-healing and auto-scaling abilities possible. 

We didn’t want to spend large amounts of money investing in a paid solution like memsql etc to solve these problems. Considering all the above, TimescaleDB seems like a reasonable place to start, simple enough to set up and maintain and seems to meet all the respective criteria.

Real time events

As mentioned above, as of today, only a small fraction of all our workloads(front end systems, mobile SDKs and a few core transactional apps) are pushing events into the data lake. Despite this, the data lake is receiving close to 0.5B events per day. 

As you would’ve guessed, with all the existing services pushing events, this number is only going to grow significantly. For a long while, we had an internal event ingestion pipeline(codename: lumberjack), written in go,  which primary relays incoming events from multiple producers into desirable targets. 

In essence, all that is needed for any app, to tie its events into the lake, just needed to register itself through a configuration. The reason for choosing go over java or others, is to achieve an extremely high level of concurrency, with minimal operating metrics(cpu, memory etc). In addition, this was designed as a heavy I/O bound application, as most work was simply processing, doing minimal validation/enrichment and transmitting events. 

We already discussed some of the challenges we had with events being pushed to newrelic. So, we wanted to move all of the events, into a central store, from where we could query using our unified BI tool. 

We started making minor architectural changes to our event ingestion pipeline to arrive at the following:

data engineering razorpay

Lumberjack workers: We were originally pushing to aws SQS. We wanted streaming capabilities and SQS was only supporting long poll. So, we decided to move this to Kafka streaming. Kafka streaming gave us the ability to replay and manage offsets effectively. 

Consumer : We completely removed the task of pushing events to newrelic. This way, we got rid of the Kafka consumer, which was running on the lumberjack side. We moved to this operation to a spark streaming job, which will read messages from kafka in order of appearance and stream this to an S3 bucket. 

Sink – S3: Spark streaming job will sink data for every micro-batch interval, which is configurable. Currently, we have set it to 1 min. Every micro-batch is accumulated in memory, so we can configure the sink interval based on data size. Again, the minimum micro batch interval supported by spark is 100ms

Query execution: We are using presto for query execution. The advantage we get here is sub second responses for a few million records. 

S3 – Partition: In order to further speed up the query execution of the events across multiple days, we create daily partitions(msck repair) to ensure the users can query using the created_date as the primary partition key. This has been configured into our BI tool. 

Infrastructure setup

Our entire infrastructure for all of Razorpay has been deployed and operated via kubernetes. In essence, except for the spark setup, we run and manage all the other aspects via kubernetes. 

So, in essence, maxwell has been running as a deployment, kafka is running as a kubernetes daemonset, exposed to the spark pipelines and timescaledb also has been setup using a kubernetes daemonset backed with a remote AWS EBS volume. Connectivity from the BI tool is enabled to the timescaleDB over NLB and the AWS Security group associated with timescaledb, ensures security over the setup.

 The above aside, the spark cluster has been exposed to our BI tool, controlled again via AWS security group and only allows presto queries to be executed. We use prometheus for all our internal metrics. 

Currently, since spark doesn’t support out of the box metrics to be injected into prometheus, we have funneled the metrics to lumberjack from spark, which is directly scraped by prometheus and exposed on our dashboards. 

Databricks has an upstream patch on spark, but that’s not yet merged into spark core, for pushing prometheus metrics into a push gateway. (TBD: we might need a separate section around metrics here and also add diagrams for infra).

The major challenges

Real-time data challenges:

  1. Since Pipeline has to handle DDL and DML both logs, so the order of committing the statement to the data lake is very crucial which was a major challenge for pushing data in the same order as it was generated. We have implemented custom logic to create the order by considering the bin log file name and offset of that file. We have an internal schema registry deployed again on kubernetes, to manage the same. This allows us to track schema evolution over a period of time and also ensures we can keep multiple copies of the data, on the lake
  2. Kafka has slowed down periodically due to limited partitions. This leads to a lag in the data lake, which was fixed by partitioning on unique IDs 
  3. The Dashboard queries performance is bad so we implemented a custom user defined function which aggregates the data in a rolling time window and caches the old aggregate data
  4. Because high transactions happen in the DB system for humongous tables such as payments, orders, etc. and how transaction happen in small tables like marchent we can not distribute load uniformly across partitions. This leads to Data write performance skew
  5. Mysql GTID also cannot be used around sequencing in certain cases, and we have built custom sort and de-duplication mechanics to handle out of order events
  6. Replication delays: In order to avoid AWS inter AZ data transfer cost, and to avoid pressure on the primary databases, we have designed maxwell to read from the replica. As a result, at peak times, if there is a replication lag, our real time pipelines expect the same delay on processing and transmission
  7. Scaling challenges around timescaledb: At the moment, timescaledb inherently dosen’t support clustering options. We plan to move this layer either using kubedb into a clustered mode, or perhaps use other mechanisms to ensure we have better clustering / MPP kind of execution
  8. In addition, we can cut down the spark processing time, by moving this pipeline into flink, which can directly stream kafka to timescaledb endpoint

Real-time entities challenges:

  1. Since the events are pushed in small micro batches, this leads to a lot of cost overhead on S3. In addition, during query execution, we were bitten by hadoop’s small file problem. We are still balancing the right micro batch interval
  2. In addition, we wanted to have a unified way of keeping this data. So, we plan to move the immediate events into the real time data store and eventually sync up into the partitioned tables, on a daily basis
  3. With the above change, we can quite simply move the spark processing to flink processing, where the flink jobs can directly stream to the timescale db endpoint and spark process the daily batches with partitioning.

Learnings and pitfalls

  1. To replicate MYSQL DB transaction in the correct order on a Non-MySQL datastore, for ordering the DB transactions and replay the events a combination of GTID, XID, event types (commit start and end ) need to be used
  2. Spark streaming has a lot of overhead and doesn’t play well when used with small batch sizes (millisecond level, that’s why we moved to seconds level batch)
  3. Running SQL queries from spark carries a lot of overhead. We need to instrument the right metrics, analyze queries in a timely fashion and enable the right kind of caching for optimizing the queries
  4. A large portion of our data lake is built on aws s3. This comes at a significant cost, if not tuned well. For instance, the s3 data transfer cost, bit us quite badly a few months back. As a result, we had to go through significant infra optimization, enable vpc endpoints among others. Cost optimization, continues to be an ongoing exercise
  5. Optimizing S3 by itself, has posed enough challenges for us. As we mentioned earlier, in the subsequent posts, we shall enlist our learnings, observations and the work we have done to optimize these

The road ahead

As much as we have been able to build some of these things at an extremely efficient scale and operationalize it, our journey doesn’t stop here. 

It has in fact, just begun. 

In the subsequent posts, we shall talk around the journey of our data platform, data lake, non real time use cases, optimization techniques adopted among a variety of subjects. 

Our journey thus far, on the data side, hasn’t really been that smooth. We have failed, learnt and recovered. On the other side, some of the most challenging problems we have faced, has been a lot of fun to solve too. We wish to learn and share our learnings through these.

If you are interested in working with us or solve some exciting problems, please reach out to hiring@razorpay.com or visit our careers page.  

Authors: Birendra Kumar (Head of Data Engineering, Razorpay) and Venkat Vaidhyanathan (Architect , Razorpay)

Installing Razorpay Thirdwatch for WooCommerce in 5 Simple Steps

WooCommerce is one of the biggest platforms in the world for setting up an online store and rightfully so, owing to its seamless functionalities and ease of use. Thirdwatch from Razorpay is a plugin designed to detect fraudulent orders and reduce RTO for e-commerce businesses. If you haven’t been aware of Razorpay’s entry into the e-commerce industry, allow us to explain to you what we’ve been up to and how to install Razorpay Thirdwatch in 4 simple steps.

What is Razorpay Thirdwatch?

Razorpay Thirdwatch is a first-of-its-kind solution for fraud prevention for e-commerce businesses. Thirdwatch is an AI-powered platform that enables online sellers to prevent Return-To-Origin (RTO) orders and reduce losses up to 30 percent. Thirdwatch’s AI engine evaluates every order in real-time and provides actionable results to weed out orders likely to result in RTO. 

One of the small, yet significant components of Thirdwatch is Buyer Action, a feature that automates confirmation from customers. This can significantly reduce manual intervention while keeping fraud at bay. Read more about Buyer Action and how it impacts business here.

How does Thirdwatch’s AI-engine work?

Once integrated, the solution captures 200+ parameters from your online store analytics. It leverages an ensemble of AI algorithms and graph algorithms to flag an order with a high risk of RTO and enables the seller to either cancel or take corrective actions.

What happens to the processed orders?

The processed orders transition into the following two states –

  • Red: If the order is marked red, then the seller can either decline the order or take corrective actions like updating the address or getting a confirmation from the customer on order quantity, etc
  • Green: If the order is flagged green, then the sellers can go ahead with the usual flow and ship the order

What is the basis of screening orders?

There are a variety of parameters used to judge whether an order is risky or not. Following are the key parameters that play a critical role in screening the orders:

  • Shipping Address Profile
  • Device Fingerprint
  • IP Address Profile
  • Buyer’s History
  • Buyer’s Navigation Behaviour
  • Network Effects

Are there any customization options available?

Razorpay Thirdwatch comes with a horde of options for easy customization. You can also customise the Thirdwatch plugin at the time of integration by accessing the open-source project, available here

What are the steps to install Razorpay Thirdwatch for WooCommerce?

To make it easier than ever for merchants to install Thirdwatch, we’ve made a step-by-step guide to make your installation process quick, easy and hassle-free. Let’s get started!

Type 1: Direct Installation

Step 1: Download WooCommerce plugin from WordPress store using this link.

Step 2: On your WordPress dashboard, click on “Plugins” on the left tab, and search for “Thirdwatch” on the search bar on the right side.

Step 3: Step 3: Install the Thirdwatch plugin and click on “Activate”. Once you’ve activated, register your business account on Thirdwatch Dashboard from here. If you’ve already created an account on Thirdwatch, log in to your account using your email address and password from here .

Step 4: On the Thirdwatch dashboard, click on “Settings” to get your API Key. To generate an API key, enter your online store’s URL. 

Step 5: Head over to WordPress dashboard–>Thirdwatch and enter your API key–> Check “Enable Thirdwatch Validation”–> Click on “save changes” (details of API key given below as well)

Type 2: Custom Installation

Step 1: Download the Razorpay Thirdwatch plug-in from the WordPress Store.

wordpress plugin free install

Step 2: Now, click on the Plug-ins option in the left-hand bar on the WordPress dashboard. Under the Thirdwatch tab, click on activate.

Step 3: After successful installation of the plugin, click on the Settings button and check on Enable Thirdwatch Validation.

Step 4: To enter your API Key, you can sign up on the Thirdwatch dashboard for free. Upon signing up, you can find the API key in the Settings tab. Here’s a guide to fill the following details:

  • 🏁 Approve Status (Change order status when an order has been approved by Thirdwatch)
  • 🚩 Review Status (Change order status when an order is flagged by Thirdwatch)
  • ⛔️ Reject Status (Change order status when an order is rejected by Thirdwatch)
  • 💬 Fraud Message (Choose a custom message to be sent to the customer if their order has failed validation)

Step 5:  Head back to the WordPress dashboard–>Thirdwatch. Click on save changes, and you’re good to go!

Yes, it’s that easy to install Razorpay Thirdwatch! With all-new features like Buyer Action on Thirdwatch, it’s easier than ever to keep a check on fraud and the losses that come with it. 

Install Thirdwatch for WooCommerce today and supercharge your business like never before Start saving money by optimizing your e-commerce operations with Thirdwatch. If you have any questions, make sure to get in touch with us here, and we’ll be happy to help you with them.