UPI payment validate with transaction refreance no

[muhsinzyne]

Hi There,

I would like to know how we can double sure the transaction by calling the transaction details with the response transaction-id

like I was looking for a solution that can be verified on the server side just after the payment success. any help will be highly appreciated

I know there might be some service under the NPCI a BHEM UPI but I am not sure about where we will get the correct response for consuming this service

[drenther]

As far as I know, there is no such service provided by NPCI.

I had long back implemented this type of verification for a Paytm merchant account. They had an API to check if a transaction has settled/refunded/any other state.

I also think if you want that level of features you should go with some service like RazorPay, Cashfree, Paytm, etc.

[reeteshranjan]

@muhsinzyne I wanted to add an update on this. I have worked on extending the package to support iOS.

Around security in general on mobile platforms, I have looked into CVEs for both Android and iOS in general around security/hacking of UPI intents. Though I have nothing conclusive from there, there is a general practice to not blindly trust any update originated by a client workflow. All payment gateways provide a 'transaction status API'. Banks like ICICI that have started their own APIs provide that, too. It's basically words from the horse's mouth that you must use to ensure the transaction completion.

Even with this package or any completely-inside-client workflow, you must implement a server-originated status check to secure your consumers. I have mentioned this in the README as part of my changes that are now live as v1.0.0.

[reeteshranjan]

Is https://github.com/drenther/upi_pay/issues/38 relevant and important for you?

If yes, could you please respond to my twitter thread with UPI and NPCI handles included in your response asking how these must be solved and how it helps you? https://twitter.com/reeteshr08/status/1488746633068089345

@muhsinzyne