paytm developer docs logoDeveloperDocumentation
search

Validation Services

Every business values account validation as an integral part of their vendor and customer registration/ onboarding. For eg, if a business registers any new vendor, the foremost requirement is to validate the vendor’s bank account details which mean collecting the information if the bank details provided belong to the same vendor or not and if the mentioned account is operative or not.

 

Similar validation rules are also applicable to validate customer account details in any investment application, verification of settlement account for QR code merchant, new onboarding of customers or new businesses etc. 

 

The foremost intent for account validation in any scenario is to have a surety that,

  • If a bank account exists or not
  • If a bank account is active i.e. accepting credits (not frozen etc.) 
  • If it belongs to the same customer or not (name validate) 

Paytm Payouts supports 3 types of validation:

  • Bank Account
  • UPI VPA
  • Paytm Wallet
Note: Paytm Payout provides both single and bulk account validation services for both API and Dashboard.

Bank Account Validation

Bank Account Validation, commonly known as Penny Drop Validation is usually done by depositing INR 1 to the merchant’s bank account. It verifies the authenticity of the user’s bank account. The transaction of INR 1 if successful not only confirms that the account is active and valid accepting credits but also returns the beneficiary name and the operative status (active/inactive status) of the bank account. The Penny Drop transaction returns the bank account details such as bank account number, IFSC code etc to validate the bank account.

Why is it an important feature for corporate organizations? Because bank account validation becomes a very important aspect of the merchant onboarding process. For very obvious reasons, it is necessary to verify the merchant account details to prevent any fraudulent activities. This feature enhances security, especially for businesses that have a DIY onboarding process.

With the bank account validation, you can perform the following validations:

  • Beneficiary Account Exists
  • Beneficiary Account Accepting Credits
  • Beneficiary Account Holder  Name  

To keep a check on the fraudulent activity or any other kind of fund loss, Paytm Payouts has built in two major feature rules:

  • Caching rules
  • Velocity rules
Note: If both Caching and Velocity rules are enabled then caching is given priority and  the results are served from cache and not rejected due to rule violation. Together both these settings are very powerful and important for every business.

 

Caching Rules

Many times when a customer is adding an account number to be validated, the customer keeps adding it again and again due to slow internet connection or slow response otherwise. That causes multiple ₹1 penny drops to lose out on money. Sometimes this is also intentionally done by fraudsters to take out large amounts by the way of penny drop. 

 

Paytm Payouts maintains a 30-day global cache of all historical account validations done by all clients. Also, businesses can choose if they want to enable cache and the number of days for which cache is to be saved. This way any subsequent account validation will be served from cache saving ₹1 per transaction.

Note: By default, cache setting is disabled but can be set for a maximum of 30 days.

For example: Let’s assume that you enable/activate a cache of 5 days from the Payout Settings menu.

Request Date/Time
Account Details

Without Cache 

✔︎  With Cache 5 days
12 June 10 AM

Bank A/C 1234 
IFSC PYTM0123456

 ₹ 1 charged and penny drop done to this account ₹ 1 charged and penny drop done to this account and results saved in the cache
12 June 11 AM

Bank A/C 1234 
IFSC PYTM0123456

 ₹ 1 charged and penny drop done to this account ₹ 1 saved and result served from cache
14 June 9 AM

Bank A/C 1234 
IFSC PYTM0123456

 ₹ 1 charged and penny drop done to this account ₹ 1 saved and result served from cache
20 June 9 AM

Bank A/C 1234 
IFSC PYTM0123456

 ₹ 1 charged and penny drop done to this account ₹ 1 charged and fresh penny drop done to this account and results saved in cache again
Note: In a scenario like above, if any other Paytm Payouts Client had done penny drop again on 16th June then again 20th June request will be served from cache directly. The cache is global cache.

 

Setting Cache Rules

To set up the Cache rules for bank account validation, follow the steps below:

  1. Go to ‘Settings’ from the left navigation menu.
  2. In the ‘Settings’ menu, select ‘Payout Product Settings’.
  3. Go to ‘Account Validation’.
  4. Enable the ‘Caching’ rules using the toggle button.
  5. Add the number of days for caching data.
  6. Click ‘Add Caching Instruction’ to apply the caching rule for the bank account validation.

 

 

Velocity Rules

Paytm Payouts provides another important feature i.e. setting up velocity rules to prevent frauds. Typically penny drop fraudsters exploit the product by entering their same account number again and again and dupe businesses of lakhs. 

Businesses can set velocity rules on Paytm Payouts Dashboard to avoid this type of fund loss. 
    
For example - Velocity Rules set as not more than 2 requests in 5 days for the same bank account number.

Request Date/ Time
Account Details
 WIthout Velocity Rules  ✔︎  With Velocity Rule (Max 2 requests in 5 days for an account)
12 June 10 AM

Bank A/C 1234 
IFSC PYTM0123456

 ₹ 1 charged and penny drop done to this account ₹ 1 charged and penny drop done 
12 June 11 AM

Bank A/C 1234 
IFSC PYTM0123456

 ₹ 1 charged and penny drop done to this account ₹ 1 charged and penny drop done 
12 June 12 PM

Bank A/C 1234 
IFSC PYTM0123456

 ₹ 1 charged and penny drop done to this account ₹ 1 saved and request rejected as it breaches velocity rule
12 June 5 PM

Bank A/C 1234 
IFSC PYTM0123456

 ₹ 1 charged and penny drop done to this account ₹ 1 saved and request rejected as it breaches velocity rule
12 June 6 PM Bank A/C 1234 
IFSC PYTM0123456		 ₹ 1 charged and penny drop done to this account ₹ 1 saved and request rejected as it breaches velocity rule

Velocity Rules can be set on various parameters like bank account details and customer identifiers such as beneficiary name, customer ID etc. These custom identifiers are named as Custom Param in Payouts dashboard.

💡  Tip
Paytm Payouts provide the option to set upto 2 custom parameters in both API and dashboard to send such identifiers.

Example: Customers with Customer ID 123 should not be able to do more than 3 penny drops in 5 days irrespective of the bank account details they are passing.

Note: If null values are sent from the API for custom param1 or custom param 2 filter values then the velocity rules will never be triggered.

 

Setting Velocity Rules

To set up the velocity rules for bank account validation, follow the steps below:

  1. Go to ‘Settings’ from the left navigation menu.
  2. Under the ‘Settings’ menu, select ‘Payout Product Settings’.
  3. Go to ‘Account Validation’.
  4. Under ‘Velocity Rules’, click ‘Add Velocity Rules’.
  5. Select one or a maximum of two filter values to create the rule.
  6. Under ‘Maximum Allowed Limit‘, set the frequency of transactions allowed for that rule.
  7. Set the ‘Duration’ and ‘ Time Period’ as minutes, hours, or days for the rule. 
  8. Click ‘Add Rule’.

💡  Tip
A maximum of 3 velocity rules can be set for an account. For each rule created, there are three filter values, but a maximum of only 2 filter values can be applied to set a rule :

  • Config param1
  • Config param
  • Bank account

A rule can be set either selecting just one filter value ( filter values which are mentioned above) or the rule can have a combination of any two filters which are mentioned above.

Note: Config Param is any custom parameter which is unique to the transaction. It is always recommended to set up a unique value of the transaction as a custom parameter which is generated by the internal system as it is difficult to be exploited.

 

Velocity Rules For Two or More set of Values

A maximum of three velocity rules is set for an account. When more than one rule is set on an account, the check counter gets more stringent resulting in better prevention against fraudulent activities.

Example: Two velocity rules are applicable.

  • Rule 1:
    Custom Param 1 Values
    Velocity Counter 10
    Time Period 1 day
  • Rule 2
    Custom Param 1 & Bank Account Values
    Velocity Counter 10
    Time Period 1 day

 

In a scenario like above, any penny drop activity will be monitored by a combination of these two rules. For each penny drop transaction, two values are being monitored:

  • Bank Account
  • Customer ID (assuming you pass your customer’s unique identifier in custom param1).

If the Bank account is kept constant and the Customer ID is being changed for a transaction, it will never trigger rule 2. But rule 1 will be activated and hence after the set threshold, i.e 10 transactions, the penny drop will stop and any further transactions will be rejected. 

Note:
  • If the CustParam value is NULL or Empty, then velocity rules with CustParam will be bypassed and the velocity counter will not increase. Therefore, it is important to note that if a velocity rule on custparam is set, then it becomes mandatory to pass the value for it in order to trigger that rule
  • For velocity rules, every rule ( a max of 3) will be checked for each transaction. Penny drop will happen if the transaction passes all 3 rules and will fail even if one of the rules set in the system is violated.

UPI Validation

In UPI validation services, Payouts returns the beneficiary name of the user. Thus it validates if the UPI VPA is valid or not and returns the name of the UPI VPA user.

 

Paytm Wallet Validation

Paytm Wallet validation services provide the below three main information about the user:

  • If the Paytm Wallet for the given phone number exists or not
  • If the Paytm Wallet can receive X amount at that time
  • If the name entered matches with the wallet user or not

💡  Tip
To do a name validation while validating a Paytm Wallet, click Yes for ‘Validate Name of Beneficiary' option and then enter the beneficiary name.

Single Account Validation

For a single account validation the process for Bank, UPI VPA or Paytm Wallet validation is as follows: 

  1. In the left main menu, select 'Validation Services'.
  2. Click ‘Validation Accounts’ and select ‘Single Account’.
  3. Select a disbursal account and enter the merchant ID.
  4. Select transaction type ‘Bank Account’, ‘UPI’ or ‘Paytm Wallet’.
  5. In the case of Paytm wallet validation, an amount can also be added to understand the receiving limit of the wallet that is being validated.
  6. Click ‘Validate Account’. The validation entry can be seen in the list view under ‘All Validation Orders’.
  7. Use filters to set duration, type etc. in the list view.
  8. To generate reports, click ‘Download Report’.

     

  9. To view the response of validation, click an individual entry to know the details.

     

Bulk Account Validation

For a bulk account validation the process for Bank, UPI VPA or Paytm Wallet validation is as follows: 

  1. In the left main menu, select Validation services.
  2. Click ‘Validation Accounts’ and select ‘Bulk Account’.
  3. Select a disbursal account and enter the Merchant ID.
  4. Select transaction type ‘Bank Account’, ‘UPI’, or ‘Paytm Wallet’.
  5. Download the sample file and fill in the details for all bulk validation cases.
  6. Upload the file in CSV format and click ‘Proceed’.
  7. The validation entry can be seen in the list view, under ‘Bulk Validation Orders’.
  8. Use filters to set duration, type, etc. in the list view.
  9. To generate reports, click ‘Download Report’.
  10. To view the response of validation, click an individual entry to know the details.