UPI Deep Linking specification: App developers mustn’t expect consistency of implementation across Bank apps?
When implementing deep linking for deAzzle with Unified Payment Interface apps like BHIM we discovered that the specification has been implemented completely only in selected Payment Service Providers (PSPs) Apps.
As an app developer we’re relying on specific behaviour for UPI deep linking to work. This behaviour requires that:
- When our app invokes the PSP app, we can do so with the Payee’s UPI address, Service details and the Amount**.
- The PSP app then confirms the Payee Address, Service details and the Amount with the User. App developers expect that these can’t be changed by the User.
- On successful payment completion to the Payee, developers expect the PSP app to return the transaction status (success, or failure) and the transaction identifier (txnref).
Not all PSP apps have implemented this behaviour. When we tested various PSP apps (1st February 2017), this is what we found:
Apps that behave as expected in the UPI deep linking specification: PhonePe, Allahabad Bank UPI — ALB, ICICI Pockets, HDFC Bank MobileBanking, Punjab National Bank — PNB UPI, Union Bank of India UPI, YES Pay, United Bank of India, Vijaya Bank — Vijaya UPI.
BHIM supports UPI deep-linking but does not return the transaction reference number, instead returns the txnref with the value “undefined”.
These apps support UPI deep linking and they allow the user to change the amount before completing the payment: Bank of Baroda mPay, Karnataka Bank — KBL Smartz, Kotak Mahindra — Kaypay.
Axis Bank’s Axis Pay and State Bank of India’s SBI Pay allow the user to complete the transaction but do not return control to the invoking app.
These apps allow the invoking app to deep link in but they do not allow the payment to go through: IDFC Bank UPI App, Central Bank of India Cent UPI, South Indian Bank — SIB M-pay (UPI Pay), Andhra Bank, Canara UPI, IndusInd Bank — IndusPay, Federal Bank — Lotza, HSBC Simply Pay, Oriental Bank of Commerce — OBC UPI PSP.
These apps don’t accept any parameters when we attempted to invoke them as described in the UPI deep linking specification: TJSB TranZapp and Bank of Maharashtra — Maha UPI.
Like other developers who’ve taken advantage of the UPI deep linking specification, we’re hoping to see these problems fixed. UPI deep linking is a different way to do payments on mobile for app developers and has invited skepticism. It goes without saying that PSPs ought to implement deep linking consistently and reliably to help win over developers.
** The UPI deep linking Specification (pdf) details the parameters the invoking app needs to specify and the PSP app accepts.
