Support for POLi, PayID, bank transfer and AUD
Introduction
Australian players prefer local payment methods: instant bank transfers via POLi, PayID/Osko under NPP and a traditional transfer bank, all in AUD. It is important for the operator to ensure seamless integration, instant processing, compliance with regulations and a reliable architecture.
1. Overview of payment methods
1. POLi Payments
OAuth-user authorization through the bank interface, without cards and additionally SMS codes.
Instant deposit, suitable for deposits.
2. PayID/Osko (NPP)
Translation by identifier (email, phone), the NPP network standard provides calculation within seconds.
Requires integration with PSP supporting Australia's New Payments Platform.
3. Bank transfer (BPAY/direct transfer)
BPAY: generation of Biller Code and Customer Reference, payment is made by the user in the Internet bank; enrollment up to 24 hours.
Direct AUD-transfer: SWIFT/IBAN transfer, suitable for large amounts, processing time 1-3 working days.
4. AUD currency
All operations in AUD: correct display, storage in the database, rounding to cents ('DECIMAL (12.2)').
2. Integration architecture
```mermaid
flowchart LR
API-Gateway: validation, rate-limiting, routing to PaymentService.
PaymentService: unified point for all AUD methods, stores' paymentId ',' method ',' status', 'metadata'.
BillingService: module for BPAY accounts and polling status.
TransactionService: ACID transactions update the balance and log operations.
AuditDB: immutable store of request and response logs.
3. Implementation of POLi
1. Initiation:
→ `{ paymentId, poliUrl }`
2. Player Redirection:
3. Webhook processing:
Checking HMAC by'X-Signature '.
Update 'status': 'pending' → 'approved '/' declined'.
When'approved '- start'TransactionService. credit(playerId, amount)`.
4. PayID/Osko Implementation
1. Initiation:
→ `{ paymentId, transactionRef }`
2. Webhook notification:
Similar signature verification.
Statuses: 'pending', 'settled', 'failed'.
5. Implementation of BPAY and bank transfer
1. BPAY account generation:
→ `{ billerCode, customerRef, expiryDate }`
2. Polling statuses:
3. Direct Bank Transfer:
6. Localization and UX
Formatting:
Australian players prefer local payment methods: instant bank transfers via POLi, PayID/Osko under NPP and a traditional transfer bank, all in AUD. It is important for the operator to ensure seamless integration, instant processing, compliance with regulations and a reliable architecture.
1. Overview of payment methods
1. POLi Payments
OAuth-user authorization through the bank interface, without cards and additionally SMS codes.
Instant deposit, suitable for deposits.
2. PayID/Osko (NPP)
Translation by identifier (email, phone), the NPP network standard provides calculation within seconds.
Requires integration with PSP supporting Australia's New Payments Platform.
3. Bank transfer (BPAY/direct transfer)
BPAY: generation of Biller Code and Customer Reference, payment is made by the user in the Internet bank; enrollment up to 24 hours.
Direct AUD-transfer: SWIFT/IBAN transfer, suitable for large amounts, processing time 1-3 working days.
4. AUD currency
All operations in AUD: correct display, storage in the database, rounding to cents ('DECIMAL (12.2)').
2. Integration architecture
```mermaid
flowchart LR
| Player --> | initiate deposit | API-Gateway |
|---|---|---|
| API-Gateway --> PaymentService | ||
| PaymentService --> | init POLi | POLi-API |
| PaymentService --> | init PayID | PSP-API |
| PaymentService --> | generate BPAY | BillingService |
| POLi-API --> | webhook | PaymentService |
| PSP-API --> | webhook | PaymentService |
| BillingService --> | polling / webhook | PaymentService |
| PaymentService --> TransactionService | ||
| TransactionService --> AuditDB | ||
| ``` |
API-Gateway: validation, rate-limiting, routing to PaymentService.
PaymentService: unified point for all AUD methods, stores' paymentId ',' method ',' status', 'metadata'.
BillingService: module for BPAY accounts and polling status.
TransactionService: ACID transactions update the balance and log operations.
AuditDB: immutable store of request and response logs.
3. Implementation of POLi
1. Initiation:
- ```http
- POST /api/payments/poli/init
- {
- "amount": 100. 00,
- "currency": "AUD",
- "returnUrl": "https: //casino. com/poli/callback"
- }
- ```
→ `{ paymentId, poliUrl }`
2. Player Redirection:
- The player is redirected to 'poliUrl', logs in to the bank, confirms the payment.
3. Webhook processing:
- ```http
- POST /api/payments/poli/callback
- Headers: X-Signature
- Body: { paymentId, status, bankTransactionId }
- ```
Checking HMAC by'X-Signature '.
Update 'status': 'pending' → 'approved '/' declined'.
When'approved '- start'TransactionService. credit(playerId, amount)`.
4. PayID/Osko Implementation
1. Initiation:
- ```http
- POST /api/payments/payid/init
- {
- "payId": "user@example. com",
- "amount": 250. 00,
- "currency": "AUD",
- "Description": "Casino deposit"
- }
- ```
→ `{ paymentId, transactionRef }`
2. Webhook notification:
- PSP шлёт `POST /api/payments/payid/callback { paymentId, status }`.
Similar signature verification.
Statuses: 'pending', 'settled', 'failed'.
5. Implementation of BPAY and bank transfer
1. BPAY account generation:
- ```http
- POST /api/payments/bpay/generate
- { "amount": 500. 00 }
- ```
→ `{ billerCode, customerRef, expiryDate }`
2. Polling statuses:
- `GET /api/payments/bpay/status? billerCode = & customerRef = 'every 15 minutes.
- При `PAID` — update `approved`, credit funds.
3. Direct Bank Transfer:
- Mapping of account details (SWIFT, BSB, Account) in UI.
- Transactions are reconciled manually or automatically by incoming bank statements via SFTP.
6. Localization and UX
Formatting:
- ```js
- new Intl. NumberFormat('en-AU', { style: 'currency', currency: 'AUD' }). format(1000)
- // "A$1,000. 00"
- ``` UI:
- Selection of the method in the deposit: POLi, PayID, BPAY, Bank Transfer icons.
- Description of terms and commissions under each method.
- Verification before the first input: KYC/AML.
- POLi: `poli. sandbox. domain 'with fake' test _ user 'tokens.
- PSP: test credits from PayID providers.
- E2E tests (Cypress): scripts: initiate → emulate callback → check balance.
- Load Testing (k6): simulation of 1000 concurrent deposits by POLi and PayID.
7. Security and fault tolerance
TLS 1. 2 + for all APIs and Webhooks.
Circuit Breaker (Resilience4j) for PSP calls, disabling the method when error-rate is> 5%.
Retry-logic with exponential backoff in case of temporary failures.
Audit Trail: all webhook events and transactions are stored for at least 7 years according to regulations.
8. Testing
Sandbox modes:
Conclusion
Integration of POLi, PayID/Osko and traditional bank transfers into AUD requires a single PaymentService, reliable webhook processing, format localization and fault-tolerant architecture with circuit breaker and retry mechanisms. This approach ensures fast deposits, high CR and Australian compliance.
