Payment Gateway Questions & Answers

• Pre-auth cap check: before initiating payment, validate amount vs. NPCI per-txn cap and merchant verification; if over, trigger auto-split.
• Chunking & purpose preservation: split the total into compliant child amounts preserving purpose code/MCC and payer/merchant metadata.
• Parallel child requests: create linked child UPI collect requests (separate txn IDs) sent to PSP/gateway with parent-child references and retry logic.
• Reconcile & refund logic: reconcile all child txn IDs back to the original order, surface partial success/failures to user, and support atomic refunds that map to child payments.

Map each SIP product/AMC to the correct mutual-fund purpose code/MCC during order creation.

Embed this purpose code in the UPI collect/debit request so the gateway logs it correctly.

Store the purpose code + UPI txn ID in the ledger for reconciliation and audits.

Block SIP initiation if the purpose code is missing to avoid untagged transactions.

Add a pre-debit cap check that detects when a SIP instalment exceeds the ₹5L per-transaction limit.

Trigger an auto-split workflow that breaks the instalment into compliant child amounts while preserving the mutual-fund purpose code/MCC.

Generate linked child UPI debit requests with separate txn IDs and consistent idempotency + retry logic.

Reconcile all child payments back to the SIP mandate so settlement, NAV posting, and refunds stay accurate.

• Implement exponential backoff with jitter, like base 500ms and max 3 retries. Require idempotency keys so duplicate SIP debits never occur.
• Add circuit breaker that will open when the API latency/error rate crosses thresholds (5s avg or 5% errors), route retries to a delayed queue.
• Use a priority queue + TTL for retry tasks, escaping the long tail; enforce per-merchant concurrency limits and fall back on different payment methods in case of failure.
• Emit metrics / alerts: retry count, success-after-retry, circuit state. Expose an ops dashboard to tune thresholds.

Recommend NetBanking (IMPS/RTGS/NEFT) as the primary fallback for large vehicle down payments that exceed UPI caps.

Offer debit/credit cards only if the dealer supports high-value card acceptance.

Use split UPI only if the dealer and PSP allow it and the customer consents.

Show a clear UPI limit reached, choose another payment method prompt to avoid checkout failure.

Have the app fetch the effective-dated UPI limit table (post–15 Sep 2025) from your backend for the real estate token category at checkout.

Before creating the UPI intent, compare token amount + any prior same-day token UPI payments against that category limit.

If it breaches, block the UPI option, show a clear higher-cap / fallback message, and log the decision with category + date for audit.

• Add a use-case mapper that tags every invoice with the correct UPI purpose code/MCC (e.g., air travel, hotels, tours) based on product type or booking category.
• Auto-embed the purpose code in the UPI collect request / deep link so the gateway receives a clean, audit-ready tag.
• Store the purpose code + UPI txn ID in your ledger for reconciliation and export it in monthly audit reports.
• Block invoice creation if the booking lacks a mapped purpose, forcing consistent tagging across all travel transactions.

Tag each SIP as mutual-fund (MCC/purpose code) and confirm the AMC is NPCI-verified for high-value UPI.

Enforce per-txn ≤ ₹5,00,000 and 24-hour aggregate ≤ ₹10,00,000 checks, using the lower bank/PSP cap when applicable.

Block or auto-split charges that exceed limits and require idempotency keys for retries.

Log validation results with UPI txn ID, purpose code, merchant verification flag, amount, daily aggregate, and audit trail.

Check the SIP invoice’s purpose code/MCC = mutual funds and confirm the AMC is NPCI-verified for high-value UPI.

Validate the instalment amount against the ₹5L per-txn and ₹10L daily caps before showing eligibility.

Use the gateway/PSP pre-auth response to confirm the high-limit category is accepted.

Display a higher-limit eligible banner only after all checks pass and log the result for audit.

Verify the SIP is tagged with the mutual-fund MCC/purpose code and that the AMC/merchant is NPCI-verified for high-value UPI.

Check the instalment against the per-txn cap and the payer/merchant 24-hour aggregate before promising eligibility.

Confirm the gateway/PSP pre-auth response accepts the high-limit category.

Show a non-promissory real-time banner only after all checks pass, timestamp the validation, and log the result for audit.