View
1.314
Download
145
Category
Preview:
Citation preview
7/26/2019 RuPay - Online Switching Interface Specification
1/198
National Payments Corporation of India
RuPay - OnlineSwitching Interface
SpecificationVersion 1.6 Year 2013
Release Year 2013
7/26/2019 RuPay - Online Switching Interface Specification
2/198
Table of Contents
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 1of 197
Table of Contents
Table of Contents __________________________________________________________________________________ 1
List of Figures ______________________________________________________________________________________ 7
List of Tables _______________________________________________________________________________________ 8
Confidentiality and Copyright Notice _________________________________________________________ 10
Document Control ________________________________________________________________________________ 11
Chapter 1 About This Manual _______________________________________________________________ 16
1.1 Audience ___________________________________________________________________________________ 16
1.2 Organization of the Manual _____________________________________________________________ 16
1.3 Exclusion ___________________________________________________________________________________ 16
1.4 Document Convention ____________________________________________________________________ 16
1.5 More Information _________________________________________________________________________ 17
1.5.1 Related Publication ________________________________________________________________________________ 17
1.5.1.1 RuPay Global Clearing and Settlement (RGCS) ____________________________________________ 17
1.5.1.2 Operating Rule _______________________________________________________________________________ 17
Chapter 2 Introduction _______________________________________________________________________ 18
2.1 RuPay Switching Service _________________________________________________________________ 18
2.2 Transaction Flow SMS ____________________________________________________________________ 18
2.3 Transaction Flow DMS ___________________________________________________________________ 18
2.3.1 Authorization ______________________________________________________________________________________ 19
2.3.2 Clearing _____________________________________________________________________________________________ 19
2.3.3 Settlement __________________________________________________________________________________________ 19
2.4 Routing _____________________________________________________________________________________ 20
Chapter 3 Message Structure ________________________________________________________________ 21
3.1 Message Structure ________________________________________________________________________ 21
3.1.1 Message Header ____________________________________________________________________________________ 21
3.1.2 Message Type Identifier ___________________________________________________________________________ 21
3.1.2.1 Position 1- Version Number _________________________________________________________________ 21
3.1.2.2 Position 2 Message Class __________________________________________________________________ 21
3.1.2.3 Position 3 Message Function ______________________________________________________________ 22
3.1.2.4 Position 4 Message Source ________________________________________________________________ 22
3.1.3 Bitmap ______________________________________________________________________________________________ 23
3.1.3.1 Primary Bitmap ______________________________________________________________________________ 23
3.1.3.2 Secondary Bitmap ___________________________________________________________________________ 23
3.1.3.3 Third Bitmap _________________________________________________________________________________ 23
3.1.4 Data Elements ______________________________________________________________________________________ 24
3.2 RuPay Implementation of ISO 8583 ____________________________________________________ 24
3.3 Private Use Fields _________________________________________________________________________ 24
7/26/2019 RuPay - Online Switching Interface Specification
3/198
Table of Contents
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 2of 197
Chapter 4 Message Definition _______________________________________________________________ 25
4.1 Authorization Message ___________________________________________________________________ 25
4.1.1 Description of Authorization Message ___________________________________________________________ 25
4.1.2 Message Type Identifier for Authorization Message ____________________________________________ 25
4.2 Financial Message _________________________________________________________________________ 254.2.1 Description of Financial Message _________________________________________________________________ 25
4.2.2 Message Type Identifier for Financial Message _________________________________________________ 25
4.3 File Update Message ______________________________________________________________________ 25
4.3.1 Description of File Update Message ______________________________________________________________ 25
4.3.2 Message Type Identifier for File Update Message _______________________________________________ 26
4.4 Reversal Message _________________________________________________________________________ 26
4.4.1 Description of Reversal Message _________________________________________________________________ 26
4.4.2 Message Type Identifier ___________________________________________________________________________ 26
4.5 Network Management Message _________________________________________________________ 264.5.1 Description of Network Management Message __________________________________________________ 26
4.5.2 System Sign-On and Sign-Off ______________________________________________________________________ 27
4.5.3 Cutover Message ___________________________________________________________________________________ 27
4.5.4 Echo Message ______________________________________________________________________________________ 27
4.5.5 Message Type Identifier for Network Management Message __________________________________ 27
4.6 Advice Message ____________________________________________________________________________ 28
4.6.1 Description of Advice Message ___________________________________________________________________ 28
4.6.2 Message Type Identifier for Advice Message ____________________________________________________ 28
Chapter 5 NPCI System Functionalities ____________________________________________________ 29
5.1 Data Communication _____________________________________________________________________ 29
5.2 Message Logging at NPCI _________________________________________________________________ 29
5.3 Key Security and Management __________________________________________________________ 29
5.4 Static Key Exchange_______________________________________________________________________ 30
5.5 Dynamic Key Exchange___________________________________________________________________ 30
5.5.1 Master Sends a New Key __________________________________________________________________________ 30
5.5.2 Slave Send a New Key _____________________________________________________________________________ 31
5.6 Key Exchange Scenarios _________________________________________________________________ 31
5.7 PIN Encryption / Decryption Process __________________________________________________ 32
5.8 Time-Out Management ___________________________________________________________________ 32
5.9 Liquidity Management Module _________________________________________________________ 32
5.10 Matching Criteria Key Data Fields ____________________________________________________ 33
Chapter 6 Member Responsibility __________________________________________________________ 34
6.1 Issuer Responsibility _____________________________________________________________________ 34
6.1.1 Message Supported by Issuer _____________________________________________________________________ 34
6.1.2 Maximum Response Time _________________________________________________________________________ 34
6.1.3 Authorization Cycle and Failure Condition Involving Issuer ___________________________________ 34
6.1.3.1 Authorization normal completion __________________________________________________________ 34
7/26/2019 RuPay - Online Switching Interface Specification
4/198
Table of Contents
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 3of 197
6.1.3.2 Failure Conditions ___________________________________________________________________________ 35
6.1.3.3 Message Validation Failure at NPCI for an Issuer Response ______________________________ 35
6.1.3.4 System Failure during Authorization Request/ Financial Request to Issuer ____________ 36
6.1.3.5 System Failure during Authorization Response/ Financial Response from Issuer _____ 37
6.1.3.6 Late Response from Issuer __________________________________________________________________ 38
6.1.4 Stand-in functionality _____________________________________________________________________________ 386.1.4.1 Stand in Processing, Late Response from Issuer (NPCI Stand In) ________________________ 39
6.1.4.2 Stand in Processing, No response from issuer (NPCI Stand In) __________________________ 40
6.1.4.3 Stand-in Processing, Node Offline or Issuer Signed-off ___________________________________ 41
6.2 Acquirer Responsibilities________________________________________________________________ 42
6.2.1 Message Supported by Acquirer __________________________________________________________________ 42
6.2.2 Maximum Response Time for Acquirer __________________________________________________________ 43
6.2.3 Authorization Cycle and Failure Conditions Involving Acquirer _______________________________ 43
6.2.3.1 Authorization Normal Completion _________________________________________________________ 43
6.2.3.2 Failure Conditions ___________________________________________________________________________ 44
6.2.3.3 System Failure Acquirer Authorization / Financial Request (Acquirer Aware) ________ 44
6.2.3.4 System Failure Acquirer Authorization / Financial Request (Acquirer Unaware) ______ 45
6.2.3.5 Validation Failure at NPCI for Acquirer Message __________________________________________ 45
6.2.3.6 Acquirer Unable to Complete a Transaction due to the Terminal Failure (POS) ________ 46
6.2.3.7 System Failure NPCI (Aware) Authorization /Financial Response ______________________ 47
6.2.3.8 System Failure NPCI (Unaware) Authorization / Financial Response ___________________ 47
6.2.4 Advice message scenarios for acquirer __________________________________________________________ 49
6.2.4.1 Advice message normal completion ________________________________________________________ 49
6.2.4.2 Advice Delivery from Acquirer following Timeout ________________________________________ 49
Chapter 7 Message Format ___________________________________________________________________ 51
7.1 Transaction Identification _______________________________________________________________ 51
7.1.1 Notations Used in Message Format _______________________________________________________________ 52
7.2 Message Format for Issuer ______________________________________________________________ 53
7.2.1 Current (Phase I) Requirements ________________________________________________________________ 53
7.2.1.1 Purchase ______________________________________________________________________________________ 53
7.2.1.2 Purchase with Cashback _____________________________________________________________________ 54
7.2.1.3 RuPay Implementation of E-Commerce Purchase (Secure / Non-Secure) ______________ 55
7.2.1.4 E-Commerce 3D Purchase (Secure / Non-Secure) ________________________________________ 57
7.2.1.5 E-Commerce Refund _________________________________________________________________________ 58
7.2.1.6 Cash at PoS ___________________________________________________________________________________ 58
7.2.1.7 Cash Withdrawal - ATM _____________________________________________________________________ 60
7.2.1.8 Balance Inquiry ______________________________________________________________________________ 617.2.1.9 Reversal Message ____________________________________________________________________________ 62
7.2.1.10 Decline Message______________________________________________________________________________ 63
7.2.1.11 Network Management _______________________________________________________________________ 65
7.2.1.12 Pin Change ____________________________________________________________________________________ 65
7.2.1.13 Mini Statement _______________________________________________________________________________ 66
7.2.1.14 Card to Card Fund Transfer _________________________________________________________________ 67
7.2.1.15 Mobile Number Update ______________________________________________________________________ 70
7.2.1.16 Cheque Book Request _______________________________________________________________________ 71
7.2.1.17 Statement Request ___________________________________________________________________________ 72
7.2.1.18 Declined Advice (Quick EMV) _______________________________________________________________ 73
7.2.2 Future (Phase II) Requirements __________________________________________________________________ 757.2.2.1 Equated Monthly Instalment (EMI) ________________________________________________________ 75
7/26/2019 RuPay - Online Switching Interface Specification
5/198
Table of Contents
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 4of 197
7.2.2.2 Loyalty Redemption _________________________________________________________________________ 76
7.2.2.3 Authorization Advice ________________________________________________________________________ 77
7.2.2.4 File Update ___________________________________________________________________________________ 78
7.2.2.5 Loyalty Inquiry _______________________________________________________________________________ 79
7.2.2.6 Refund ________________________________________________________________________________________ 80
7.3 Message Format for Acquirer ___________________________________________________________ 81
7.3.1 Current (Phase I) Requirements __________________________________________________________________ 81
7.3.1.1 Purchase ______________________________________________________________________________________ 81
7.3.1.2 Purchase with Cashback _____________________________________________________________________ 83
7.3.1.3 RuPay E-Commerce Purchase (Secure / Non-Secure) ____________________________________ 84
7.3.1.4 E-Commerce 3D Purchase ___________________________________________________________________ 85
7.3.1.5 E-Commerce Refund _________________________________________________________________________ 86
7.3.1.6 Cash at PoS ___________________________________________________________________________________ 87
7.3.1.7 Cash Withdrawal - ATM _____________________________________________________________________ 88
7.3.1.8 Balance Inquiry ______________________________________________________________________________ 89
7.3.1.9 Reversal ______________________________________________________________________________________ 90
7.3.1.10 Decline Message______________________________________________________________________________ 91
7.3.1.11 Network Management _______________________________________________________________________ 92
7.3.1.12 Pin Change ____________________________________________________________________________________ 93
7.3.1.13 Mini Statement _______________________________________________________________________________ 94
7.3.1.14 Card to Card Funds Transfer ________________________________________________________________ 95
7.3.1.15 Biometric Onus Authentication _____________________________________________________________ 96
7.3.1.16 Mobile Number Update ______________________________________________________________________ 98
7.3.1.17 Cheque Book Request _______________________________________________________________________ 99
7.3.1.18 Statement Request __________________________________________________________________________ 100
7.3.2 Future (Phase II) Requirements _________________________________________________________________ 101
7.3.2.1 Equated Monthly Instalments (EMI) ______________________________________________________ 101
7.3.2.2 Loyalty Redemption ________________________________________________________________________ 1027.3.2.3 Loyalty Inquiry ______________________________________________________________________________ 104
7.3.2.4 Refund _______________________________________________________________________________________ 105
Chapter 8 Data Element Description _____________________________________________________ 107
8.1 Annotation Convention for Attributes ________________________________________________ 107
8.2 Data Elements Information Components ____________________________________________ 107
8.3 Detailed Description of Data Elements _______________________________________________ 108
8.3.1 DE 2 Primary Account Number ________________________________________________________________ 108
8.3.2 DE 3 Processing Code ___________________________________________________________________________ 109
8.3.3 DE 4 Amount, Transaction _____________________________________________________________________ 110
8.3.4 DE 5 Amount, Settlement _______________________________________________________________________ 111
8.3.5 DE 6 Amount, Cardholder Billing ______________________________________________________________ 112
8.3.6 DE 7 Date and Time Transmission_____________________________________________________________ 113
8.3.7 DE 9 Conversion Rate, Settlement _____________________________________________________________ 114
8.3.8 DE 10 Conversion Rate, Cardholder Billing ___________________________________________________ 115
8.3.9 DE 11 System Trace Audit Number ____________________________________________________________ 116
8.3.10 DE 12 Time, Local Transaction______________________________________________________________ 117
8.3.11 DE 13 Date, Local Transaction ______________________________________________________________ 118
8.3.12 DE 14 Date, Expiry ___________________________________________________________________________ 119
8.3.13 DE 15 Date, Settlement ______________________________________________________________________ 120
8.3.14 DE 16 Date, Conversion _____________________________________________________________________ 121
8.3.15 DE 18 Merchant Category Code _____________________________________________________________ 122
7/26/2019 RuPay - Online Switching Interface Specification
6/198
Table of Contents
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 5of 197
8.3.16 DE 19 Acquiring Country Code______________________________________________________________ 123
8.3.17 DE 22 Point of Service Entry Mode _________________________________________________________ 124
8.3.18 DE 23 Card Sequence Number ______________________________________________________________ 125
8.3.19 DE 25 Point of Service Condition Code _____________________________________________________ 126
8.3.20 DE 28 Amount, Fees _________________________________________________________________________ 127
8.3.21 DE 32 Acquiring Institution Code ___________________________________________________________ 1288.3.22 DE 33 Forwarding Institution Code ________________________________________________________ 129
8.3.23 DE 35 Track 2 Data __________________________________________________________________________ 130
8.3.24 DE 37 Retrieval Reference Number ________________________________________________________ 131
8.3.25 DE 38 Authorization Identification Response _____________________________________________ 132
8.3.26 DE 39 Response Code ________________________________________________________________________ 133
8.3.26.1 Response code scenarios ___________________________________________________________________ 135
8.3.26.2 E-commerce 3 D Implementation _________________________________________________________ 136
8.3.26.3 RuPay Implementation of E-commerce ___________________________________________________ 136
8.3.27 DE 40 Service Condition Code ______________________________________________________________ 138
8.3.28 DE 41 Card Acceptor Terminal ID __________________________________________________________ 139
8.3.29 DE 42 Card Acceptor ID _____________________________________________________________________ 1408.3.30 DE 43 Card Acceptor Name / Location _____________________________________________________ 141
8.3.31 DE 44 Additional Response Data ___________________________________________________________ 142
8.3.32 DE 45 Track I Data ___________________________________________________________________________ 144
8.3.33 DE 48 Additional Data _______________________________________________________________________ 145
8.3.34 DE 49 Currency Code, Transaction _________________________________________________________ 151
8.3.35 DE 50 Currency Code, Settlement __________________________________________________________ 152
8.3.36 DE 51 Currency Code, Cardholder Billing __________________________________________________ 153
8.3.37 DE 52 PIN Data _______________________________________________________________________________ 154
8.3.38 DE 54 Additional Amount ___________________________________________________________________ 155
8.3.39 DE 55 Chip Data ______________________________________________________________________________ 157
8.3.39.1 Authorization Message DE 55 Presence Descriptions __________________________________ 1578.3.40 DE 60 Advice Reason Code __________________________________________________________________ 161
8.3.41 DE 61 PoS Data Code ________________________________________________________________________ 162
8.3.42 DE 62 Private Data 1-Biometric Data _______________________________________________________ 165
8.3.43 DE 63 Private Data 2, Encrypted Biometric Data __________________________________________ 166
8.3.44 DE 70 Network Management Information Code ___________________________________________ 167
8.3.45 DE 90 Original Data Element ________________________________________________________________ 168
8.3.46 DE 91 File Update Code ______________________________________________________________________ 169
8.3.47 DE 95 Replacement Amount ________________________________________________________________ 170
8.3.48 DE 101 File Name ____________________________________________________________________________ 171
8.3.49 DE 102 Account Identification 1 ____________________________________________________________ 172
8.3.50 DE 103 Account Identification 2 ____________________________________________________________ 1738.3.51 DE 120 Private Data 3 _______________________________________________________________________ 174
8.3.52 DE 121, 122, 123 Private Data 4 6 ________________________________________________________ 180
8.3.53 DE 124 File Action Record and Data ________________________________________________________ 181
8.3.54 DE 126 Additional Data-Biometric Data ___________________________________________________ 182
8.3.55 DE 127 Additional Data-Biometric Data ____________________________________________________ 184
Chapter 9 Compliance _______________________________________________________________________ 186
9.1 Member Compliance Acquirer _________________________________________________________ 186
9.1.1 General Compliance ______________________________________________________________________________ 186
9.1.2 Transaction Wise Compliance ___________________________________________________________________ 186
9.1.3 Standards related to Compliance ________________________________________________________________ 188
9.2 Member Compliance Issuer ____________________________________________________________ 188
7/26/2019 RuPay - Online Switching Interface Specification
7/198
Table of Contents
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 6of 197
9.2.1 General Compliance ______________________________________________________________________________ 188
9.2.2 Transaction Wise Compliance ___________________________________________________________________ 189
9.2.3 Standards related to Compliance ________________________________________________________________ 190
Annexure 1-Card to Card Fund Transfer ___________________________________________________ 191
Transaction Flow for Card To Card Funds Transfer ____________________________________________________ 191
Maximum Response Time _________________________________________________________________________________ 191
Annexure 2 -State Code ________________________________________________________________________ 192
Annexure 3 -Glossary __________________________________________________________________________ 193
Annexure 4 -Definition ________________________________________________________________________ 195
7/26/2019 RuPay - Online Switching Interface Specification
8/198
List of Figures
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 7of 197
List of Figures
Figure 1 SMS Transaction Flow _______________________________________________________________________ 18
Figure 2 DMS Transaction Flow _______________________________________________________________________ 19
Figure 3 ISO 8583 Message Structure ________________________________________________________________ 21
Figure 4 Master Send a New Key ______________________________________________________________________ 30
Figure 5 Slave Sends a New Key _______________________________________________________________________ 31
Figure 6 Authorization Normal Completion __________________________________________________________ 35
Figure 7 Message Validation Failure NPCI _________________________________________________________ 35
Figure 8 System Failure Authorization Request/ Financial Request _____________________________ 36
Figure 9 System Failure Authorization Response/ Financial Response _________________________ 37
Figure 10 Late response from issuer _________________________________________________________________ 38
Figure 11 Stand-in Processing, Late Response from Issuer _________________________________________ 39
Figure 12 Stand-in Processing, No Response from Issuer __________________________________________ 40
Figure 13 Stand-in Processing, Node Offline or Issuer Signed-off __________________________________ 41
Figure 14 Maximum Response Time for Acquirer ___________________________________________________ 43
Figure 15 Normal Completion of an Authorization Message/ Financial Message _________________ 43
Figure 16 System failure - Acquirer Aware - Authorization / Financial Request _________________ 44
Figure 17 System Failure - Acquirer Unaware - Authorization / Financial Request ______________ 45
Figure 18 Message Validity Failure at NPCI - Authorization / Financial Request _________________ 45
Figure 19 Incomplete Transactions in case of Terminal Failure ___________________________________ 46
Figure 20System Failure - NPCI Aware - Authorization / Financial Response ____________________ 47
Figure 21 System Failure - NPCI Unaware - Authorization / Financial Response _________________ 48
Figure 22 Advice Messages getting Completed Normally ___________________________________________ 49
Figure 23 Advice Delivery Crossing Time Limits ____________________________________________________ 49
7/26/2019 RuPay - Online Switching Interface Specification
9/198
List of Tables
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 8of 197
List of Tables
Table 1 Version History ________________________________________________________________________________ 11
Table 2 Document Revision History __________________________________________________________________ 15
Table 3 Document Convention ________________________________________________________________________ 16
Table 4 Components of Message Structure ___________________________________________________________ 21
Table 5 Version Number ISO 8583 Message _________________________________________________________ 21
Table 6 Message Class ISO 8583 Message ____________________________________________________________ 22
Table 7 Message Function ISO 8583 Message ________________________________________________________ 22
Table 8 Message Source ISO 8583 Message __________________________________________________________ 22
Table 9 RuPay Implementation of ISO 8583 _________________________________________________________ 24
Table 10 Private Fields Used in RuPay _______________________________________________________________ 24
Table 11 Message Supported by Issuer _______________________________________________________________ 34
Table 12 Message Supported by Acquirer ____________________________________________________________ 42
Table 13 Key Data Elements ___________________________________________________________________________ 52
Table 14 Symbols used in Message Format __________________________________________________________ 53
Table 15 Purchase Message Issuer __________________________________________________________________ 54
Table 16 Purchase with Cashback Message Issuer ________________________________________________ 55
Table 17 RuPay E-Commerce Message Issuer _____________________________________________________ 57
Table 18 E-Commerce 3D Message Issuer __________________________________________________________ 58
Table 19 Cash at PoSIssuer __________________________________________________________________________ 59
Table 20 Cash Withdrawal - ATM Message Issuer _________________________________________________ 61
Table 21 Balance Inquiry Message Issuer __________________________________________________________ 62
Table 22 Reversal Message Issuer __________________________________________________________________ 63
Table 23 Decline Message _____________________________________________________________________________ 65
Table 24 Network Management Message Issuer ___________________________________________________ 65
Table 25 Pin Change Message Issuer _______________________________________________________________ 66
Table 26 Mini Statement Message Issuer ___________________________________________________________ 67
Table 27 Card to Card Fund Transfer-Debit leg to the issuer _______________________________________ 69
Table 28 Card to Card Fund transfer-Credit to the beneficiary _____________________________________ 70
Table 29 Mobile Number Update Issuer ____________________________________________________________ 71
Table 30 Cheque Book Request Issuer ______________________________________________________________ 72
Table 31 Statement Request Issuer _________________________________________________________________ 73
Table 32 Decline Advice Message (Quick EMV) Issuer ____________________________________________ 74
Table 33 EMI Message Issuer ________________________________________________________________________ 76
Table 34 Loyalty Redemption Message Issuer _____________________________________________________ 77
Table 35 Authorization Advice Message Issuer ___________________________________________________ 78
Table 36 File Update Message Issuer _______________________________________________________________ 79
Table 37 Loyalty Inquiry Message Issuer___________________________________________________________ 80
Table 38 Refund Message Issuer ____________________________________________________________________ 81
Table 39 Purchase Message Acquirer _______________________________________________________________ 82
Table 40 Purchase with Cashback Message Acquirer _____________________________________________ 84
Table 41 RuPay E-Commerce Purchase Message Acquirer _______________________________________ 85
Table 42 E-Commerce 3D Purchase Message Acquirer ___________________________________________ 86
Table 43 Cash at PoS / Cash Withdrawal Message Acquirer ______________________________________ 88
7/26/2019 RuPay - Online Switching Interface Specification
10/198
List of Tables
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 9of 197
Table 44 Cash Withdrawal - ATM Message Acquirer ______________________________________________ 89
Table 45 Balance Inquiry Acquirer _________________________________________________________________ 90
Table 46 Reversal Message Acquirer _______________________________________________________________ 91
Table 47 Decline Message _____________________________________________________________________________ 92
Table 48 Network Management Message ____________________________________________________________ 93
Table 49 Pin Change Message Acquirer ____________________________________________________________ 94
Table 50 Mini Statement Message Acquirer ________________________________________________________ 95
Table 51 Card to Card Fund transfer _________________________________________________________________ 96
Table 52 Biometric Onus Authentication _____________________________________________________________ 97
Table 53 Mobile Number Update _____________________________________________________________________ 99
Table 54 Cheque Book Request _____________________________________________________________________ 100
Table 55 Statement Request _________________________________________________________________________ 101
Table 56 EMI Message Acquirer ___________________________________________________________________ 102
Table 57 Loyalty Redemption Message - Acquirer ________________________________________________ 103
Table 58 Loyalty Inquiry Message Acquirer _____________________________________________________ 105
Table 59 Refund Message Acquirer _______________________________________________________________ 106
Table 60 Abbreviation used in Data Element Description ________________________________________ 107
Table 61 Data and Time Attribute __________________________________________________________________ 107
Table 62 Data Element Information Components _________________________________________________ 107
Table 63 Response Code Table ______________________________________________________________________ 134
Table 64 Compliance Reject Response Code _______________________________________________________ 134
Table 65 Response Code for Advice Message ______________________________________________________ 134
Table 66 Response codes Supported for Reversal Response / Request Messages ______________ 135
Table 67 Response Code Supported for Reversal Response ______________________________________ 135
Table 68 Response Code Supported for Network Management Message ________________________ 135
Table 69 Acquirer Compliance Reject Reason code _______________________________________________ 143
Table 70 Acquirer Compliance Reject Reason code _______________________________________________ 143
Table 71 Product Code _______________________________________________________________________________ 149
Table 72 DE 55 Presence Descriptions _____________________________________________________________ 160
Table 73 State Code __________________________________________________________________________________ 192
Table 74 Glossary and Description _________________________________________________________________ 194
Table 75 Definition ___________________________________________________________________________________ 197
7/26/2019 RuPay - Online Switching Interface Specification
11/198
Confidentiality and Copyright Notice
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 10of 197
Confidentiality and Copyright Notice
2011 by National Payments Corporation of India.
This document is of restricted use. No part of this document may be reproduced in any form by
any means without prior written authorization of National Payment Corporation of India
(NPCI).
7/26/2019 RuPay - Online Switching Interface Specification
12/198
Document Control
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 11of 197
Document Control
Document name: RuPay Online Switching Interface Specifications
Security classification: Confidential
Distribution list: Member banks
Version History:
Version Issue Date Effective Date
Draft 1.0 01-Sep-2011 01-Sep-2011
Version 1.1 01-Nov-2011 01-Nov-2011
Version 1.2 12-Dec-2011 12-Dec-2011
Version 1.3 19-Jan-2012 19-Jan-2012Version 1.4 30-Jun-2012 30-Jun-2012
Version 1.5 12-Oct-2012 12-Oct-2012
Version 1.5.1 16-Oct-2012 16-Oct-2012
Version 1.5.2 22-Jul-2013 22-Jul-2013Table 1 Version History
Document Revision History
Sr.
No.Section
Description Version
1
7.3.1.16,7.3.1.17,
7.2.1.17,7.2.1.18,7.2.1.19
Card To Card Funds transfer message format added 1.5
2
Partial early issuer for Chip Transaction ,Full chippurchase, full early issuer purchase, reversal full chip,
reversal full chip early issuer, advice message for chiptransaction, fallback for issuer removed
1.5
3 8.3.33 Default risk score, Value 99999 changed to 00999 1.5
4 8.3.26.1,8.3.26.2 Explanation of response code ED added 1.5
5 8.3.26 Response code related to FRM added 1.5
68.3.42,8.3.53,8.3.54
DE 62, 126 and 127 defined for biometricauthentication
1.5
7 8.3.47 DE 95 updated for partial reversal 1.58 8.3.38
DE 54 updated for support of ledger and available
balance for ATM
1.5
9 8.3.44 DE 70 constraint modified 1.5
10 8.3.33Value 6, 8, 9 removed from DE 48 tag 060. Tag 60
value 9 redefined with UID authentication
1.5
11 8.3.50 DE 120 Updated 1.5
12 8.3.41 DE 61 Updated with new values in subfield 8 1.5
13 8.3.17 New values added for DE 22 1.5
14 7.2,7.3 DE 62 added for all biometric transactions 1.5
15 7.2DE 63 ,DE 126,DE 127 removed from all issuer
message formats
1.5
16 7.3DE 126,127 added in acquirer message formats for all
biometric transactions
1.5
7/26/2019 RuPay - Online Switching Interface Specification
13/198
Document Control
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 12of 197
Sr.
No.Section
Description Version
17 8.3.33Type changed from n to an for tag 067 (Income Tax
PAN) in DE 48
1.5
18 8.3.17New values 99 added in PAN entry mode and 8 added
in Pin entry mode.
1.5
19 8.3.41DE 61 subfield 1 and value 1 updated(unknown
added)
1.5
20 8.3.38 DE 54 description updated 1.5
21 8.3.39 DE 55 tags and description updated 1.5
22 8.3.33 Default value added for tag 071 in DE 48 1.5
23 8.3.33 New value has been added in tag 060-value 9 in DE 48 1.5
24 7.3.1.15 Biometric Onus Authentication added 1.5
25 3.1.2.208xx network management message is in scope of
RuPay implementation
1.5.1
26 7.1 Biometric Verification added as transaction type 1.5.1
27 For ATM transaction CVD/iCVD match result codemade conditional in response.
1.5.1
28 DE-23 Quick EMV and Full chip issuer constraint updated 1.5.1
29 DE-37 Format update, Trace Number replaced with STAN 1.5.1
30 DE-38Explanation added and scenario for Acquirer Time-out,Terminal Failure and Customer Cancellation added
1.5.1
31 DE-44 A044, I023, I055 added 1.5.1
32 DE-48
Tag 60 Name changed from CHIP Transaction
Authorization Indicator to Transaction AuthorizationIndicator
1.5.1
33 DE-55Full Chip Issuer and Quick EMV issuer constraint
added
1.5.1
34 Glossary New items added in glossary 1.5.1
35 8.3.26Response Code 32 moved from Table 58 to Table 61as Table 61 is for reversal response codes.
1.6
36 7.2.1.9In reversal message format, DE-44 is made conditionalDE 55 in response has been changed to '--'
1.6
37 8.3.33DE 48 Additional Data, Tag 057 description, ICS1passed validation-authentication value changed to 02
1.6
38 8.3.38
The following statement has been added:
In case of Balance Enquiry, if acquirer is sending theprocessing code as unspecified then issuer can
respond back with balance from either Savings orCurrent account. But the account type in Processing
code and Additional should be same.
1.6
39 4.5.3
In section Cutover Message, 1st point has been
removed and the below point have been added:
NPCI will issue cutover message (0800 message withnet code=201 in DE70) at 23:00 Hrs indicating a
business date change for bot SMS & DMS transactions.
1.6
40 8.3.33 DE 48 Tag 055 Length changed from a1 to n2 1.6
41 8.3.39
DE 55 Tag 91 will not be present for 0430 and 0130. It
has been changed from C to -.
1.6
7/26/2019 RuPay - Online Switching Interface Specification
14/198
Document Control
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 13of 197
Sr.
No.Section
Description Version
42 4.5.4
In the Echo Message (point 4), Member banks and
NPCI will also generate Echo message (0800 messagetype) to keep alive during no transaction time. Ideal
duration for the same changed from 10 minutes to 3minutes.
1.6
43 8.3.17In DE 22 Point of Service Entry Mode-
95 Chip card with unreliable CVD or iCVD(description changed)
1.6
44 5.9 More description added to LMM 1.6
45 Annexure 1
In the card to card fund transfer, Inquiry transactionhas been removed.
Transaction flow for Card to Card funds transferupdated.
1.6
46 8.3.51 DE 120 updated for Card to Card funds transfer 1.6
47 7.2.1.14Card to Card to funds transfer Inquiry has beenremoved.
1.6
48 7.2.1.14
DE 120 Tag 045 (credit transaction to beneficiary) and
DE 120 Tag 046 (debit transaction to sender / issuer)removed
1.6
49 7.3.1.14In the message format Card to Card Fund TransferDE120 Tag 045 and Tag 046 removed
1.6
507.2.1.15,7.2.1.16,
7.2.1.17
Mobile number update, Statement Request and Cheque
Book Request message format have been added
1.6
51 7.2.1.18New message format added for Declined Advice (QuickEMV)
1.6
52 8.3.33 New value introduced in DE 48 in Tag 060 value 6 andValue 8
1.6
53 8.3.33
New value introduced in DE 48 in Tag 071 length has
been changed from 15 to 42. This has been done tohave provision for IPv6
1.6
54 8.3.33New Tag introduced in DE 48 i.e. Tag 077. This tag isused by Issuer to pass unique value for E-Comm
Registration transaction
1.6
55 8.3.33New Tag introduced in DE 48 i.e. 078, 079, 080 and
081 as reserved for future use (RFU)
1.6
56 8.3.33Definition changed for Tag 056 Value 21
Definition changed for Tag 060 value 6, 7, and 8
1.6
57 8.3.41
SF 7 description of values 3 and 4 modified
SF 8 New value introduced. G Offline PINSF 10 description of value 0 changed to unknown
SF 14 explanation changed
1.6
58 4.5.3Para 2 changed to NPCI cut off time indicates the newsettlement date is considered for transactions after
cutover for SMS transactions
1.6
59 4.6.1
Description changed to When an advice message is
forwarded from Acquirer/NPCI to any destinationthen, forward the advice message to the destinedentity and if an advice message is not delivered
immediately due to some communication failure to thereceiving entity then the advice message is stored in
1.6
7/26/2019 RuPay - Online Switching Interface Specification
15/198
Document Control
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 14of 197
Sr.
No.Section
Description Version
their appropriate SAF and is delivered to the
destination when communication is re-established.
60 5.5.1
Point 2 descriptions changed The new key details
along with key check value will be sent in DE 48 andthe key is encrypted. The participant bank should
decrypt the new ZPK key using the ZMK and store intotheir switch and should respond back to NPCI with
0810 message with response code as 00 along withDE70=184
1.6
61 5.5.2
Point 4 descriptions changed "The new key details will
be sent in DE48 and key be sentinDE48andkey
encrypted value under ZMK and key check value. Theparticipant bank should decrypt the new ZPK key
using the ZMK and store into their switch and should
respond back to 0810 message with response code as
00 along with DE70=184
1.6
62 6.1.3.3
Note updated "Note:-In this case acquirer will not
generate a reversal to NPCI. NPCI will respond toacquirer with response code 91 (In case of message
validation failure in DE2, DE 11, DE 32, DE37, DE 41)
.NPCI will generate the reversal towards issuer with
response code-CI only if the authorization is successfuland populate DE 44 with reject reason code of
response message (In case Issuer not sending DE
38/DE 39 /Format error in DE 38 or DE 39/DE 39 notfrom the table as defined in DE 39 description in
chapter Data Elements Description). It must be notedby the issuer that it may get multiple reversal for the
transaction and it is issuers responsibility to verify thereversal before posting the same into customer
account."
1.6
63 6.1.3.6
Point 5 updated "NPCI also creates an acquirer
reversal advice/ message with response code 91
indicating that no authorization response/ financial
response message was received This message is placedin the SAF file for later delivery to the issuer."
1.6
64 6.2.4.2
Note updated "Note: Acquirer can generate reversal upto next 3 cutover cycles. If a reversal is generated after
next 3 cutover cycles then NPCI will not validate thesame and send it to the issuer."
1.6
65 8.3.32
Track I description changed to "For UID basedtransaction DE 45 is required excluding start and end
sentinel and LRC characters. For international
transactions track 1 may be present.
1.6
66 8.3.39
DE 55 Chip Data handling of unexpected tag has beenadded as "Unexpected EMV Tags: This field may
contain tags that the receiving issuer or acquirer doesnot recognize or does not expect. The receiver must
ignore such tags and continue parsing the next tag in
DE 55"
1.6
67 8.3.49 DE 102 Account Identification 1 Type changed to 1.6
7/26/2019 RuPay - Online Switching Interface Specification
16/198
Document Control
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 15of 197
Sr.
No.Section
Description Version
ans..19 from ans..28
68 8.3.50DE 103 Account Identification 1 Type changed toans..19 from ans..28
1.6
69 4.2.1 Note added 1.670 7.2.1.2 Note enhanced for clarity for DE 4, DE6 and DE49 1.6
71 7.2.1.7 Note enhanced for clarity on DE4, DE6 and DE 49 1.6
72 8.3.5 Compliance of Billing amount changed 1.6
73 8.3.31New value added in Acquirer Reject Reason Code
A090
1.6
74 7.3.1.9Reversal message format revised and DE 44 made
conditional in reversal response 0430
1.6
75 7.2.1.3 DE 48 Tag 077 added in the message format 1.6
76 7.3.1.3 DE 48 Tag 077 added in the message format 1.6Table 2 Document Revision History
7/26/2019 RuPay - Online Switching Interface Specification
17/198
About This Manual Audience
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 16of 197
Chapter 1About This Manual
This manual documents the technical details of RuPay transaction processing. The manual
contains detailed specifications for RuPay message formats, field descriptions, codes, and files.
1.1AudienceThis manual is intended for technical staff and managers and customer support personnel of the
member banks.
1.2Organization of the ManualChapter 2, IntroductionThis chapter provides basic overview of the authorization system.
Chapter 3, Message structure This chapter contains message structure supported by NPCI
Chapter 4, Message definitionsThis chapter contains various types of messages supported
by NPCI
Chapter 5, NPCI system functionalities This chapter contains various functionalities of the
NPCI online authorization system.
Chapter 6,Member responsibilities- This chapter contains responsibilities of the issuing and
acquiring bank
Chapter 7, Message formats This chapter contains NPCI message formats for various
transactions
Chapter 8, Data element descriptionThis chapter defines the data element description for
NPCI online messages
Chapter 9, ComplianceThis section defines the compliance requirements for members.
Glossary Glossary of terms used in this manual.
Definition Definition of terms used in this manual.
1.3
ExclusionThe current specification version excludes the following items:
Micro ATM transactions
Mobile based transactions
1.4Document ConventionDocument Convention Purpose in the Manual
Italics For writing note
Note Providing more information about the preceding topicsTable 3 Document Convention
7/26/2019 RuPay - Online Switching Interface Specification
18/198
About This Manual More Information
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 17of 197
1.5More Information
1.5.1Related Publication
1.5.1.1
RuPay Global Clearing and Settlement (RGCS)This document does not contain details about the RuPay Global Clearing and Settlement System
(RGCS). For information about this system, kindly refer Technical Specification RuPay Clearing
and Settlement System
1.5.1.2Operating Rule
For Operating Rule refer RuPay Operating Regulations.
7/26/2019 RuPay - Online Switching Interface Specification
19/198
Introduction RuPay Switching Service
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 18of 197
Chapter 2Introduction
As a part of the RuPay Switching Service, the NPCI Network will collect transactions from a
trusted source (an acquirer) and deliver it to a trusted destination (an issuer). The trusted
destination will use this information to validate the transaction to the cardholders account and
further authenticate the transaction back to the trusted source through NPCI Network. NPCI
Network further facilitates the process of clearing a valid authenticated transaction and
provides the settlement service. A settlement service is a facility within which funds are
exchanged between members and NPCI to settle transactions and fee amounts.
The RuPay Switching Service will facilitate POS and ATM transactions among all member banks
participating in the NPCI network. The RuPay Switching Service operates on a continuous
basis, ensuring that cardholders in India can use their card anytime and that Acquirers and
Issuers in India always have access to NPCI RuPay Switching Service facility.
2.1
RuPay Switching ServiceNPCI Switching service supports routing of interbank POS and ATM transactions through NPCI
network. It supports both single message system (SMS) and dual Messaging Systems (DMS).
Transaction flow for SMS and DMS are described below.
2.2Transaction Flow SMSNPCI single message system will process full financial transactions. Full financial transactions
contain both authorization and clearing information in a single message.
Single message system environment uses a single exchange of messages between the acquirerand the issuer to
Authorize a financial transaction
Post a financial transaction to a cardholders account
The NPCI SMS system will perform real time transaction processing as well as exception or
offline transaction processing offline. Transaction flow in SMS environment is as follows:
IssuerAcquirer
RGCS
Central Switch
0200 0200
Merchant
0210 0210
ATM and SMS
POS transaction
downloaded
from Centralswitch for
processing after
cutover
Offline and
settlement
files
Offline andsettlement
files
Figure 1 SMS Transaction Flow
2.3
Transaction Flow DMSA dual message system comprises of authorization, clearing and settlement.
7/26/2019 RuPay - Online Switching Interface Specification
20/198
Introduction Transaction Flow DMS
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 19of 197
2.3.1AuthorizationAuthorization is the process where the card issuing bank notifies the acquirer and the merchant
of the availability of funds for a cardholder, and issues an authorization code for the transaction
2.3.2
ClearingThe movement of transaction information from the member to NPCI network and NPCI network
to members is referred to as Clearing. In the clearing process, the funds are claimed from
member parties using the NPCI network by exchanging clearing files. Clearing activities
facilitate the settlement process.
2.3.3SettlementSettlement is the process used to exchange funds between members for the net value of the
monetary transactions cleared for the specific processing day.
Transaction flow in DMS environment is as follows:
IssuerAcquirer
RGCS
Central Switch
0100 0100
Merchant
0110 0110
POS transaction
downloaded
from Central
Switch for
processing after
cutover
Clearing
and
settlementfiles
Clearing
and
settlementfiles
Figure 2 DMS Transaction Flow
This document defines the Host-to-Host RuPay online message specifications for both single
message system and dual message system. Messages to be used for the connection between the
NPCI host, issuer and acquirer will be based on the ISO-8583 standard. This document outlines
the detailed usages of theISO-8583 protocol between the two host systems and the data format
to be used in individual data elements.
Note: The word POS here encompasses all the transaction types other than ATM transactions like
POS/IVR/E-Comm.
7/26/2019 RuPay - Online Switching Interface Specification
21/198
Introduction Routing
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 20of 197
2.4RoutingRouting is the process of moving information across an inter-network from a source to a
destination. The NPCI RuPay Switching service supports routing of interbank POS and ATM
transactions through NPCI network.
NPCI system will support the routing for authorization for both SMS and DMS system.
The clearing and settlement of DMS transaction is carried through RuPay Global
Clearing and settlement system (RGCS)
The central switch of the NPCI system validates the request message from the acquirer
and prepares it for processing. This processing and validation include identifying the
message type, identifying the Issuing bank, checking of structural, format and value
validation, and Liquidity Management Module (LMM) checking.
If the central switch encounters an error condition at any point in the process then further
processing is halted. Messages rejected or declined by NPCI are sent back to the acquirer with aproper response code indicating occurrence of an error condition wherever possible and the
message is not forwarded to the issuer. For e.g. if a message does not contain a mandatory field
in the request, or a field contains an alphabet in place of a number then that message would be
rejected at the NPCIs end.
7/26/2019 RuPay - Online Switching Interface Specification
22/198
Message Structure Message Structure
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 21of 197
Chapter 3Message Structure
3.1Message StructureNPCI online messages are based on Bank Card Organizational MessagesInterchange Message
SpecificationsContent for Financial Transactions, International Organization for
Standardization (ISO) 8583; 1987 (E). NPCI online messages have four basic components, as
shown below. The message structure is based on ISO 8583 standard as defined in the following
table.
Message Header MTI Bit Map Data ElementsFigure 3 ISO 8583 Message Structure
A message structure comprises of the following components:
Message Element Description
Message Header Contains the length of the message
MTI Message Type Identifier. Specifies general category of message
Bit Map Specifies which data elements are present
Data Element Concatenated data elementsTable 4 Components of Message Structure
3.1.1Message HeaderMessage header consists of 2 bytes binary value which contains the length of message excluding
the header length.
3.1.2
Message Type IdentifierThis is a 4 digit numeric field, whose each digit starting from the left indicates - ISO 8583
version, the message class, the message function, and the message origin.
3.1.2.1Position 1- Version Number
1stposition of the message type identifier (MTI) specifies the version of the ISO 8583 standard
used to transmit the message.
MTI Signifies RuPay Implementation
0xxx ISO 8583:1987 version
1xxx ISO 8583:1993 version
2xxx ISO 8583-1:2003 version
9xxx Reserved for ISO use Table 5 Version Number ISO 8583 Message
3.1.2.2Position 2 Message Class
2ndposition of the MTI specifies the class of the message.
MTI Signifies RuPay Implementation
01xx Authorization messages
02xx Financial transaction messages
03xx File update messages 04xx Reversal messages
7/26/2019 RuPay - Online Switching Interface Specification
23/198
Message Structure Message Structure
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 22of 197
MTI Signifies RuPay Implementation
08xx Network management messages Table 6 Message Class ISO 8583 Message
3.1.2.3Position 3 Message Function
3rd position of the MTI specifies the message function which defines how the message will flow
within the system.
MTI Signifies RuPay Implementation
xx00 Request
xx10 Request response
xx20 Advice
xx30 Advice response
xx40 Notification Table 7 Message Function ISO 8583 Message
3.1.2.4
Position 4
Message Source4thposition of the MTI defines the location of the message source.
MTI Signifies RuPay Implementation
xxx0 Acquirer
xxx1 Acquirer repeat
xxx2 Issuer
xxx3 Issuer repeat Table 8 Message Source ISO 8583 Message
Following are the valid message type identifiers for RuPay online specifications
0100 - Authorization Request
0110 - Authorization Response
0200 - Financial Transaction Request
0210 - Financial Transaction Response
0120 - Authorization Advice Request
0130 - Authorization Advice Response
0220 Financial advice request
0230 Financial advice response
0302 - Issuer File Update Request
0312 - Issuer File Update Response
0420 - Acquirer Reversal Request
0430 - Acquirer Reversal Response
0800 - Network Management Request
0810 - Network Management Response
7/26/2019 RuPay - Online Switching Interface Specification
24/198
Message Structure Message Structure
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 23of 197
3.1.3BitmapWithin an ISO 8583 message, a bitmap is a field or subfield that indicates which data elements
may be present elsewhere in a message. The message text segment of all messages transmitted
through NPCI Host is of variable length. For this segment, bit maps specify the fields that are
present and those that are missing.
The valid combinations of the bit maps are:
Primary bitmap
Primary and secondary bitmap
Primary, secondary and third bitmap
3.1.3.1Primary Bitmap
Each message includes the primary bitmap. It is a control field consisting of 64 bits (8 bytes)
located after the message type identifier. Except for the first bit, each bit in the bitmap relates to
the corresponding data field (fields 264) in the message. The value in the bit indicates whether
the data field is present in the message:
If a bit is 0, the field related to that bit is not present in the message.
If a bit is 1, the field related to that bit is present in the message.
Data field number 1 does not exist. The first bit of the primary map is used to indicate if another
bitmap called the second bitmap (see the next section) immediately follows this primary one.
3.1.3.2Secondary Bitmap
The first bit of the first bitmap indicates the presence or absence of a second map called thesecond bitmap. Like the primary map, the secondary map is a control field consisting of 64 bits
(8 bytes). It can be considered an extension of the primary map because it is associated with
fields 66 through 128. Data field 65 does not exist. This position, like that of field 1 in the
primary map, is used to indicate the presence of another bitmap. A 1 in this position indicates
the presence of a third bitmap.
The second bitmap is present only when the message contains information in any field from 66
through 128. When present, the secondary map immediately follows the primary bitmap and
precedes the data fields.
3.1.3.3
Third BitmapA tertiary, or third, bitmap can be used to indicate the presence or absence of fields 129 to 192.
A 1 in the first bit of the second bitmap (bit 65) indicates the presence of the third bitmap.
The third bitmap is aligned at the beginning of the message, directly following the first two
bitmaps. The data elements follow the bitmaps. The third bitmap is reserved for future use.
Note: The message exchanged between member switch and the NPCI switch will use ASCII
character set. Message header will be in binary.
7/26/2019 RuPay - Online Switching Interface Specification
25/198
Message Structure RuPay Implementation of ISO 8583
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 24of 197
3.1.4Data ElementsData elements are fields carrying the information of the transaction itself. Each Data element
has a specified meaning and format. The detailed description of the data elements is described
in the Chapter 8.
For example: Bit value 2 is assigned to Primary Account Number, 3 is assigned to Processing
Code, 4 is for Transaction Amount similarly bit value 128 is for message authentication code
field and so on. For each data element there is specific data format, size, constraints and
description, which are been mentioned in Chapter 8.
3.2RuPay Implementation of ISO 8583The flowing table describes RuPay implementation of ISO 8583 messaging standard.
Variations Descriptions
Message Header NPCI uses 2 byte header which indicates the length of themessage minus header.
DE 22 POS entry mode NPCI uses five private values 80, 81, 90, 91, 95 ,99 for PAN entrymode and two private values 6, 9,8 for PIN entry mode of DE 22
DE 25 -POS Condition code NPCI defines three private values 51, 59, 71 for this field
DE 44 Additional response
data
NPCI defines additional response data to indicate the reject code
in case if the message fails to comply with the rulesTable 9 RuPay Implementation of ISO 8583
3.3Private Use Fields
The following table describes private fields used in RuPay implementation
Variations Descriptions
DE 48 -Additional data NPCI uses DE 48 which is reserved by ISO for Private use
DE 60 Advice reason code NPCI uses DE 60 which is reserved by ISO for Private use
DE 61 POS data code NPCI uses DE 61 which is reserved by ISO for Private use
DE 62 Private data field 1 NPCI uses DE 62which is reserved by ISO for Private use
DE 63 Encrypted biometric field NPCI uses DE 63which is reserved by ISO for Private use
DE 120 Private data field 3 NPCI uses DE 120which is reserved by ISO for Privateuse
DE 121 to DE 123 Private data
field 4 - 6
NPCI uses DE 121 to DE 123which is reserved by ISO for
Private useDE 127 Private data field 7 NPCI uses DE 127which is reserved by ISO for Private
useTable 10 Private Fields Used in RuPay
7/26/2019 RuPay - Online Switching Interface Specification
26/198
Message Definition Authorization Message
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 25of 197
Chapter 4Message Definition
NPCI system messages generally consist of a pair of messages: a request message followed by a
response message. This section provides an overview and defines various types of messages
supported by the NPCI system.
4.1Authorization Message
4.1.1Description of Authorization MessageThis message authorizes a transaction before a final amount of the purchase is known. It
determines if funds are available, gets an approval and block the funds in the account. These
messages do not have a settlement impact hence, to clear and settle an approved transaction the
acquirer must submit the transaction to the clearing system.
4.1.2Message Type Identifier for Authorization MessageAuthorization request0100
Authorization response0110
Authorization advice request 0120
Authorization advice response 0130
4.2Financial Message
4.2.1
Description of Financial MessageThis message determines if funds are available, gets an approval and debits the account.
Financial messages have a settlement impact. No exchange of clearing file is done after this.
There should be an authentication parameter in the request.
Note: For financial request message PIN (DE 52) is mandatory as an authentication parameter.
Financial request message without PIN will be declined with acquirer compliance and will not
be forwarded to issuer. The exception to this is non-secure E-Commerce transaction.
4.2.2Message Type Identifier for Financial Message
Financial Request 0200Financial Response 0210
Financial Advice Request 0220
Financial Advice Response 0230
4.3File Update Message
4.3.1Description of File Update MessageFile update message is an issuer generated message. File update message is used to update the
cardholder records in NPCI database for negative list. This message will enable performing aSTIP authentication on behalf of the issuer.
7/26/2019 RuPay - Online Switching Interface Specification
27/198
Message Definition Reversal Message
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 26of 197
4.3.2Message Type Identifier for File Update MessageFile update message request 0302
File updates message response 0312
4.4
Reversal Message
4.4.1Description of Reversal MessageThis message reverses the action of a previous authorization. It notifies NPCI Host and/or the
issuer of an error condition regarding an earlier financial transaction if:
An approved transaction is cancelled at the POS or ATM device.
Acquirer does not receive a response to a financial request.
Acquirer cannot send an approved response to the POS or ATM device.
If, for any reason, these messages cannot be immediately delivered to their intendeddestination, acquirer or NPCI stores these messages in SAF and forwards them to the intended
destination when communication is re-established with the appropriate destination processor.
NPCI treats all reversal messages as reversal advice messages. Acquirer needs to send 0420
message to NPCI and NPCI will forward the same to the Issuer. Issuer needs to respond with a
0430 message. NPCI generates reversals only for time-out cases for issuer responses. NPCI will
also generate reversal, if the response from issuer fails for format validation or issuer fails to
respond within the allowed time limit. It is important to mention that a reversal always needs to
be acknowledged and the response code in the reversal response 0430 message is ignored at
NPCI. If any response comes for 0420 message from the Issuer, NPCI treats that the reversal is
completed and the same is not be forwarded again, removed from SAF and take the affect insettlement.
Acquirer can generate reversal up to next 72 hours (3 cut over cycles). If a reversal is generated
after next 72 hours then NPCI will not validate the same will not be processed at NPCI.
4.4.2Message Type IdentifierReversal Message Advice 0420
Reversal Message Advice Response 0430
4.5
Network Management Message
4.5.1Description of Network Management MessageThis message is used to communicate with the NPCI. These messages can be initiated either by
members or by NPCI. These messages are used to communicate that the member is available for
processing transactions. They may also be used for other purposes such as validation of the
availability of the host session in case of low or no transaction traffic in the session, etc.
Network messages communicate with NPCI for the scenarios mentioned below.
7/26/2019 RuPay - Online Switching Interface Specification
28/198
Message Definition Network Management Message
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 27of 197
4.5.2System Sign-On and Sign-Off
Either party (NPCI or Bank) can initiate a sign-on or sign-off message to establish or
close the host session.
Once a session has been closed (signed-off), the session should be re-established (sign-
on) by the party that closed the session. Neither system shall attempt to automatically re-establish a session that has been
signed-off by the other party.
Either party may sign-off a session regardless of whoinitially started (signed-on) the
session.
Bank/NPCI can either originate or receive 0800 sign-on /sign-off message (bit 070 =
001 / 002).
A 0810 request response message must acknowledge the 0800 request message.
Its the members responsibility to generate sign-on (0800) message to establish connectivity to
NPCI. Member banks also have to support sign-on message sent by NPCI and respond accordingly.
4.5.3Cutover Message
NPCI will issue cutover message (0800 message with net code=201 in DE70) at 23:00
hour indicating a business date change for both SMS & DMS transactions NPCI cut off
time indicates the new settlement date is considered for transactions after cutover for
SMS transactions.
The member needs to respond to the cutover message. In the event that a member does
not respond to the cutover message, NPCI will impose a forced cutover.
4.5.4
Echo Message Either party can send an echo message (0800 DE 70=301) to the other party.
The receiving party will respond to the echo message (0810 DE 70=301).
These echo messages are used to validate the availability of the host session in case of
low or no transaction traffic in the session.
Member banks and NPCI will also generate Echo message (0800 message type) to keep
alive during no transaction time. Ideal duration for the same should be 3 minutes (180
seconds).
NPCI will keep generating echo messages at regular intervals only if no transaction
processed on the node.
Banks must generate the echo message every 3 minutes (180 seconds) if no transaction
is processed on the network during the duration.
4.5.5Message Type Identifier for Network Management Message
Network Management Request 0800
Network Management Response 0810
7/26/2019 RuPay - Online Switching Interface Specification
29/198
Message Definition Advice Message
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 28of 197
4.6Advice Message
4.6.1Description of Advice Message
This is a message that is from point to point i.e. from terminal to acquirer, from acquirer
to network, from network to issuer, with transmission guaranteed over each link, but
not necessarily immediately.
It is a message which cannot be rejected i.e. needs an acknowledgement at the
minimum.
Queued and Stored in a SAF(Store And Forward)
When an advice message is forwarded from Acquirer/NPCI to any destination and if an
advice message is not delivered immediately due to some communication failure to the
receiving entity then the advice message is stored in their appropriate SAF and is
delivered to the destination when communication is re-established.
4.6.2
Message Type Identifier for Advice Message Reversal advice request 0420
Reversal advice response 0430
Authorization advice request 0120
Authorization advice response 0130
Financial Advice Request 0220
Financial Advice Response 0230
7/26/2019 RuPay - Online Switching Interface Specification
30/198
NPCI System Functionalities Data Communication
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 29of 197
Chapter 5NPCI System Functionalities
5.1Data CommunicationNPCI can only communicate with member banks using Transfer control protocol. Transfer
control protocol contains the message length of 2 bytes binary excluding header length.
Member Systems will connect to NPCI system using persistent socket connections.
Member will act as client and NPCI will act as server.
Member will be responsible to generate the sign-on (0800 message type) message after every
successful TCP socket connection.
Member must fine tune its timers so that every disconnection is followed by connect request
without any delay.
5.2Message Logging at NPCINPCI can do message logging at TCP level, Host-to-Host level and all the internal core module
levels. NPCI can also enable logging at module.
5.3Key Security and ManagementWithin the NPCI environment, security considerations include measures for ensuring message
security and integrity, as well as protection against disclosure of cardholder personal
identification number (PIN). The NPCI central switch uses secure PIN encryption to protect all
PINs.
In POS and ATM transactions, all PINs must be encrypted at the point of entry using the triple
DES (3DES) algorithm in the ANSI PIN block format 0 which is equivalent to ISO PIN block
format 0. The PIN will remain encrypted until the issuer receives it for verification. The NPCI
central switch must receive the PIN encrypted with the ANSI PIN block format 0 or ISO PIN
block format 0.
Members must execute all PIN encryption, translation, and decryption for the POS/ATM
transaction using hardware encryption through physically secure devices. Both the host and the
point of entry must use hardware security module.
Key exchange is a service that enables member banks to change working keys that are used to
protect cardholder PINs via online messages.
To utilize this service, members must obtain a Zone Master Key (ZMK). A ZMK is a key exchange
key. Members use a ZMK for encrypting the working key when they convey it in an online
message. A ZMK is used to protect a Zonal Pin Key (ZPK). ZPK is different for both an issuer and
an acquirer.
The key exchange service makes it practically convenient to change PIN encryption keys
frequently, thereby increasing the security of the payment system and reducing the chances of
7/26/2019 RuPay - Online Switching Interface Specification
31/198
NPCI System Functionalities Static Key Exchange
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 30of 197
key compromise. There are two types of PIN encryption keys: Acquirer ZPKs and Issuer ZPKs.
NPCI and an acquirer would share one ZPK and NPCI and issuer would share another ZPK.
Acquirers use their ZPK to encrypt the PIN while sending a message to NPCI. NPCI uses the
issuer ZPK to encrypt the PIN when it sends the message to the issuer.
Key exchange messages are used to exchange ZPK between members. ZPK Key exchange can beaccomplished in two ways: i.e. static and dynamic modes as configured for respective members.
5.4Static Key ExchangeIn case of static mode, the Zonal PIN key is encrypted under Zonal Master Key and shall be sent
to bank nominated custodians and the bank is expected to enter those keys manually into their
system. These keys shall remain constant throughout the period for which the member bank is
connected to NPCI on static key mode.
5.5
Dynamic Key ExchangeIn case of dynamic keys the ZPK shall be changed on a periodic basis through a messageexchange between Banks system and NPCI system automatically.
Two ways of dynamic Key exchange is envisaged. One is to have the master send the key update
message and slave updating the key directly. The other way is to have the slave request for a
new key and master shall send a new key in response which slave can update.
Note: In the current implementation NPCI will always send the key to members and members
cannot request for key exchange.
Two ways of key exchange are described below:
Master directly sends the new key to the slave and the slave updates and responds back.
Slave can request a new key and master will send a new key to the slave.
5.5.1Master Sends a New Key
Master key
processor
Slave key
processor
1
2
New Key
Sent
New Key
Accept
Figure 4 Master Send a New Key
1. NPCI will act as a master and will send a new key message (0800 DE 70=184) which will
be the single key used for inbound and outbound messages.
7/26/2019 RuPay - Online Switching Interface Specification
32/198
NPCI System Functionalities Key Exchange Scenarios
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 31of 197
2.
The new key details along with key check value will be sent in DE 48 and the key is
encrypted. The participant bank should decrypt the new ZPK key using the ZMK and
store into their switch and should respond back to NPCI with 0810 message with
response code as 00along with DE70=184.
Note: In the event of slave not responding successfully for the key change request, Master will keepprocessing the transaction with the current key.
5.5.2Slave Send a New Key
Master key
processor
Slave keyprocessor
2
1Key change request
from
slave
Key change respone
from
master
3 New keyrequest
4New keyresponse
Figure 5 Slave Sends a New Key
1.
Participant bank can send a new key request message 0800 with DE70 = 164 to NPCI.
2.
If the key request is accepted, NPCI will respond to the participant bank with 0810
response having the response code as 00with DE70 = 164.
3. NPCI will generate the new key and send the new key in (0800 bit 70= 184) request
message which will be single key used for inbound and outbound messages.
4.
The new key details will be sent in DE48 and key encrypted value under ZMK and key
check value. The participant bank should decrypt the new ZPK key using the ZMK and
store into their switch and should respond back to 0810 message with response code as
00along with DE70=184.
Note: In the current implementation NPCI will send the key change message to members who haveopted for the same. Members will not be allowed to ask for key change request.
5.6Key Exchange ScenariosNPCI will generate key exchange on the following scenarios:
Key request from the member bank: Member bank can initiate key exchange either on
ad hoc basis or after a definite time interval. Once the request from the member bank is
accepted, NPCI will initiate new key exchange. This facility will not be provided to
members currently.
Specific time interval: A new key can be generated after a specific time interval. The
suggested time interval is 24 hours. Only NPCI may initiate this key exchange.
7/26/2019 RuPay - Online Switching Interface Specification
33/198
NPCI System Functionalities PIN Encryption / Decryption Process
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 32of 197
Specified usage count of key: A new key can be generated on the basis of the specific
usage count of a particular key. Only NPCI may initiate this key exchange.
On consecutive key sync errors: A new key can be generated after a specified number of
consecutive key synchronization errors. Only NPCI may initiate this key exchange
5.7
PIN Encryption / Decryption Process Cardholder enters PIN at point of entry.
The terminal encrypts the PIN in hardware and sends it to the acquirers host.
The acquirers host receives the encrypted PIN, which is then decrypted in hardware.
The acquirer host system then encrypts it in hardware under a different key (Acquirers
ZPK) that the acquirer and the NPCI share.
The NPCI central switch then receives the newly encrypted PIN.
The NPCI central switch performs PIN translation.
The issuer decrypts the PIN using the issuers ZPK key and verifies that the PIN is valid.
5.8Time-Out ManagementThere are different timeout scenarios in a transaction life cycle and as a central switch, NPCI is
expected to manage the timeout scenarios of the transaction in various stages.
NPCI shall maintain the timer at the issuer end such that the timer will start ticking after
the transaction is sent to issuer node. This timer shall be applicable to all the messages
sent to issuer.
Acquirer and NPCI are expected to generate reversal after the expiry of timeout as
mentioned in chapter 6 Member Responsibilities.
In case the reversal or advice is originated by acquirer and acknowledgement is not
received from the issuer within the timeout period, NPCI shall store the advice in SAF
and the SAF shall be cleared from the system as and when the other host is online and is
ready to accept SAF advises. In case of SAF timing out, it will be retried for 3 times
before getting purged and the affect taken into settlement.
NPCI can set parameter in such a way that issuer member bank node can be set to offline on the
basis of consecutive number of messages timed out.
5.9 Liquidity Management Module To keep control on transactions from the Member bank, NPCI wants to keep upper limit
on the transaction received from the Member bank. Using this provision NPCI can keep
control on transactions from member bank. The upper limit is always total of
transaction amount. Member bank can allow transactions equal to or less than the total
of transaction amount i.e. upper limit maintain at NPCI end.
The upper limit of member bank is always decided by banks.
This upper limit is always for the issuer transactions and not for the acquirer
transactions.
At NPCI end, NPCI always maintain cumulative amount and Upper limit amount of
member bank. At the beginning cumulative amount of member bank is always zero.
7/26/2019 RuPay - Online Switching Interface Specification
34/198
NPCI System Functionalities Matching Criteria Key Data Fields
RuPay - Online Switching Interface Specification
Version 1.6 Year 2013 NPCI 2011 Confidential Page 33of 197
When NPCI receives an authorization (DMS) or a financial transaction (SMS) from the
member bank as acquirer, and before routing the transaction to the issuer, LMM module
adds transaction amount to the cumulative amount of issuer and compare with upper
limit amount.
If the cumulative amount is greater than upper limit of member bank, LMM module will
decline the transaction with specific response code decide by NPCI.
If the cumulative amount is less than upper limit of member bank, LMM module will
allow the transaction for the member bank.
If the cumulative amount is equal to upper limit of member bank, LMM module will
a
Recommended