A part of the project, kept confidential according to non-disclosure agreement (NDA), was the implementation of automatic mass payments from the account of a legal entity with automatic signing of payment orders and execution of them in the bank.
Within the framework of one of our client's projects (the project itself is protected by NDA), it became necessary to organize mass payments to card accounts of individuals in the amount of several tens of thousands per day.
In this case, the user of the service (individual) had to initiate (order) the payment himself, having determined the amount of payment. This way he transferred money from the internal account.
The client immediately rejected the variant of bundling payments in packages and mass signing, since the speed of money transfer was very important. The payment had to be sent immediately after the request, bypassing verification and signing by the accountant, who could not do it even once an hour.
Having considered a couple of the task solution variants, we decided to interact with Alfa-Bank using the REST-API and the rules of electronic document management of corporations and banks, necessary for making payments based on the international ISO 20022 standard.
The solution allowed interacting with the bank in the automatic mode and sending payment orders automatically, immediately signed. It also implies that EDS keys (private part) are stored not somewhere in the office on a flash drive, but on the server in the crypto storage provided by CryptoPro.
How it works:
- Online service user initiates money transfer.
- The server creates a payment order for the bank according to the specified template.
- The server takes the EDS key from the crypto storage and signs the payment order with it.
- The server sends the payment order to the bank. The bank compares the signature with its public key part and confirms the payment automatically.
- The bank transfers money to the card account of the individual client.
Thus, it takes a few seconds to request the money on the web-site or in the application and to receive it on the card.
After implementation, testing and fine-tuning of this feature, tens of thousands of users used it, having made millions of transactions up to the present moment.