Stay organized with collections Save and categorize content based on your preferences.

Issuer switch overview

This page provides an overview of Issuer switch and assumes that you are familiar with the UPI (Unified Payments Interface) payment system developed by the NPCI (National Payments Corporation of India).

If you are already familiar with issuer switch functionality and want to start onboarding with issuer switch, contact Google Support.

What is an issuer switch?

Issuer switch is a Google Cloud service that assists you in processing UPI transactions.

A digital payment transaction has to follow a sequence of steps from start to finish. Some of these steps in the transaction are mandated by banking rules and regulations. And some are required to secure the transaction. As the world increasingly moves towards digital payments, your bank's backend services also must scale to process the payment transactions. Scaling your bank's backend systems might not always be possible. To address the issue of scaling and to meet the SLAs (Service Level Agreements) of the transactions, you can offload some of your bank's backend work to the issuer switch, which uses the Google Cloud infrastructure to provide the required scale and throughput.

The following diagram shows the interactions between the issuer switch, NPCI, and your bank's backend services.

Image showing interactions of the issuer switch with a
bank's backend services Image showing interactions of the issuer switch with a
bank's backend services

UPI transaction processing

The issuer switch provides the following support for processing UPI transactions:

Traffic shaping

You can configure the maximum number of concurrent requests that your bank adapter and banking systems can handle. Even if there is a spike in incoming calls from NPCI, requests are buffered by the issuer switch and are drained at a rate that your bank adapter and backend services can support.

Because the issuer switch supports the configuration of the traffic flow, your existing systems can service financial APIs at an optimal rate.

M-PIN management

The issuer switch stores and validates the M-PIN (mobile PIN) provided by your customers in the following UPI operations:

  • First time registration
  • Update M-PIN
  • Debit an account
  • Balance enquiry
  • Set up a mandate

The issuer switch stores the M-PINs in a secured format on Google's Cloud infrastructure. Storing the M-PINs lets the issuer switch update and validate M-PINs in the incoming requests.

Rule management

All the payment transactions must adhere to certain rules. Some of these rules are mandated by the NPCI through their UPI specification, and some rules might be specific to your bank. Support for the NPCI mandated rules is built into the issuer switch, and the description of these rules is outside the scope of this document.

The following table lists the rules currently supported by the issuer switch:

# Rule Description
1 BlockedDeviceIDReqPayDebitRule Blocks Pay-DEBIT transactions originating from the specified payer's device ID.
2 BlockedMobNumReqPayDebitRule Blocks Pay-DEBIT transactions originating from the specified payer's mobile number.
3 BlockedPayeeAccountReqPayDebitRule Blocks Pay-DEBIT transactions that will eventually credit into the specified payee's bank account.
4 BlockedPayerAccountReqPayDebitRule Blocks Pay-DEBIT transactions originating from the specified payer's bank account.
5 BlockedPayeeIFSCReqPayDebitRule Blocks Pay-DEBIT transactions that will eventually credit into the payee's bank account with specified IFSC code.
6 BlockedVPAReqPayDebitRule Blocks Pay-DEBIT transactions originating from the specified payer's VPA (Virtual Payment Address).
7 BlockedDeviceIDReqPayCreditRule Blocks Pay-CREDIT transactions originating from the specified payee's device ID.
8 BlockedMobNumReqPayCreditRule Blocks Pay-CREDIT transactions originating from the specified payee's mobile number.
9 BlockedPayeeAccountReqPayCreditRule Blocks Pay-CREDIT transactions originating from the specified payee's bank account.
10 BlockedPayerAccountReqPayCreditRule Blocks Pay-CREDIT transactions that were debited from the specified payer's bank account.
11 BlockedPayerIFSCReqPayCreditRule Blocks Pay-CREDIT transactions that were debited from the payer's bank account's with specified IFSC code.
12 BlockedVPAReqPayCreditRule Blocks Pay-CREDIT transactions originating from the specified payee's VPA.
13 BlockedDeviceIDAllRule Blocks all transactions from the request originator's device ID.
14 BlockedMobNumAllRule Blocks all transactions from the request originator's mobile number.
15 BlockedVPAAllRule Blocks all transactions from the request originator's VPA.
16 CashWithdrawalRule Enforces restrictions defined by NPCI on UPI based cash withdrawals done using Pay-DEBIT.
17 CumulativeTransactionValueRule Blocks Pay-DEBIT transactions that exceed the cumulative value of transactions defined by NPCI for a user in a single day.
18 NewAccountRule Blocks Pay-DEBIT transactions based on the restrictions defined by NPCI for newly registered UPI users .
19 TransactionValueRule Blocks Pay-DEBIT transactions that exceed the threshold transaction value defined by NPCI.
20 VelocityLimitRule Blocks Pay-DEBIT transactions that exceed the user's transaction velocity defined by NPCI.

To reference a rule resource, use the projects/PROJECT_ID/rules/RULE_NAME URI. For example, projects/payment_gateway_proj1/rules/BlockedVPAReqPayCreditRule.

For more information, see View rules.

Rule metadata and metadata values

Rules numbered 1 to 15 in the rules table require metadata for their functioning. The issuer switch creates the required metadata for each of these rules. To use a rule, you must provide the information required by the rule in the form of metadata values. For example, the metadata required by the BlockedVPAReqPayCreditRule rule is the VPAs of payees whose Pay-CREDIT transactions must be blocked. So metadata values for this rule would be a list of VPAs.

Rules numbered 16 to 20 are static and do not need any metadata for their functioning.

To view the name and description of the metadata associated with a rule, use the ListRuleMetadata [REST, gRPC] API. If a rule has no metadata, then this API returns an empty list of metadata.

For more information on viewing rule metadata and rule metadata values, see:

Transaction metrics

The issuer switch provides real-time metrics that you can use to analyze and monitor your transactions. For example, you can view information such as:

  • Count of processed transactions along with latencies
  • Count of Bank Adapter responses along with latencies
  • Count of failed transactions with NPCI
  • Count of failed transactions with Bank Adapter

For more information about issuer switch monitoring and metrics, see Monitor the performance of the issuer switch.

Export transaction data

You can also export transaction data in a CSV file. The issuer switch provides the following APIs for exporting transaction data:

  • ExportFinancialTransactions [REST, gRPC] - Exports financial transactions.
  • ExportMetadataTransactions [REST, gRPC] - Exports metadata transactions.
  • ExportMandateTransactions [REST, gRPC] - Exports mandate transactions.
  • ExportComplaintTransactions [REST, gRPC] - Exports complaint transactions.

For more information about exporting transaction data, see Export transaction data.

Data for dispute resolution

The issuer switch stores and manages details of all the transactions handled by it. You can query transaction details and generate reports by using the issuer switch APIs. These APIs let you automate your complaint and dispute resolution processes. For more information about the supported APIs, see Create and resolve complaints and Create and resolve disputes.