A thread on #UPI PSPs who come in all shapes and sizes, Some history from 2016, some thoughts on bank led model, API gatekeeping, unbundling of #UPI, hierarchy of players, business impact.
#UPI hit the market with ~18 banks going live in July 2016. All of them released an app, had their own PSP backends, were issuers. A week later @PhonePe_ became the first non-bank PSP with an YesBank partnership operating its own PSP backend.
Days later few more apps built by startups hit. All of them with YesBank partnership, using Yesbank PSP backend. SBI and HDFC were largely holdouts to UPI, did not have choice but to launch post #DeMo
Initial bone of contention was a third party owning the customer instead of the same bank. But this was mediated by making an assurance that only banks will be PSP providers and all fintech have to partner banks to get access.Banks felt assured,economics of 0 MDR was next problem
UPI has its own 6 party model. Spin off of 4 party model of cards world, adding 2 more entities (VPA) issuing and acquiring PSPs, in addition to account issuers and acquirers. This, coupled with lower MDR than cards, meant UPI was headed for P2P only as stronghold.
Then came BHIM. A unique non bank PSP. Where NPCI would be operating entity. It was called a starter app (transaction limits), reference app (Leader in piloting UPI SDK implementation, starting with spam feature), BHIM had disproportionate advertisement, with PM branding.
This made banks unhappy, as their apps will not get users. It also angered at least one large bank, who was supremely pissed about BHIM. A special package in terms of merchant acquisition in largest e-commerce site (No not shopping) was given exclusively to this bank PSP.
In BHIM, the account holder's bank acts as both issuer and VPA issuer for all monetary purpose even though NPCI carries out the operations of PSP (maintaining app, issuing VPA, having cust support). This is reason why only one bank account can be active in BHIM at a time.
This made BHIM to 4/5 party instead of 6 party. Since NPCI is operating on behalf of banks, the lower limits to the BHIM app ensured, NPCI had to pay lesser operational guarantees to bank and also helps in claiming it as starter app. More on BHIM at medium.com/cashlessconsum…
Then infamous ICICI-PhonePe fight happened in Jan 2017. While the front stage was filled with claims of latter destroying spirit of interoperability in Flipkart, insider news was the fight was more about PhonePe being a non-bank PSP & why should banks support growth of nonbanks?
Deliberations ensured that bank stakeholders were convinced that UPI will be a bank led network with a collaboration with fintech and this settled the debate. Section of bankers were still skeptical of UPI, slowly #BharatQR emerged. With traditional card network partners & MDR
#BharatQR had a workable model on paper. proven business model, but somehow very few committed banks, partners. All the initial blitz faded away as days went by.
External Tweet loading...
If nothing shows, it may have been deleted
by @logic view original on Twitter
More online P2M use cases emerged on UPI, thanks for bigger banks' stabler APIs for processors
Launch of BHIM saw, small banks becoming issuer only banks, as it made no sense for them to launch and maintain apps, PSP infra for their small customer base. Most banks already had IMPS, so UPI could be just enabled with smaller addon and lesser footprint than running a PSP.
Even few months, Talks about Google and Whatsapp are being heard. But they too have to under the banks to be part of network. VPA handles were proxies of bone of contention for role of entity on networks. okicici, okhdfc, okaxis meant bank led model was here to stay.
Thus Google Tez was born. With Google running the PSP backend (with approval from multiple banks). Commercially the partner banks (4 large banks will share whatever little of MDR, Google mostly doesnt take any if I am not wrong). They are in here for data :)
Then came payment banks. Yes, the ones who already didnt have much wrt business model. The aggressive ones (PayTM, Airtel) too were mostly for data / FOMO. All along wallets were kept outside to propogate bank led model. PayTM can only do "BankToBank" transfers, not wallet.
Amazon came into UPI in the most complicated way. They wanted to be treated at par. Even acquired PPI license. But bank led model still continues. However, they are given special privileges, again for partnering with a bank that also has same initials
External Tweet loading...
If nothing shows, it may have been deleted
by @logic view original on Twitter
* Amazon (APL with Axis partnership) became a collect only PSP solely for its ecommerce operations.
* Google Tez is multibank partnered PSP,
* Whatsapp is multibank (yet to, currently ICICI only) partnered UPI aggregator using partner banks PSP.
* Mobikwik, despite owning a wallet, joins as a multibank partnered PSP who will enable its users to do "BankToBank" transfers, but not be able to transact out of their own wallet.
External Tweet loading...
If nothing shows, it may have been deleted
by @logic view original on Twitter
This bank led model meant, fintech's or global tech's can't antagonize banks / their interests. Which means market will grow only as per top banker's wish. Why do you think PhonePe business / Google Tez business never kicked off? They disrupt, affects banks absorption rate.
#UPI will mean startups need to bend for banks. Cant even bend independently. This is good though, as UPI has its own share of privacy, national security risks and a slow growth is good. Jai Ho bank led model and matchfixing in Bombay boardroom.
External Tweet loading...
If nothing shows, it may have been deleted
by @logic view original on Twitter
Meanwhile, Billion, Trillion, Gazilion will be thrown in statistics. #UPI needs competition for itself to innovate, because, traditionally, after the #BullyStack folks enterprises wind down, the system is doomed. In Gov it was left to babu's / NIC / Big 4 consultants.
#UPI must be unbundled, and an open spec for address translation should be run by anyone / self soverign. This will be a good GDPRish service where one can even get alerts if someone resolves your VPA. Currently scams happen at scale and goes undetected
• • •
Missing some Tweet in this thread? You can try to
force a refresh
Repeat after me: #FASTag is an asset monitoring technology for the lenders (highway traffic measurement for infrastructure assets & vehicle control -- toll block / geo-fence -- for vehicle loans) masquerading as toll collection technology providing convenience.
Repeat after me: #BBPS is an investment lead generation technology for the lenders (consumption data of utilities for infrastructure for equity investments & family consumption/scoring for household finance) masquerading as bill collection technology providing convenience.
Repeat after me: #GSTN is a trade surveillance technology masquerading as simplified(!!) tax collection technology.
First up some fact checking on email, tweets. Then some commentary about BBPS, then the larger idea of NPCI being the behemoth, what it means to industry, @CashlessConsumr and the whole data game.
// Because there’s just no telling when it will decide to become a competitor. //
They are in for it to super control the market, not compete. Even on BHIM in UPI, technically, NPCI is operator, the banks are the players market wise.
Now that the lawyers have run their marathon and we wait for the top court to rule, a small personal diary note thread on #Aadhaar & me.
Huge thanks to community of people who have widened my wisdom of how society works. Fellow helpless people helping each other.
It started sometime in 2011, when I knew nothing, enrolled along with family.But our enrollment packets were lost, EID wasnt even searchable. I did write some emails to support, but yielded nothing more than, please enroll again. As the need wasn't real, did not enroll.
Parents gave up at a later date, enrolled, got UID successfully generated. I resisted, mostly because of laziness, but did not have developed trust enough to enroll. On random browsing sessions, have heard Usha Ramanathan on YouTube, but never took deep dive into issues.
Thread on Billgates connection to #Aadhaar. Does he know enough to comment (of course he knows a lot more, deep intentions, interests). Now that he himself has repeated the fact that, his "charity",WB are interested in it, like to fund the initiatives, lets look at larger picture
Read "Digital Poverty Stack". I will summarize these posts
Note that @India_Stack and Level One Project are parallel initiatives in India and Africa respectively? Why only these two geographies? Why not elsewhere?
Besides the usual guinea pig theory, the other common thing is, these are geographies where "Development finance"
I dont have any soft spots for @NandanNilekani, but this needs demystifying for people to see larger picture and not get personal, potshot happy and forget, but its important to understand what ROHINI is, what the healthcare agenda is, so Thread.
External Tweet loading...
If nothing shows, it may have been deleted
by @vinodjose view original on Twitter
IIB is registered society, promoted by insurance industry as an agency to provide sector level cooperation. Regulators : Industry bodies :: RBI-TRAI-IRDA : IBA / NPCI-COAI-IIB. These industry organizations exist to shape larger policy around industry to safeguard themselves
IIB was formed in *2009* and ROHINI is health insurance market analyzing product which the insurance industry needs. That they have effectively lobbied regulator IRDA to make it mandatory is another thing, all these before *Modi care*
Classic example of disasters in not differentiating aadhaar authentication, eKYC, eSign, eMandate. Everything needs only one OTP and no knows what transaction happens in backend. @India_Stack will be happy because all they care is volumes not user interest. #Consent#Fraud
External Tweet loading...
If nothing shows, it may have been deleted
by @digitaldutta view original on Twitter
A simple way of fixing this mess, is to not allow signatures by just sharing OTP, but involve some bit of user action and adding friction to make sure signatures can't be made with just OTP. User can send a SMS from registered mobile with SIGN <OTP_SENT_TO_ENTITY> to get SIGNOTP
What this would mean is, while signing is still happening through the same set of APIs, it codifies user action, which reduces frauds like these. eSign still has more issues, but this is rudimentary.