Overview
Aadhaar Enabled Payment System (AePS) is a National Payments Corporation of
India-supported payment method. AePS is a payment system assisting banks and financial
institutions in providing a one-stop solution for every banking need of a person who is
underbanked, unbanked, or belongs to a migrant population in India. AePS services are
provided by Business Correspondents (Agents/ Service Providers) appointed by financial
institutions who act as a mediator between banks, financial institutions, and customers.
AePS is a bank-led model which allows online interoperable financial inclusion transactions
through the Business correspondent of any bank using the Aadhaar authentication. AePS
allows you to do six types of transactions.The only inputs required for a customer to do a
transaction under this scenario are:-
1. Bank Name
2. Aadhaar Number
3. Fingerprint captured during enrollment.
Goals
❖ To empower a bank customer to use Aadhaar as his/her identity to access his/ her
respective Aadhaar-enabled bank account and perform basic banking transactions like
cash withdrawals, balance inquiry, and obtain a mini statement through a Business
Correspondent.
❖ To sub-serve the goal of the Government of India (GoI) and Reserve Bank of India (RBI)
in furthering Financial Inclusion.
❖ To sub-serve the goal of RBI in the electronification of retail payments.
❖ To enable banks to route the Aadhaar-initiated interbank transactions through a central
switching and clearing agency.
❖ To facilitate disbursements of Government entitlements like NREGA, Social Security
pension, Handicapped Old Age Pension, etc. of any Central or State Government bodies,
using Aadhaar and authentication thereof as supported by UIDAI.
❖ To facilitate interoperability across banks in a safe and secure manner.
❖ To build the foundation for a full range of Aadhaar-enabled Banking services.
Specifications
Aadhaar Enabled Payment System (AePS) is a way to get money from a bank account, and it
has the following:
● The account holder can do the financial and non-financial transactions through the
banking correspondent
● A banking correspondent of any bank can do the specified transaction of any bank.
● You don't need to have a signature or debit card.
● AEPS is secured because no one else can forge your fingerprint.
Process Flow
The below process is involved in Paytm AePS activation
PaySprint has offered a separate Paytm bank Aeps Pipe for cash withdrawals, Mini
Statements, and balance inquiries.
- Our Paytm Aeps pipe not required any Prior merchant onboarding.
- The merchant onboarding process is real-time, while the merchant initiates the
transaction.
- While transaction merchant has to pass the below details
- Phone No of the merchant for onboarding
- Merchant id (Alphanumeric up to 15 digits)
- Pan No
- Address, city, and state code (Partner has to pass the defined State code
mentioned in Document)
- The Above details we consider as merchant onboarding details and we register the
merchant with the same details
- Partner merchant has to pass the State code in the state field. (State code doc
attached.)
- For onboarding a new merchant, the merchant has to pass all the unique parameter
values in API. any old or provided details treated as a registered merchant in PayTm.
PARTNER SHOULD KNOW !
1 - In case of Paytm AEPS, the settlement will be done from the partner bank account only.
2 - No Merchant payout available in Paytm AEPS.
Paytm AEPS BODY ENCRYPTION TECHNIQUE
In Paytm AEPS (Merchant Onboarding, Balance Enquiry, Mini Statement, Cash Withdraw, Cash Withdraw Transaction Status ) all body parameters should be encrypted using AES-128 encryption by
using AES-Key and AES-IV provided by Pay Sprint.
<?php
$key =''; (provided by PAYSPRINT)
$iv= ''; (provided by PAYSPRINT)
$datapost = $this->input->post();(FORM POST DATA)
$cipher = openssl_encrypt(json_encode($datapost,true), 'AES-128-CBC', $key, $options=OPENSSL_RAW_DATA, $iv);
$body= base64_encode($cipher);
?>
public class AES
{
public static string CryptAESIn(string textToCrypt, string crypt_key, string init_Vector)
{
try
{
byte[] cryptkey = Encoding.ASCII.GetBytes(crypt_key);
byte[] initVector = Encoding.ASCII.GetBytes(init_Vector);
using (var rijndaelManaged =
new RijndaelManaged { Key = cryptkey, IV = initVector, Mode = CipherMode.CBC })
using (var memoryStream = new MemoryStream())
using (var cryptoStream =
new CryptoStream(memoryStream,
rijndaelManaged.CreateEncryptor(cryptkey, initVector),
CryptoStreamMode.Write))
{
using (var ws = new StreamWriter(cryptoStream))
{
ws.Write(textToCrypt);
}
return Convert.ToBase64String(memoryStream.ToArray());
}
}
catch (CryptographicException e)
{
return "A Cryptographic error occurred: {0} " + e.Message;
}
}
public static string DecryptAESIn(string cipherData, string crypt_key, string init_Vector)
{
try
{
byte[] cryptkey = Encoding.ASCII.GetBytes(crypt_key);
byte[] initVector = Encoding.ASCII.GetBytes(init_Vector);
using (var rijndaelManaged =
new RijndaelManaged { Key = cryptkey, IV = initVector, Mode = CipherMode.CBC })
using (var memoryStream =
new MemoryStream(Convert.FromBase64String(cipherData)))
using (var cryptoStream =
new CryptoStream(memoryStream,
rijndaelManaged.CreateDecryptor(cryptkey, initVector),
CryptoStreamMode.Read))
{
return new StreamReader(cryptoStream).ReadToEnd();
}
}
catch (CryptographicException e)
{
return "A Cryptographic error occurred: {0} " + e.Message;
}
}
public static string EncryptTestWa(string plainText, string crypt_key, string init_Vector)
{
byte[] Key = Encoding.ASCII.GetBytes(crypt_key);
byte[] IV = Encoding.ASCII.GetBytes(init_Vector);
byte[] encrypted;
// Create a new AesManaged.
using (AesManaged aes = new AesManaged())
{
// Create encryptor
ICryptoTransform encryptor = aes.CreateEncryptor(Key, IV);
// Create MemoryStream
using (MemoryStream ms = new MemoryStream())
{
// Create crypto stream using the CryptoStream class. This class is the key to encryption
// and encrypts and decrypts data from any given stream. In this case, we will pass a memory stream
// to encrypt
using (CryptoStream cs = new CryptoStream(ms, encryptor, CryptoStreamMode.Write))
{
// Create StreamWriter and write data to a stream
using (StreamWriter sw = new StreamWriter(cs))
sw.Write(plainText);
encrypted = ms.ToArray();
}
}
}
// Return encrypted data
return Convert.ToBase64String(encrypted);
}
public static string DecryptTestWa(string cipher_Text, string crypt_key, string init_Vector)
{
byte[] cipherText = Encoding.ASCII.GetBytes(cipher_Text);
byte[] Key = Encoding.ASCII.GetBytes(crypt_key);
byte[] IV = Encoding.ASCII.GetBytes(init_Vector);
string plaintext = null;
// Create AesManaged
using (AesManaged aes = new AesManaged())
{
// Create a decryptor
ICryptoTransform decryptor = aes.CreateDecryptor(Key, IV);
// Create the streams used for decryption.
using (MemoryStream ms = new MemoryStream(cipherText))
{
// Create crypto stream
using (CryptoStream cs = new CryptoStream(ms, decryptor, CryptoStreamMode.Read))
{
// Read crypto stream
using (StreamReader reader = new StreamReader(cs))
plaintext = reader.ReadToEnd();
}
}
}
return plaintext;
}
public static string EncryptStringToBytesAes(string plainText, string key_k, string iv_v, Int32 KeySize = 256)
{
Int32 blockSize = 128;
byte[] key = Encoding.ASCII.GetBytes(key_k);
byte[] iv = Encoding.ASCII.GetBytes(iv_v);
// Check arguments.
if (plainText == null || plainText.Length <= 0)
throw new ArgumentNullException("plainText");
if (key == null || key.Length <= 0)
throw new ArgumentNullException("key");
if (iv == null || iv.Length <= 0)
throw new ArgumentNullException("iv");
// Declare the stream used to encrypt to an in memory
// array of bytes.
MemoryStream msEncrypt;
// Declare the RijndaelManaged object
// used to encrypt the data.
RijndaelManaged aesAlg = null;
try
{
// Create a RijndaelManaged object
// with the specified key and IV.
aesAlg = new RijndaelManaged { Mode = CipherMode.CBC, KeySize = KeySize, BlockSize = blockSize, Key = key, IV = iv };
// Create an encryptor to perform the stream transform.
ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);
// Create the streams used for encryption.
msEncrypt = new MemoryStream();
using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
{
using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
{
//Write all data to the stream.
swEncrypt.Write(plainText);
swEncrypt.Flush();
swEncrypt.Close();
}
}
}
finally
{
// Clear the RijndaelManaged object.
if (aesAlg != null)
aesAlg.Clear();
}
// Return the encrypted bytes from the memory stream.
return Convert.ToBase64String(msEncrypt.ToArray());
}
public static string DecryptStringFromBytesAes(string cipherText_c, string key_k, string iv_v, Int32 KeySize = 256)
{
Int32 blockSize = 128;
byte[] cipherText = Encoding.ASCII.GetBytes(cipherText_c);
byte[] key = Encoding.ASCII.GetBytes(key_k);
byte[] iv = Encoding.ASCII.GetBytes(iv_v);
// Check arguments.
if (cipherText == null || cipherText.Length <= 0)
throw new ArgumentNullException("cipherText");
if (key == null || key.Length <= 0)
throw new ArgumentNullException("key");
if (iv == null || iv.Length <= 0)
throw new ArgumentNullException("iv");
// Declare the RijndaelManaged object
// used to decrypt the data.
RijndaelManaged aesAlg = null;
// Declare the string used to hold
// the decrypted text.
string plaintext;
try
{
// Create a RijndaelManaged object
// with the specified key and IV.
aesAlg = new RijndaelManaged { Mode = CipherMode.CBC, KeySize = KeySize, BlockSize = blockSize, Key = key, IV = iv };
// Create a decrytor to perform the stream transform.
ICryptoTransform decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV);
// Create the streams used for decryption.
using (MemoryStream msDecrypt = new MemoryStream(cipherText))
{
using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
{
using (StreamReader srDecrypt = new StreamReader(csDecrypt))
{
// Read the decrypted bytes from the decrypting stream
// and place them in a string.
plaintext = srDecrypt.ReadToEnd();
srDecrypt.Close();
}
}
}
}
finally
{
// Clear the RijndaelManaged object.
if (aesAlg != null)
aesAlg.Clear();
}
return plaintext;
}
}
npm i crypto-js
import * as CryptoJS from 'crypto-js';
encrypt(data: any) {
let key = config.aesEnc.key; //length 32
let iv = config.aesEnc.iv;
let cipher = CryptoJS.AES.encrypt(JSON.stringify(data), CryptoJS.enc.Utf8.parse(key), {
iv: CryptoJS.enc.Utf8.parse(iv),
mode: CryptoJS.mode.CBC,
});
return cipher.toString();
}