FAQ

Introduction

What is LotusPay?

LotusPay is the recurring payments solution for businesses in India. We enable any business to quickly and easily collect recurring payments online from their customers.

What is NACH Debit?

NACH Debit enables businesses to collect recurring payments directly from their customers' bank accounts. This is done by asking customers to authorise mandates. NACH Debit has replaced ECS Debit.

How can I use LotusPay?

You can use our simple web dashboard or our API.

Who can use LotusPay?

Anyone that wants to take recurring payments directly from their customers' bank accounts in India can use LotusPay.

Is there setup, maintenance or monthly fee?

In the Standard plan there is no monthly fee. We only charge a percentage fee for each successful transaction.

In the Pro plan there is a monthly fee, plus a fixed fee per successful transaction.

There are no setup fees or maintenance fees.

What is LotusPay not suitable for?

LotusPay cannot be used for taking instant payments such as credit cards, debit cards, digital wallets and UPI. NACH Debit mandates can take a few days to set up, hence they are not suitable for anything that requires instant or urgent confirmation of payment. However, you can use LotusPay alongside other payment methods.

Isn't NACH Debit for big companies like mutual funds?

It was - until we came along. We have made NACH Debit simple, fast, accessible and affordable. It's more reliable and far cheaper than other payment methods.

Why is NACH Debit better for recurring payments than cards/wallets?

'Push' payment methods such as credit cards, debit cards, digital wallets and UPI generally require the customer to authorise each and every payment, so customers often delay, forget or fail to pay, or they just cancel.

NACH Debit is a 'pull' payment method: it requires the customer to only authorise an initial mandate for you to pull money from their account, following which they don't need to worry about authorising future transactions and you don't need to worry about chasing up customers for your payments. NACH Mandates are like cheques in that they are negotiated and agreed, so customers should not cancel them without your consent.

Cards can expire or get cancelled, so your payment will fail. NACH Debit mandates expire when you want them to, and they can't be lost or stolen so they are much more reliable for recurring payments.

Payment gateways charge you 2% to 3% in fees for card, wallet and UPI payments. NACH Debit with LotusPay is much cheaper for you.

Fewer than 3% of Indians have credit cards. NACH Debit requires the customer to have a bank account, which nearly everyone has.

Digital wallet payments require the customer to load the wallet first, which requires the customer's authorisation each time - again, more friction for paying you.

What is the legal basis for payments under NACH Debit?

NACH Debit mandates are like cheques: both are negotiable financial instruments. Therefore, customers should not cancel mandates without your consent, or fail to honour the payments drawn on the mandates.

Section 138 of the Negotiable Instruments Act 1881 accords certain rights and remedies to the payee of a cheque if the payer dishonours the cheque for insuffiency of funds (i.e. if the cheque bounces). Section 25 of the Payment and Settlement Systems Act 2007 accords similar rights and remedies to the payee against dishonour of electronic funds transfer for insufficiency of funds in the payer's account.

Why is NACH Debit better for recurring payments than card standing instructions?

Standing instructions on cards are organised by the card issuing bank directly. They do it to help large companies like utilities, mobile networks and insurance companies collect payments from their common customers, and it requires significant integration between the bank and the company. This method is not feasible for other businesses. Moreover, cards have the other disadvantages mentioned above.

How do I get paid?

Your funds are paid directly into your bank account.

When do I get paid?

Your funds will reach you within two business days of when we collect the amount.

What is the smallest amount that I can collect?

The smallest amount for a single transaction is Rs 100.

What is the largest amount that I can collect?

You can collect as many transactions as you want. The maximum for any one transaction is Rs 1,00,00,000 (1 crore or ten million) with physical mandates and Rs 1,00,000 (1 lakh or one hundred thousand) with electronic mandates.

Can I collect fixed amounts and variable amounts?

Yes. You can use our simple dashboard or API to create fixed plans, or inform us of the variable amounts that you want to bill to your customers.

How often can I collect?

You can collect daily, weekly, monthly, quarterly - or build custom frequencies. You can even select ad-hoc frequency, meaning that you can collect payments as and when you want.

How it works

How does it work?

Signing up takes just 10 minutes. We will review and activate your account within two business days.

  • In our web dashboard, you create a plan and invite your customer to subscribe to that plan.
  • Your customer receives an email from your company's name, containing a link to our NACH Debit authorisation page. Your customer visits the link and completes the simple and quick process.
  • We quickly process the NACH Debit mandate through secure banking channels and start collecting payments and paying them out to you.
  • Your customer is kept informed of every debit from their bank account by an email from your company name, and we keep you informed of every subscription, payment and pay out.
Can customers sign up on my website?

You can create a payment link and add this on your website. On clicking this link the customer will be sent to our secure online payment page where they can create the mandate.

How does the customer authorise payments to me?

Your customers authorise payments to you via NACH Debit mandates. Most individuals can electronically sign a mandate using Aadhaar eSign. Otherwise, physical mandates are generated which customers can sign and give to you, which you can give to us.

Can I make the mandate for my customer?

You can enter the customer's details, or assist the customer to do so, but the customer needs to personally authorise the mandate.

How do I know if I've been paid?

In our online dashboard you can see up-to-date information on your customers and payments.

Getting started

Do I need to sign an agreement?

Signing up online and using our service means that you accept our merchant agreement, which you can find linked at the bottom of this page. There is nothing else to sign.

What details do you need from me?

After signing up, we will ask you for your organisation's details, your bank account details and your personal details. We will also need some documents to verify both you and your organisation.

You must have a bank account in India to receive the settlement payouts. It is not possible to be paid out to a foreign account.

You do not need to be NACH-enabled. You would be benefitting from LotusPay's deep NACH integration with our sponsor banks, hence you simply need a bank account to be paid out to - we take care of everything else.

If you want to be on our Pro plan to benefit from absolute fees (rather than percentage fees) and only your name appearing on your customer's bank statement, you would need a NACH utility code. We can get that for you, free of cost. You do not need to discuss NACH with your bank.

How do I test the product?

You can easily sign up and test it out for yourself. In case you prefer to see a demo, please contact us and we will schedule a time to give you a live demonstration.

Can I sign up if I am not a company?

Yes. LotusPay is available to companies, partnerships, trusts, societies, proprietorships and government organisations. Individuals cannot currently be LotusPay clients.

Can I sign up if I am a charity or religious organisation?

Yes. Charities and religious organisations are perfectly welcome. You must be a registered trust, society or non-profit (Section 25) company. Due to RBI FEMA regulations, you can not collect funds from a customer's NRE account.

How do I sign up as a developer?

Developers should sign up as normal and then get in touch with us to review our API.

Can I check the product for free?

Yes, you can sign up without any commitment and see how the product works. There is no lock-in or payment due and you can stop using the product at any time. We only take payment for successfully processing transactions for you.

I'm already using NACH Debit. Can I switch to LotusPay?

Yes. It's easy to migrate your existing NACH Debit mandates to LotusPay. We do not charge any fee for migration. Please contact us to get started.

Physical mandates

Do you process physical mandates?

No. We are a technology-driven product company, hence we focus on paperless direct debit: electronic NACH. We're including the information below about physical mandates only to help you understand how NACH works in general, but please note that we cannot serve you in physical NACH.

What is a physical mandate?

A physical mandate looks similar to a cheque: it is 8 inches by 3.66 inches in size and contains the customer's details and plan details. The customer needs to sign it, then it is sent via our banking partners to the customer's bank for verification. Once it is verified, payments can be pulled from the customer's bank account.

How do I create a physical mandate?

You can prepare it manually in design software, or write an application to automate the populating of a PDF or image file.

What do end customers need to do with physical mandates?

End customers need to check the details on the mandate and then sign it, ensuring that the signature matches to the signature kept in their bank's records.

Can my customer scan and email the mandate to me?

Regulations state that you or your bank must hold the physical document.

What if my customer's bank account is a joint account?

If your customer's bank account is a joint bank account, they can sign the physical mandate in accordance with the mode of operation. For example, if the mode of operation is 'Either or survivor' or 'Anyone or survivor' then any of the joint account holders can sign the mandate. If the mode of operation is 'Jointly' then all of the account holders must sign the mandate.

Should I use physical mandates or electronic mandates?

Electronic mandates are better, easier, faster, cheaper and more secure than physical mandates. The current version of electronic mandates works with Aadhaar eSign, which means that you can only take electronic mandates from individuals - you can't take them from non-individuals like companies. For taking NACH Debit mandates from non-individuals, you need to use physical mandates.

Can I use both physical mandates and electronic mandates?

Yes. Most banks will gladly offer you a physical mandates service. We would be glad to serve you on electronic mandates.

Electronic mandates

What is an electronic mandate?

Electronic mandates are system-generated XML files that contain essentially the same information as physical mandates, but they also contain the customer's digital signature. Electronic mandates are designed to be read by computers, not people - you would have difficulty understanding the contents of an electronic mandate file.

Electronic mandates must be digitally signed by the customer via Aadhaar eSign.

What are the prerequisites for my customer to make an electronic mandate?

Your customer can submit an electronic mandate if all of the following conditions are met:

  1. Your customer is an individual.
  2. Your customer has an Aadhaar card.
  3. Your customer's bank is enabled for electronic mandates.
  4. Your customer's bank account can be operated by any one joint account holder if the account is jointly held.
  5. Your customer has linked their Aadhaar card to the bank account that they want to use for this subscription.
  6. Your customer has a valid and available mobile number or email address registered to the Aadhaar card. This is to receive a One Time Password from UIDAI via SMS or email.
  7. The size of the mandate is less than Rs 1 lakh.

If you do not pre-fill the customer's details before inviting them to subscribe, then we guide your customer through these requirements with simple questions. If they do not meet these requirements, we automatically direct the customer to the process for physical mandates. If you disable physical mandates, we inform the customer to contact you.

What if my customer's bank account is a joint account?

If your customer's bank account is a joint bank account, they can sign the electronic mandate only if the mode of operation is 'Either or survivor' or 'Anyone or survivor'. If the mode of operation is 'Jointly' then they cannot use electronic mandates.

What is Aadhaar?

Aadhaar is the government's unique national biometric ID for every resident of India.

What is linking of mobile to Aadhaar?

For eSign NACH Debit to work, the customer must have linked their mobile or email to their Aadhaar. This is to receive a One Time Password via SMS or email during the eSign process. Most people have added a mobile number or email address (or both) to their Aadhaar profile. If a mobile number has been linked, it appears on the Aadhaar card itself. This is the mobile number to which UIDAI sends One Time Passwords via SMS for Aadhaar-related services such as authentication and profile changes. If no mobile number appears on the Aadhaar card, it means the customer has not linked it. The customer can link mobile to Aadhaar by visiting any Aadhaar centre with the required document proofs for updating Aadhaar.

NB: Linking mobile to Aadhaar is not the same as linking Aadhaar to mobile. Linking mobile to Aadhaar is done in the UIDAI database, and one Aadhaar can only have on mobile number. Linking Aadhaar to mobile is done with the mobile network operator, and multiple mobile connections can have the same Aadhaar.

What is eSign?

eSign is the process of digitally signing an electronic file. There are many different types of digital signature, but the only one that is valid for electronic mandates is Aadhaar eSign.

Aadhaar eSign is a particular type of eSign that uses an individual's Aadhaar details to verify the identity of the individual and generate a temporary digital signature for signing an electronic file - in this case, an electronic mandate.

What does it mean to link Aadhaar to bank account?

For eSign NACH Debit to work, the customer must have linked their Aadhaar to their bank account. This means they should have updated their bank account profile with their Aadhaar number. All banks are encouraging their customers to do this, and most banks have enabled customers to do this in netbanking. Customers can do it in the bank branch too. The government has made it mandatory for customers to do so by 31st December 2017, under the Prevention of Money-laundering Act 2002.

NB: Linking Aadhaar to bank account is not the same as seeding Aadhaar to bank account. Linking means that a person has updated their bank account profile with their Aadhaar number - anyone can have multiple bank accounts all with the same Aadhaar number. Seeding is more specific: it is the process by which a person declares that they want direct transfer of government benefits to a nominated bank account. A person may only seed one of their bank accounts. Seeding is not necessary for eSign NACH Debit. Seeding automatically includes linking, so if a person has seeded a bank account then it means linking is done.

How does one know if Aadhaar has been linked to bank account?

Any bank customer can easily check in their netbanking if Aadhaar has been linked to their bank account. Alternatively, the customer can call their bank or visit their branch.

Which banks are enabled for electronic mandates?

The following banks are currently enabled as 'destination banks' for electronic mandates via eSign. 'Destination bank' means the bank of the end customer, from whom payment is being taken.

  1. Abhyudaya Cooperative Bank
  2. Andhra Bank
  3. Axis Bank
  4. Bank of India
  5. Bank of Maharashtra
  6. Bharat Cooperative Bank
  7. Canara Bank
  8. Central Bank of India
  9. Citibank
  10. DCB Bank
  11. Dena Bank
  12. Federal Bank
  13. HDFC Bank
  14. ICICI Bank
  15. IDBI Bank
  16. IDFC Bank
  17. Indusind Bank
  18. Kotak Mahindra Bank
  19. Oriental Bank of Commerce
  20. Punjab National Bank
  21. RBL Bank
  22. Saraswat Cooperative Bank
  23. Standard Chartered Bank
  24. SVC Cooperative Bank
  25. Syndicate Bank
  26. The Akola District Central Coop Bank
  27. The Cosmos Cooperative Bank
  28. The Hongkong & Shanghai Banking Corporation (HSBC)
  29. The Sutex Co-op Bank
  30. UCO Bank
  31. Union Bank of India
  32. Yes Bank
  33. Development Bank of Singapore
  34. Bihar Gramin Bank
  35. Corporation Bank
  36. The Varacha Coop Bank
  37. Karur Vysya Bank
  38. The Catholic Syrian Bank
  39. Tamilnad Mercantile Bank
  40. Kallappanna Awade Ichalkaranji Janata Sahakari Bank
  41. Bank of Baroda

NB: The sort order given is as per NPCI's website.

Coming soon:

  • State Bank of India
  • South Indian Bank
  • Adinath Coop Bank
  • Bandhan Bank
  • Karnataka Bank

New banks are getting enabled every week. Most of the leading banks will be enabled within a few months. If your customer's bank account is with a bank that is not enabled for electronic mandates, the only alternative is physical mandates.

How does the customer's bank verify the electronic mandate?

The customer's bank verifies the customer's Aadhaar eSign digital signature using a verification engine provided by the UIDAI. Since the customer has already updated their bank account profile with their Aadhaar, the customer's bank can easily verify that the person who signed the mandate is the same person who owns the bank account mentioned in the mandate.

Is there another way of doing electronic mandates?

Currently, Aadhaar eSign is the only way to create an electronic mandate. We will soon add two additional methods: your customer will be able to authorise an electronic mandate via netbanking login or via debit card and PIN. This is ideal for those customers (including non-individuals) who do not meet the prerequisites for Aadhaar eSign electronic mandates.

What if I need evidence of the electronic mandate?

We can provide a digitally signed confirmation letter of the details in the electronic mandate on demand.

Customer experience

What does my customer see on the payment page?

Customers always see an explanation that you want to charge them according to the payment plan that you invited them to subscribe to.

The rest of the process that your customer sees depends on what options you have selected for them.

A) Details pre-filled: If you have pre-filled the customer's details, they directly see the confirmation page. If you have enabled electronic mandates and the customer is eligible, the customer goes through the eSign process. If the customer is not eligible for electronic mandates, the customer goes through the physical mandate process.

B) Details not pre-filled: If you have not pre-filled the customer's details, the customer sees a simple step-by-step questionnaire to determine if they are eligible for electronic mandates. If you have enabled electronic mandates and the customer is eligible, the customer then goes through the eSign process. If the customer is not eligible for electronic mandates, the customer goes through the physical mandate process.

For electronic mandates, we guide the customer through the Aadhaar-based eSign process. The customer agrees to the resident consent for Aadhaar-based authorisation. They receive a One Time Password (six digit number) by SMS and/or email from UIDAI. They must enter this code on the page. If they enter the code correctly, they see a confirmation page and are sent to the redirect URL that you provide.

For physical mandates, we create a PDF mandate file and send that to your customer. The customer sees a confirmation page and they are sent to the redirect URL that you provide.

What name appears on my customer's bank statement?

In our Standard plan, both our name and your name will appear on your customer's bank statement. You can customise how your name will appear in the settings section of your LotusPay dashboard.

In our Pro plan, only your name appears on your customer's bank statement.

Can I host the payments page on my site?

Unfortunately it's not possible to host the payments page on your website. The payment process is technologically complex and we make it very simple. The system in which customer's details are stored must be on a secure server which is independently audited for data security up to CERT-IN standards. UIDAI regulations require that Aadhaar eSign must be performed on the eSign gateway page of an authorised KYC User Agency (KUA).

What communications do you send to my customer?

We send email notifications to your customer when you invite them to subscribe to your plans, when payments are collected, and when there are changes to their mandates. The email address is ours but the display name is yours. We Bcc all customer emails to you too. We do not send SMS notifications.

Can my customer use your dashboard?

No. The LotusPay dashboard is only for you - our client.

Do you provide customer support to my customers?

No. Our payments solution is for you - our client. You will need to continue supporting your customers. If they have questions about their payments, your LotusPay dashboard gives you all the information you need to answer their questions. If you need help, you can easily ask us.

NACH Debit

Which banks offer NACH Debit?

More than 900 banks in India offer NACH Debit, and they represent nearly all banking customers in India.

How long does it take to set up a mandate?

Electronic mandates are generally verified by the customer's bank within one or two business days. Physical mandates with private sector banks generally take two to three business days. Physical mandates with public sector (nationalised) banks generally take five to 10 days.

Can the mandate fail?

The customer's bank can reject creation of the mandate if it contains invalid information, for example if there is a wrong account number. Signature mismatches can cause physical mandates to get rejected. Electronic mandates are never rejected for signature mismatch because they are pre-authorised by the customer and the signature is an encrypted digital code, not a physical 'wet' signature.

If a mandate creation fails, we will inform you immediately along with the reason. You can easily invite your customer to try again.

How do I know that my customer will pay?

NACH Debit, like a cheque, is a negotiated financial instrument. The signer must honour payments agreed in the mandate. If the customer cancels the mandate or fails to honour the payments, you have legal recourse under Payment and Settlement Systems Act 2007.

Can the payment fail?

If your customer does not have cleared funds in their account, the debit will fail (just as a cheque bounces). You and your customer will both be informed by email, and you will also see it online. We will re-attempt the debit once, on the next bank working day.

There can be other reasons why payments fail such as: bank account closed or mandate cancelled. We will always inform you of the reason why a payment failed.

How does the money reach me?

Regular plans: If the plan is a fixed regular amount, you do not need to take any action. If the plan is a variable regular amount then you need to upload the required amounts no later than the day before the due transaction date.

Ad hoc plans: You need to upload the required amounts and dates.

On the due date of the transaction, we request the customer's bank to send funds as per the agreed mandate. The customer's bank sends the funds to our bank's nodal (intermediary) account. As soon as we receive the funds, we instruct our bank to pay out the funds to you but it can take one or two days for the funds to reach you. We do not earn any interest on your funds. You receive one bulk settlement for all the funds payable to you on that day from all your customers.

How do I reconcile my settlement?

In our simple online dashboard, you can easily view the customer debits and your settlement credits. You can export data to CSV with a single click and manipulate it in a spreadsheet or import it into your own application, CRM or accounting software. You can also use our API to do this.

Can I close my LotusPay account and keep my NACH Debit mandates?

Yes. If you want to stop using LotusPay, you can easily migrate your NACH Debit mandates out of your LotusPay account at any time, free of cost.

Invoices and GST

How do you collect your fees?

We deduct our fees after collecting funds from your customers and before paying out the funds to you.

Do you charge Goods & Services Tax (GST) on your fees?

Yes, we are registered for GST therefore we charge you GST on our fees.

LotusPay GST ID Number: 06AAKCM4109M1Z9

Is your system GST-compliant?

Yes. We report GST collections. If you report your GST paid to us, you will get input tax credit.

Do I get an invoice?

Yes, you can easily view your monthly tax invoices in our dashboard.

What if I am not registered for GST?

If you are not registered for GST, GST compliance does not affect you but since we are GST-registered you still have to pay us GST on our fees. We pay this GST to the government but you would not get the benefit of input tax credit (meaning you cannot claim offset for your paid GST against your received GST).

Security

Is NACH Debit safe?

NACH Debit is a payment system created and managed by the National Payments Corporate of India, and regulated by the Reserve Bank of India. It is a tried and tested payment method used by hundreds of institutions to collect recurring payments. It is an extremely robust payment system - for example, it is used by all mutual funds for collecting payments for systematic investment plans.

Is my data and my customer's data safe?

Our website uses SSL (Secure Socket Layer) for transmission of all data between users and us. Our system is hosted on secure servers in India and has stringent data security policies in place. Our system has been independently certified to ISO 27001 information security standards and in accordance with the Information Technology Act 2000 and applicable rules and regulations.

Who is checking that you are secure?

LotusPay has been audited and certified by an independent expert agency for our information and cyber security practices. The agency is empanelled by CERT-IN, the government's department for cyber security in the Ministry of Electronics and Information Technology.

Is my money safe?

NACH Debit is a highly regulated and robust payment system. LotusPay receives client funds into a nodal account: a non-interest paying account for client funds, legally controlled by our bank. Therefore client funds are entirely segregated from our own funds and we would not benefit from delaying disbursement to you. We generally disburse funds to you on the same day we receive them. RBI regulations state that client funds cannot be kept in a nodal account for longer than three days.

How do you deal with vulnerabilities?

We work hard to maintain a safe and robust platform. If you believe you have discovered a vulnerability, we ask that you disclose it to us in a responsible manner. Sharing vulnerabilities publicly puts our entire user base at risk, so we urge you to keep issues private until we have had a chance to fix the issue.

What if I see a problem?

Please report it immediately to us by emailing security@lotuspay.com and we will take swift action. If you disclose the vulnerability in a responsible manner, we will pay you a reasonable cash reward in recognition of your efforts in security research. We will not pay rewards for denial of service attacks or other deliberate disruption of our service.

Developer API

How does the LotusPay API work?

With the LotusPay API, you can seamlessly integrate our payments solution with your application. We provide you with an API key which is used for authenticated communications between our system and your system. Your developers can easily create powerful integrations with LotusPay and use our webhooks to pull any information into your application, and push instructions to us to create, modify and cancel customers, plans, subscriptions and payments.

How can I get started with the API?

Our API is currently in private beta. Get in touch with us if you would like to test it out. We will launch it soon for all of our clients. Meanwhile you can use our simple dashboard and its CSV import and export features.

Do you have a plugin for WordPress/Joomla/Drupal etc.?

We do not currently have any plugins - but they are in our road map for 2017. Meanwhile, please get started with our dashboard and API.