Payfone

Challenge

Payfone is a mobile payment company that needed a payment platform for online web merchants to accept mobile phones as a payment instrument. Payfone empowered pre-paid mobile subscribers all over the world to use their mobile phone balance to purchase low priced to high priced online digital content, e.g. music, ringtones, and mobile apps. Payfone targeted emerging and development countries where credit cards and bank accounts were rare for the general population.

Payfone approached HiTech to create a highly available, secure, global HTTP based web API to support online merchant activities and connect to mobile carrier systems all over the globe.

Requirements

The web API had to support three basic activities, phone authentication and verification, transaction capture and processing, and billing support including reconciliation. Phone authenticated required the server to manage an asynchronous direct conversation with the phone handset to verify possession and approve use of the pre-paid balance. This required both standard API’s and custom integration with each mobile carrier allowing transactions. The server had to manage merchant requests and result notification during the merchant check-out process.

Transaction capture and process required similar syntax as normal credit card transaction including immediate bill and capture then bill. The server need to verify available balance to approve/decline the transaction and properly age capture transactions. This required direct integration to international data roaming platforms and secure transaction handling.

Billing support provided “after the transaction” support for viewing individual subscriber billing history, processing refunds, and for transaction reconciliation for payment disbursements.

The server needed to be secure, fast, and “attack-proof” in order to support transactions involving money regardless of the value, plus allow in-page or in-app integration as well as low level API integration.

The Payfone requirements had to be fully defined include both functional and non-functional needs because it processed real money. HiTech helped create and maintain the official requirement document insuring they accurately describe the system that finally launched.

Implementation

Implementation was targeted towards mobile operators and online merchants. Billing system leveraged mobile operators existing infrastructure to provide services for the purchase of mobile and online based content that is billed directly to the subscribers mobile account (pre-paid or post-paid).

Key features implemented were mobile subscriber activation and authorization, prevention of fraud, services analytic checks, interaction with mobile operators’ billing system, enable refunds and chargebacks, reporting and real-time access to transactional data via dashboard. Valuable part of solution implemented was separation of its architecture into two subsystems, enabling to add new operator dynamically without any impact on merchants with zero downtime. Front-end interface was developed using flexible SOAP based API for cross-platform support. To provide end-to-end security all communications between merchant and services were over HTTPS. For added trust WS-Security 1.1 protocol was used to sign and encrypt SOAP messages. The system was integrated with mobile operators (TMO, Verizon, Vodafone, Rogers, Bouygues, McTel, O2, Tele2, Telus, 3UK) and support services (Mach Number Lookup, Ckatell Bulk SMS Gateway, NetNumber Carrier-ID Data, PayPal, ParlayX, RoutoMessaging Number Lookup).

Implementation were based on technologies: C# .NET 4.0 (ASP.NET, ADO.NET, WCF, Web-Services, Win-Services, Win Forms, Multithreading); Oracle (ODP.NET); JavaScript (jQuery, ASP.NET AJAX); MSTest.

Implementation took approximately 1 year of development before the first public release.

Integration

Extending API and integrating with existing merchant side online solutions were the main focus of enhancements. New SOAP API service calls with complex server side logic were continously adding to serve requests from merchants systems to the Payfone system.

Upon signing agreements with new mobile operators the system were dynamically changing and new modules responsible for communication with mobile operator’s side APIs were adding.

Project Summary

The Payfone server processed money and depended on high quality development and testing to certify its integrity. HiTech’s technical experience in mobile development and high volume transactional system combined with their governance process guaranteed the server was delivered precisely as defined and on time.