...DuitNow AutoDebitIntegrationOverview

We've Launched a New Documentation Website (Beta Launch)

The documentation for DuitNow is now available on our newly launched documentation platform. This is an initial beta rollout of our new documentation site, designed to become the long-term home for all documentation moving forward.

You'll find the familiar content you're used to—now hosted on a new platform that will progressively receive updates and enhancements.

We encourage you to start accessing DuitNow materials there to explore the new experience and ensure you're viewing the latest documentation updates. If you have any feedback, please reach out to us.

Visit the New Documentation Website

Overview

The DuitNow AutoDebit API allows your application to collect recurring payments based on a one-time customer consent. Once consent is granted, the API enables you to automate payment collection from your customers' Current Account Savings Account (CASA), Line of Credit (LOC) Account, or eWallet. The API supports identifiers such as mobile number, MyKad/passport, army/police ID, Business Registration, or bank account number(s) for payment authorization.

DuitNow AutoDebit - Initiated from DuitNow Pay Flow

Step	Sender	Receiver	Process
1	Customer	Merchant	Customer checkout items from Merchant website Note: This process is outside RPP system
2	Merchant	Merchant Acquirer/System Integrator	Merchant performs the following Initiates a Debit request to Merchant Acquirer/System Integrator Note: Transaction type: 220
3	Merchant Acquirer/System Integrator	DuitNow Pay	Merchant Acquirer/ System Integrator performs the following Initiates a Debit request to DuitNow Pay Note: Transaction type: 220
4	DuitNow Pay	RPP	DuitNow Pay performs the following Initiates a Debit request to RPP Note: Transaction type: 220
5	RPP	Issuer	RPP performs the following Message Validation (includes signature validation) Consent ID Validation Maximum Amount Validation Minimum Amount Validation Payment Validation Merchant ID Validation Merchant Product ID Validation Liquidity Position Check If any Message Validation fails, RPP will  Send a REJECT response to DuitNow Pay If any Business Validation fails, RPP will  Send a Payment Status with NEGATIVE response to DuitNow Pay  If all validations are successful, RPP will:  Lookup Issuer Information based on Consent Information Lookup Acuirer Information based on Merchant ID and Product ID Send the Debit Request to Issuer Start timer Note: No SAF and RPP to instruct Issuer to refund if no response received Transaction type: 220
6 & 7	Issuer	RPP & Customer	Issuer performs the following Message Validation Message Format Validation Digital Signature Validation Business Validation Consent Information Validation  Mandatory and conditional fields validation Debtor Account Validation Debit customer account If any Message Validation fails, Issuer will  Send a REJECT response to RPP If any Business Validation fails, Issuer will  Send a NEGATIVE response to RPP If all validations are successful, Issuer will  Debit customer account Notify customer Send a SUCCESSFUL response to RPP Note: Transaction type: 220
8	RPP	DuitNow Pay	RPP performs the following: Stops timer  Message Validation (includes signature validation) Business Validations Message Logging  If all validations are successful, RPP will If successful response, Send the Issuer status with SUCCESSFUL response to DuitNow Pay Update liquidity and settlement positions of both Issuer and Acquirer If negative response, Not update liquidity and settlement positions of both Issuer and Acquirer Send the Issuer status with negative response to DuitNow Pay If REJECT response, Not update liquidity and settlement positions of both Issuer and Acquirer Send the Issuer status with REJECT response to DuitNow Pay Note: Transaction type: 220
9	DuitNow Pay	Merchant Aquirer /System Integrator	DuitNow Pay performs the following:  Message Validation (includes signature validation) If all validations are successful, Merchant Aquirer /System Integrator will Update customer on the payment status
10	RPP	Acquirer	RPP performs the following Store Credit Transfer request in SAF Begin submitting Credit Transfer request to Acquirer Check for retry necessity base on the following parameters:- SAF Maximum Distribution Rate (msg/sec) aka TPS SAF Message Response Timer (sec) SAF Message Retry Limit SAF Open Session Limit SAF Timeout Count SAF Pause Period (sec) after consecutive timeouts SAF Out Payment Tolerance Period If retry is required, Send repeat Credit Transfer Request to Acquirer Start timer Note: SAF will automatically send requests to Acquirer up to the number of maximum retry Once maximum retry has been exceeded with no response, Participant must check the Exceptional SAF Report Transaction type: 080
11	Acquirer	Merchant	Acquirer performs the following: Message Validation (includes signature validation) Beneficiary Account Validations If any Message Validations fail, Acquirer will Initiate the return of fund separately If all validations are successful, Acquirer will Credit Merchant account Notify Merchant

AutoDebit – Initiated from Bank Flow

Once customer consent is obtained, the DuitNow AutoDebit API allows the Merchant/Biller to initiate a AutoDebit instruction to pull funds from the customer's account via the Crediting Agent.

Step	Sender	Receiver	Process
1	Merchant	Acquirer	Merchant initiates Debit request
2	Acquirer	RPP	Acquirer performs the following Submits Debit request to RPP Note: Transaction type: 210
3	RPP	Issuer	RPP performs the following Message Validation (includes signature validation) Consent ID Validation Expiry Date Validation Consent Amount Validation Maximum Amount Validation Minimum Amount Validation Payment Validation Merchant Validation Liquidity Position Check If any Message Validation fails, RPP will Send a REJECT response to Acquirer If any Business Validation fails, RPP will Send a Payment Status with NEGATIVE response to Acquirer If all validations are successful, RPP will: Lookup Issuer Information based on Consent ID Send the Debit Request to Issuer Start timer Note: No SAF and RPP to instruct Issuer to refund if no response received Transaction type: 210
4 & 5	Issuer	RPP & Customer	Issuer performs the following Message Validation Message Format Validation Digital Signature Validation Business Validation Mandatory and conditional fields validation Debtor Account Validation Check if customer has sufficient funds Consent Information Validation If any Message Validation fails, Issuer will Send a REJECT response to RPP If any Business Validation fails, Issuer will Send a NEGATIVE response to RPP If all validations are successful, Issuer will Send a SUCCESSFUL response to RPP Notifies customer on the Issuer status Note: Transaction type: 210
6	RPP	Issuer	RPP performs the following:  Stops timer Message Validation (includes signature validation) Business Validations If all validations are successful, RPP will If successful response, Update liquidity and settlement positions of both Issuer and Acquirer Send the Issuer status with SUCCESSFUL response to Acquirer If negative response, Not update liquidity and settlement positions of both Issuer and Acquirer Send the Issuer status with NEGATIVE response to Acquirer If REJECT response, Not update liquidity and settlement positions of both Issuer and Acquirer Send the Issuer status with REJECT response to Acquirer Note: Transaction type: 210
7	Acquirer	Merchant	Acquirer performs the following: Stops timer Message Validation (includes signature validation) Business Validation If all validations are successful, Acquirer will Notify merchant on the Issuer status Note: If the signature received from RPP could not be verified, Acquirer will base the status of the transaction on the actual transaction status received from RPP.

Successful Pre-Auth Flow

Step	Sender	Receiver	Process
1	Customer	Merchant	Customer checkout items from Merchant website Note: This process is outside RPP system
2	Merchant	Acquirer	Merchant performs the following Validate consent Initiates a Pre-Auth request to Acquirer Note: Integration to Acquirer outside of RPP system
3	Acquirer	RPP	Acquirer performs the following Message Validation Business Validations If any Message Validation fails, Acquirer will Send a REJECT response to Merchant If any Business Validation fails, Acquirer will Send a Payment Status with NEGATIVE response to Merchant If all validations are successful, Acquirer will: Send the Pre-Auth to RPP Start timer Note: Transaction type: 871
4	RPP	Issuer	RPP performs the following Message Validation Message Format Validation Digital Signature Validation Business Validation Mandatory and conditional fields validation Consent ID Validation Expiry Date Validation Consent Amount Validation Maximum Amount Validation Minimum Amount Validation Payment Validation Timeout Validation Merchant Validation Debtor Validation If any Message Validation fails, RPP will Send a REJECT response to Acquirer If any Business Validation fails, RPP will Send a NEGATIVE response to Acquirer If all validations are successful, RPP will Lookup Issuer Information based on Consent ID Initiates sending Pre-Auth Request to Issuer Start Timer Note: Timeout is 20 Secs Transaction type: 871 Pre-Auth Amount has to be within Consent Max Amount Hold Days have to be within Consent Expiry Date
5 & 6	Issuer	RPP	Issuer performs the following: Message Validation (includes signature validation) Check Debtor funds Other Business Validations Consent Information Validation If any Message Validation fails, Issuer will Send a REJECT response to RPP If any Business Validation fails, Issuer will Send a NEGATIVE response to RPP If all validations are successful, Issuer will Hold Debtor funds equal to Pre-Auth amount Send a SUCCESSFUL response to RPP Note: Transaction type: 871
7	RPP	Acquirer	RPP performs the following: Stops timer Message Validation (includes signature validation) Message Logging Note: Transaction type: 871
8	Acquirer	Merchant	Acquirer performs the following: Stops timer Message Validation (includes signature validation) Business Validation If all validations are successful, Acquirer will Initiates Real-time Debit. Go to 5.4.1.2

Successful Pre-Auth AutoDebit Flow

Step	Sender	Receiver	Process
9	Merchant	Acquirer	Merchant initiates Pre-Auth AutoDebit request to Acquirer
10	Acquirer	RPP	Acquirer performs the following Validate merchant information Start timer If validation successful, Acquirer will Initiates Pre-Auth AutoDebit request to RPP Note: Transaction type: 230
11	RPP	Issuer	RPP performs the following Message Validation (includes signature validation) Consent ID Validation Expiry Date Validation Consent Amount Validation Maximum Amount Validation Minimum Amount Validation Payment Validation Liquidity Position Check Merchant Validation If any Message Validation fails, RPP will Send a REJECT response to Acquirer If any Business Validation fails, RPP will Send a Payment Status with NEGATIVE response to Acquirer If all validations are successful, RPP will: Lookup Debtor Info based on Consent ID Send the Debit Request to Issuer Start timer Note: Transaction type: 230
12 & 13	Issuer	RPP	Issuer performs the following Message Validation Message Format Validation Digital Signature Validation Business Validation Mandatory and conditional fields validation Debtor Information Validation Consent Information Validation If any Message Validation fails, Issuer will Send a REJECT response to RPP If any Business Validation fails, Issuer will Send a NEGATIVE response to RPP If all validations are successful, Issuer will Drop pre-auth Debit customer account Send a SUCCESSFUL response to RPP Note: Transaction type: 230
14	RPP	Acquirer	RPP performs the following: Stops timer Message Validation (includes signature validation) If all validations are successful, RPP will If successful response, Update liquidity and settlement positions of both Issuer and Acquirer Send the Issuer status with SUCCESSFUL response to Acquirer If negative response, Not update liquidity and settlement positions of both Issuer and Acquirer Send the Issuer status with NEGATIVE response to Acquirer If REJECT response, Not update liquidity and settlement positions of both Issuer and Acquirer Send the Issuer status with REJECT response to Acquirer Note: Transaction type: 230
15	Acquirer	Merchant	Acquirer performs the following: Stops timer Message Validation (includes signature validation) If all validations are successful, Acquirer will Notify merchant on transaction status
16	Merchant	Customer	Merchant performs the following: Update customer on transaction status

AutoDebit – Cancellation

Step	Sender	Receiver	Process
1	RPP	Issuer	After timeout has occurred, RPP performs the following Store Direct Debit Cancellation request in SAF Begin submitting AutoDebit Cancellation request to Issuer Check for retry necessity base on the following parameters:- SAF Maximum Distribution Rate (msg/sec) aka TPS SAF Message Response Timer (sec) SAF Message Retry Limit SAF Open Session Limit SAF Timeout Count SAF Pause Period (sec) after consecutive timeouts SAF Out Payment Tolerance Period If retry is required, Send repeat AutoDebit Cancellation Request to Issuer Start timer Note: SAF will automatically send requests to Issuer up to the number of maximum retry Once maximum retry has been exceeded with no response, Participant must check the Exceptional SAF Report Transaction type: 872
2	Issuer	RPP	Issuer performs the following: Message Validation Message Format Validation Digital Signature Verification If any Message Validation fails, Issuer will Send a REJECT response to RPP If all validations are successful, Issuer will Send a SUCCESSFUL response to RPP Reverse any debit performed on Customer Note: Issuer shall not reject transactions coming from the SAF queue Transaction type: 872