[alpha release][🇮🇳] ERPNext + HDFC Bank = Automated Payments!

Frappe Framework App Development
1

Hello everyone,

I’ve been working on a simple and secure way to make HDFC Bank payments from within ERPNext.

It has been developed as a custom app and requires v11. It uses selenium for automation. You can find the source code here:

Steps to use:

  1. Add Netbanking details in Bank Integration DocType (Integrations module).

1
11210×311 36.1 KB

  1. Make a Payment entry with payment type as Pay and choose appropriate Mode of Payment and Party.

2
21256×611 26.8 KB

  1. Select Make Payment Now checkbox, and add relevant details. Most of the details are auto-filled.

3
31184×770 50.1 KB

  1. Save payment entry and click Make Online Payment button.

    4
    41221×358 23.5 KB

  2. Accept the confirmation dialog.

5
51202×385 48 KB

  1. Upon Payment, you’ll find following proofs:
  • Reference No. field shall be filled:

6

  • A screenshot of Payment Successful page shall be attached to the payment entry:

Screenshot%20from%202018-09-05%2022-20-14

KIndly check this app out and share your valuable feedback over here or by posting an Issue/PR on Github.

Regards,
Sagar Vora

28 Likes
2

Thanks Sagar for your efforts. I think this is the first app developed that will make directly payment into a Bank versus other like Stripe etc.

Can this be customized for other banks or solely HDFC?

1 Like
3

Hi,

Thanks for the compliment. I’ve designed the app to easily incorporate other banks.

4 Likes
4

uh… how do you store the newtbanking username and password, how do you deal with beneficiaries not existing in the netbanking account and how do you deal with OTP?

edit: how does zoho and other cloud providers like odoo and even marg provide banking integration where any entry made in the bank shows up in the software for automatic or manual entry?

5

Hi,

  1. Netbanking username and password are stored in the Bank Integration DocType. Same can be accessed only by a user having the System Manager permission. I’m working on refining some permissions as well.

  2. Beneficiaries need to be added to the account manually as of now. Only existing beneficiaries are supported.

  3. For OTP, a prompt is raised to the user. Testing from your end would be beneficial in this regard.

  4. I think they partner with the bank for this purpose. This can be achieved with an unofficial API as well.

1 Like
6

Great work , what about bulk salary process like in hdfc bank support CSV bulk transaction ,

Thanks

1 Like
7

Hi,

This is an initial release, bulk transactions are not supported as of now.

8

That’s great !. But won’t this be violation of their Terms of Service ?

9

Hi,

I don’t see why that should be an issue.

See the terms here:
https://www.hdfcbank.com/htdocs/common/hdfcbank_tnc.htm#14

Technically, in backend, a browser is launched and emulates all the actions the user would otherwise perform to make the payment. So, it can be said that the user by pressing certain buttons has authorised the ERP to perform certain actions on his/her behalf.

10

i dont know. i would feel weird having my login details being saved somewhere which could give potential transaction rights.
how would you deal with malware that records login details. its a longshot but there is a malware deluge out there.
have you looked up how keepass deals with entering secured data into the browser? it obfuscates and uses multiple techniques to enter data. here, read this. you might get some ideas
https://keepass.info/help/v2/autotype_obfuscation.html

unoffcial api? there should be something. something like this? Bank Connect.en
or yodlee? also check this Marg ICICI Bank Integration Guide
see how marg does this. they have proper integration.

11

I understand what you’re saying. Let me clarify a bit:

  • A future version will have a special role (Online Payment Manager?) which will be authorised to make payment. A user not assigned to this role would be unable to make any kind of transaction.

  • Malware on your PC will affect your Netbanking as much as it will affect your ERPNext instance.

  • Frappe framework does a pretty good job at obfuscating sensitive data. You wouldn’t be able to retrieve the password once the document is saved from the client side. Frappe has special methods for this purpose, accessible only on the server-side.

  • To conclude, your Netbanking access will be only as secure as your ERPNext account. If you have enabled 2FA and have a secure password to go along with it, I don’t think there’s any potential issue.

Marg has a partnership with ICICI Bank:

If you do find any official API for HDFC Bank, please let me know.

1 Like
12

Seems no problem then.

BTW official api for Yesbank and RBL is available right now. So getting those integrated would be straightforward.

1 Like
13

Great initiative, We need to consider about GDPR also in future.

4 Likes
14

In the US and Canada a solution such as Plaid would be more wise since credentials wouldn’t be stored anywhere in the ERP database.

Looks like there are other similar aggregators out there for different countries that might work as well.

15

We have built a Plaid integration but have not used it yet because there is a $500/month minimum (1 year contracts). Our business model will sustain that once we launch but it might be tough for other SMBs to justify. If it works in our early usage we hope to pay to have it merged to the Core with the goal that it could be something that might make sense for ERPNext-hosted customers and increase adoption in North America.

16

Hi,

I have gone through the article in detail but I would like to know how can we get it setted up on our side as well and what would we need to do to?
As I would be interested in the app.

17

Hi,

Thanks for your interest.

The app is not production ready yet, as a few tweaks are required and it depends on ERPNext v11 which is pending stable release.

However, your feedback would be appreciated to get this app production ready.

To test this app, follow these instructions:

  • Ensure you have a development instance running with ERPNext v11 and SocketIO enabled.
  • Install this app using this command:
    bench get-app https://github.com/sagarvora/bank_integration
  • Ensure that your HDFC bank account exists in the Bank Account DocType.
  • Add your bank details in Bank Integration DocType accessible using the awesome bar (Ctrl + G) or Integrations module.
  • Add supplier bank details in the relevant supplier’s form. Please note that the supplier’s beneficiary details need to be added manually to your NetBanking as of now.
  • Follow the steps in the first post to test payment.

If you need any further help, feel free to message me.

EDIT: If you want to see what happens in the background, you can comment out this line:

18

Hi,
HDFC Bank has deployed a system for server to server communication using Snorkel-BX.

Essentially, the data transmission between the ERP server and the Bank server takes place using a proprietary tool. From the ERP side, the file generation and reading for data interchange are required.

 I can share the limited documentation I have with someone if this is of interest.

Thanks

19

Could you please share that with me? Thanks.

20

Hi,
The relevant files are here google drive.

Thanks