The Anatomy of a Digital Wallet App
Fintech apps are all the rage, but what are the essentials in creating one?
This post aims to describe the technical parts of a digital wallet app and to strip it down on a high level for easier understanding by a layperson. This was originally posted in my GCashResource blog.
As I’ve worked in GCash (a Philippine fintech company) for several years, I have a grasp on how the app works on principle. Building a digital wallet seems simple in theory, but it has a lot of moving parts needed to work together. It also needs to be regulated as it handles user's money and data. Coupled with the fact that it should scale into millions of users is a herculean feat altogether.
The Basics
If you strip off all of the abstracted layers, a digital wallet app is just a user or a merchant having a wallet, and they can transfer money to other wallets owned by other users or merchants as a form of transaction.
However, when you think deeper about it, one of the first things you would need to do is to assign this wallet to the user or merchant. You would need them to register to your system that handles all the wallets. This means you need to do onboarding.
Onboarding
Once you're having users or merchants register, then you should also validate what data they are registering. This process is called "Know-Your-Customer" (KYC) for users, and "Know-Your-Merchant" (KYM) for merchants.
Because we are handling money, there are also certain regulations we need to follow like "Anti-Money Laundering" and "Data Privacy" related laws which mandate doing KYC validation properly and protecting the data from breaches and leaks. These make onboarding more difficult as there needs to be more checks and validations, and also making sure that the databases you put customer and merchant data into are secure.
KYC is simply having the user identify himself and prove this identity. This means for any personal data they input, there should be proof that it is true --- meaning, there should be a government-recognized document that says it is so. This is why we need to send a picture of an ID that has this info. Another thing to require is if the user registering is the actual user himself --- this is why there's a selfie check as well. KYC also needs to screen the users if they are high-risk or not and ask for more documents if needed.
KYM is more complex. You first need proof that your business is legit and that you are authorized to operate in the country. So the requirements usually are a lot, but I won't be listing these here.
Validation of KYC and KYM needs a lot of manpower and/or automated tools to make this happen. Even if you make this fully automated, you still need people to spot-check to see if everything is above board.
Transactions
Transactions in a digital wallet ecosystem involve balance moving from one wallet to another. It can be done in three ways --- user-to-user, user-to-merchant (payments), or merchant-to-user (disbursements).
If money is freely flowing, then there is a chance that money laundering can take place. This is why one of the regulations that digital wallets should follow is the Anti-Money Laundering Act. This makes it mandatory to check amounts coming in and out of all wallets and also imposes limits on sending and receiving funds.
This is also why great care is being exercised in checking for suspicious transactions. A typical digital wallet backend would likely be implementing a "risk checking engine" that checks and flags these transactions automatically.
Putting Money In and Out
A wallet balance contains virtual money that is meant to be convertible 1:1 to actual fiat currency. For GCash, any peso in the balance is an actual peso in real life. So, how do we convert actual currency to virtual currency? We need cash-in agents.
How cash-in works is that cash-in agents should have the virtual money in their wallet ready already. Once a user gives actual currency to an agent, the agent sends the equivalent virtual money to the user's wallet. Another implementation of this is a bank deposit to the wallet balance.
Cash-out works the opposite way. The agent needs to have ready cash so that when the user sends him the virtual money, the agent hands over the equivalent virtual money to the user. Likewise, this can also be a withdrawal that goes out into a bank account.
Cash-in and cash-out also are essentially payments and disbursements, no matter what the channel is. Refunds are mainly reversals of the transaction that went in place.
Reconciliation
The last basic step is reconciliation, or making sure that every amount is accounted for. Every wallet is essentially a journal and each journal has a report for auditing purposes. At the end of the day, the amount of virtual money should match the actual money that came in all of the wallets in circulation.
This step also handles the settlement process for merchants as the funds in their virtual wallets need to be deposited into their settlement accounts (like bank accounts) to turn back into actual money.
Users and merchants both should have easy access to the reports of their respective wallets and for users, we can see this through a transaction history. Merchants can be sent reports as well.
How to Monetize?
Operating a digital wallet is naturally a net loss endeavor. With all of the regulations that need to be followed alongside the basics that need to be done, how do digital wallet companies even earn money? The answer is through fees and value-added services.
The most logical place you can add fees is when the funds come in, or when you are transacting with it. But you can't readily put fees on all types of transactions, as it would discourage users from using their wallets altogether.
So this is where we can see services like Pay Bills or Open Savings Accounts where it is acceptable to ask for small convenience fees. Payments and disbursements through merchants may also have their fees, but invisible to the users.
The value of the network also multiplies the amount of the earnings you can get, and so you can see a lot of different services being offered. In the case of GCash, you have loans, insurance, savings, wealth management, and e-commerce products within the app. Ads can also add revenue as real estate becomes more valuable the more users come in.
Eventually, fintechs will find different innovative ways to monetize. Some digital wallets pivot and focus on banking and B2B services. Some leverage their existing store network to gain users and add value to purchasing products. Others capitalize on personal loans to gain their user base.
The Usual Problems
Funding
The truth is most fintech companies run in the red. Only a small handful (like GCash) is profitable. They all burn their funds in acquiring users and merchants and this is why you see so many subsidies and promos in digital wallets during growth phases. Eventually, once it becomes unsustainable, they put on fees to compensate. Or they find investors to somehow fund enough growth to go over the red hump.
Scaling
It is hard to scale. You need to either plan for it before you start or do it while in the thick of it. Users don't see it, but there is a lot of backend stuff you need to do to maintain so that you can minimize downtime as you grow. GCash has reportedly 70+ million users and counting. Imagine the architecture that needs to support such traffic.
You also need people to monitor and mitigate problems as they happen. It's bad vibes all around when your app breaks down in the middle of the day while people are queueing during lunchtime or at the supermarket.
Cybersecurity
At the end of the day, a digital wallet handles two important things --- money and personal information. If either one is lost, the reputation of the wallet will plummet. Also, government regulators will be breathing down their necks, with fines and possible litigations soon. This is why a lot of effort, planning, and personnel is needed to make systems secure.
This also includes safeguarding people from making mistakes themselves. Account takeovers are usually people who got scammed and gave away their passwords and OTPs. Making friction high enough to discourage scammers while maintaining usability for normal users is a difficult balancing act.
Regulations
When adding a service, there also needs a requirement to follow the law regarding that requirement. We have the Anti Money Laundering and Data Privacy Laws as guides. But once you add some more government-restricted add-ons to the app, you also need to follow the regulations around those features as well. Same as with loans and insurance.
Eventually, when there are a lot of rules that need to be checked, there also needs some legal counsel that needs to be consulted. Not to mention the multiple contracts that need to be reviewed, as well as cases that potentially need to be filed in court. A digital wallet company would likely need to employ in-house lawyers and risk management teams just for this purpose.
Customer Support
Customer Support is also tied with scaling as more and more people use the app, and the more you need to handle issues when things go wrong for users. Either you would need good automation in the form of chatbots, or you can hire more people to resolve issues 24/7.
Another factor is the complexity of the app. If the app offers a lot of different features and services, your help center should also cater to resolving issues of that complexity. There should also be a knowledgebase of sorts so that the support people can have a common reference to check how to resolve issues. There should also be tiers of support where more technical problems can be investigated and solved by those higher in level.
Wrapping Up
I was able to talk about the anatomy of a digital wallet app --- all of the moving pieces needed to operate such an app. This is not only limited to digital wallets but to fintech apps in general. There would be overlaps and extra steps, but the pieces needed will essentially be the same.
The basic parts of a digital wallet app are onboarding, transactions, and reconciliation. Once you get the basics right, you can scale your business by adding services to make users stay and transact. The network effect will provide value as more and more users come into the platform.
Eventually, you would need to monetize by adding fees to transactions and services. This cycle then repeats and maintaining profitability is a balancing act with making sure the app scales and security and regulations are being kept.