External institutions
Connected to PayNow API
26 Mar 2026
Security and integration

Harden institution access and connect to the PayNow platform

Government institutions operate with role-based access, audit logs, 2FA, IP restrictions, and direct integration to the PayNow API platform.

Security controls
4
RBAC, 2FA, audit, IP restrictions
Platform dependencies
4
Transaction service, Ledger, Settlement, Risk engine
Published events
3
government.bill.created, government.payment.received, government.revenue.settled
Integration mode
Direct
Portal to PayNow API

Role-based access by institution and service type

Applied to institution access, operational approvals, and audit-ready payment management.

Government-grade baseline

Two-factor authentication for institution users

Applied to institution access, operational approvals, and audit-ready payment management.

Government-grade baseline

IP allow lists for finance and reconciliation teams

Applied to institution access, operational approvals, and audit-ready payment management.

Government-grade baseline

Immutable audit logs for user, action, timestamp, and IP

Applied to institution access, operational approvals, and audit-ready payment management.

Government-grade baseline

Platform integration map

Core services behind the portal and representative domain events.

LayerComponentPurposeExample
Portalpaynow-government-portalExternal institution operationsBilling and reconciliation
APIPayNow APICommand and query interface/v1/government/bills
CoreTransaction service and ledgerRecord payment eventsgovernment.payment.received
CoreSettlement and risk engineRelease funds and control exceptionsgovernment.revenue.settled