JavaScript is disabled. Some features may not work. You can also read the static version: View text version

API eMandate errors

API eMandate authorisation can return an error if the NPCI rejects the request or response.

See API eMandate checkout flow to learn more about the end-to-end redirection and when a customer would see an error.

API eMandate authorisation in ONMAGS (NPCI's Online Mandate Approval Gateway System) can return errors due to various reasons.

These are numbered error codes (as opposed to rejection reasons that are prefixed with AP). They represent technical or validation errors in LotusPay's request to NPCI, or technical errors in the destination bank's response to NPCI.

Here is the full list of NPCI error codes (two sheets).

Scenario A: LotusPay request rejected by NPCI

MndtRejResp (meaning Mandate Reject Response)

This means the request did not even cross the NPCI gateway, and LotusPay received the response.

Source remains in pending status, and the response may contain the error details.

These are numbered error codes representing technical or validation errors in LotusPay's request to NPCI. These appear in the Errors_LotusPay-to-NPCI worksheet in the above Google Sheet.

These errors are rare and are usually due to NPCI technical issues or destination bank suspensions. However, if the issue is something we can fix, we normally fix it within minutes or hours. If you find any such error which is not promptly fixed, please email support@lotuspay.com with details.

Typical codes are:

180 - Merchant Signature validation failed. This means NPCI cannot verify that our encryption/signature certificate is mapped to the creditor NACH utility code. This is done at setup and doesn't change unless you ask the sponsor bank to make changes. Contact LotusPay Support.
478 - DestBnk not certified. This means NPCI has disabled this destination bank. This is usually temporary. Try again later.
486 - No Variant is eligible for Selection. This means NPCI has disabled the auth mode for this destination bank. This is usually temporary. Try again later.
487 - No Variant is eligible for Selection. This means NPCI has disabled all auth modes for this destination bank. This is usually temporary. Try again later.

Duplicate request validation by NPCI

In September 2021, NPCI implemented duplicate request validations in ONMAGS.

"Any transaction that carries same combination of Corporate Utility Code, Corporate Sponsor Bank, Category Code, Customer Account Number, Max Amount/Fixed Amount, Destination Bank of any other transaction that is initiated on the same day will be considered as a duplicate request and gets rejected by NPCI."

Their stated intention is to improve platform stability by blocking repeated futile attempts. You should not see any adverse impact on the real success rate.

606 – “Duplicate Request” (If the customer initiates a duplicate transaction which is already successful)
- Customer won't see this error unless you create duplicate sources and one gets successfully submitted, then the other would show this error.
607 – “Request in progress” (if the customer initiates a duplicate transaction which is already in progress)
- Customer should avoid abandoning the journey on a source request and reattempting within 5 minutes. If they saw some error during first attempt, they should complete the journey end-to-end to ensure we can capture the error. After 5 minutes, NPCI releases the case if no response is received from destination bank. Then customer can retry with the same source. This is better than creating a new identical source, as one source can have multiple auth attempts and you can track its history.
608 – “Duplicate Request <Reject reason by Bank>” (If the customer initiates duplicate request which is already declined by the destination bank on the same day. This is true for both retrying an existing source, or attempting a new source.)
- "Among the bank rejection codes, for some reject codes the system will allow customer to initiate duplicate request for maximum 3 times (per day) while for other reason codes duplicate request will not be allowed. [list of reject codes allowed for representation along with limit is mentioned in attached sheet]."
- NPCI gives the message "Duplicate Request" followed by the underlying error reason e.g. "608 - Bank Restricts Duplicate request. No such account." Here the "No such account" narration refers to the underlying error i.e. AP05. Refer to the Google Sheet linked in this article for the underlying errors. Customer can attempt again in certain scenarios. NPCI has given the scenarios in which it allows re-attempt on the same day, and the number of attempts permitted e.g. AP39 OTP Invalid - 3 attempts allowed.

Scenario B: Destination bank response rejected by NPCI (Accepted = false)

MndtAccptResp (meaning Mandate Accept Response) with Accptd = false, and a numbered reason code.

This means the request crossed the NPCI gateway but the destination bank did not give NPCI a valid response.

Source remains in pending status, and the response contains the error details.

These are numbered error codes representing technical errors in the destination bank's response to NPCI. These appear in the Errors_Bank-to-NPCI worksheet in the above Google Sheet.

The destination bank should fix this. These errors are common. You can report this error - see 'Reporting technical errors' below.

If the error is a structural code problem, banks generally take one to three months to fix them. You'll know this if the same error is repeated for a long period. If the same error is repeated for a long period only with a specific set of input values, but other input values are working fine, it's possible that you've met an edge case that the bank is mishandling. In this situation it's best to try alternative input values rather than wait for the bank to fix the issue.

If the error is a temporary bank server issue, the customer can retry with the same source authorisation link if you sent it to them (invitation method).

Typical codes are:

257 - Error in decrypting Accepted value. This means NPCI could not decrypt the bank's response (either Accepted = true, or Accepted = false).
474 - Bank returned error XML. This is a generic error given by NPCI to indicate that the bank did not give a valid response structure/format.
475 - Invalid bank response received. This is a generic error given by NPCI to indicate that the bank did not give a valid response code.

Scenario C: Other technical errors

If the checkout redirection is failing without an ONMAGS error code then you may also report it to us in the below format. For example, if the bank website is hanging and the customer could not proceed so they closed their browser, or if the bank website is showing some error.

Source remains in pending status, and the response remains empty. However, the auth_attempt count would increment to a positive number.

If the error is a temporary bank server issue, the customer can retry with the same source authorisation link if you sent it to them (invitation method).

Handling errors

When an eMandate authorisation error occurs, LotusPay informs you via webhook if you have provided a webhook URL. You can also view the error in the LotusPay dashboard on the source page.

Depending on your integration method, your customer can reuse the same source eMandate link or you can create a new one for them.

Known issues

Previously reported issues are tracked here.
We do not track most destination bank rejections as there is generally no need: the bank is entitled to deny authorisation. However, if you are very sure that the bank is wrongly denying authorisation then you may report it to us in the format below.
We regularly report NPCI rejections and technical errors to NPCI and they ask the destination banks to fix them. There’s no guarantee of if or when the bank will fix the error. Over time, destination banks are gradually fixing errors and the payment system is improving.

Reporting technical errors via LotusPay

First, check if it is a known issue in the above link.
If it is a known issue, wait until the bank resolves it and we update the tracker.
If it is a new issue and you want us to report it to NPCI to report to the destination bank, please write to support@lotuspay.com with the following details:

Email subject: Technical error in source emandate_api authorisation SC00.. (put the Source ID)
Email body:

Date and time e.g. 17:15 21-03-2021
Source ID e.g. SC0053M4T938XE
NACH Bank Code of the destination bank e.g. ICIC
Auth mode (net-banking or debit card or Aadhaar) e.g. net-banking
Stage at which error was seen (before bank login / after bank login) e.g. before login
Error code e.g. 474
Error message e.g. Bank Returning Error XML
Screenshot

LotusPay will report the issue to NPCI. NPCI will report the issue to the destination ban. The destination bank may review and respond. They typically take one to three months to fix errors.

Reporting technical errors directly to the destination bank

You can ask the customer to contact their bank branch.

Alternatively, you can directly contact the technical team in the destination bank. NPCI publishes the contact details of all destination banks at this link - see "Onmags bank contact details".

Reporting technical errors directly to NPCI

You can join NPCI's "eNACH concerns" WhatsApp group. This group has participants from NPCI, sponsor banks, destination banks and merchants. They frequently post issues, resolutions and updates. This group is the fastest way to know the latest information. LotusPay is not responsible for this group.

To join the group, email your name, designation, company and WhatsApp mobile number to nachsupport@npci.org.in or you can try joining via this invite link: https://chat.whatsapp.com/ERhSPqQdN8SJEXeFAbmCAB

Have questions?
Need help? Contact support
LLM? Read llms.txt