Beginning August 1, 2025, efforts are being made to UPI in India to reduce the way it handles high traffic and prevent interruptions. NPCI has instructed banks and payment service providers (PSPs) in a circular to limit use of 10 key Application Programming Interfaces (APIs) on the UPI platform by the end of July 2025.
The 10 APIs allow customers to check their balance, view current transaction status and activate payment schedules. The focus is to ease the stress on the UPI system and stop outages. NPCI wants to guarantee that digital payments are reliable and efficient by applying these new measures.
Both Banks and Payment Service Providers should ensure there are limits on how many API requests to UPI are sent, including both those initiated by customers and by their systems, the circular dated May 21, 2025 requires.
The NPCI has stated that if these API guidelines are not followed, API processes may be limited, penalties may apply, customer onboarding may not be allowed or other actions could also be taken.
NPCI has issued the following restrictions for UPI
You can only check up to 50 account balances in total within the app, each day. So, if you’re using Paytm and PhonePe, you can check your balance 50 times in each app.
Linked Account Queries: Only 25 can be made per app, every day, after a user gives explicit approval.
Auto-pay will only be performed out of peak hours (outside 10 AM–1 PM and 5 PM–9:30 PM).Each mandate will be attempted once, with up to 3 retries when processing is less busy.
After successful login, banks and apps should give it 90 seconds before looking up the status of a transaction. No more than 3 status checks are permitted within 2 hours when making a transaction.
90 seconds must pass after you’ve authenticated before a bank or app can check the status of your transaction. Customers may do only 3 status checks for a single transaction within 2 hours.
Api calls not started by the user will only be allowed at other times (until 1 PM and after 9:30 PM) during peak hours, to keep the system from being overloaded.
Following regulations and having audits done:
By August 31, 2025, banks and payment service providers must confirm they handle API calls appropriately when banks queue them.
As of August 31, 2025, all acquiring banks must be audited against information systems annually by CERT-In empanelled auditors.
The efforts are made to ensure the UPI system stays secure, fast and stable at times when there are many users online. For strong users, habits may have to shift, but the adjustments made are meant to be helpful for the whole digital payment community.
The objective of carrying out this step is to strengthen and stabilize the UPI service. Traffic and a surge in requests have caused problems within the network in the recent past.
The circular stated that all transaction requests (measured in TPS — transactions per second) on the UPI network, shown by the APIs of PSPs and acquiring banks, must be supervised and controlled for suitable use.
If a bank or PSP does not follow the directions, they may face API restrictions, face penalties, cannot onboard new customers or take any other steps NPCI recognizes appropriate, the statement suggests. In addition, any PSP processing multiple transactions is required to submit an undertaking to NPCI by August 31, 2025, confirming that all such transactions use queuing and rate limiting.
The note said that non-customer APIs must be restricted during peak hours. Here, the hours between 10 AM and 1 PM and again from 5 PM to 9:30 PM each day, are known as peak hours.
For more updates follow: Latest News on NEWZZY
