M-PAiSA API integration & OpenFinance wallet services

OpenData · OpenFinance · Protocol analysis · Pacific mobile money

Connect M-PAiSA wallets, NPS bank transfers and tap-to-pay rails to your stack — safely

We deliver M-PAiSA protocol analysis, account login flows, wallet balance and statement APIs, National Payment System (NPS) bank-to-wallet bridge integration, and merchant payment ingestion. Every integration follows OpenBanking patterns and authorized, compliant data access aligned with Reserve Bank of Fiji guidance.

Wallet account login — Mirror the M-PAiSA mobile authentication flow (PIN + biometric + OTP), maintain refreshable session tokens, and surface a clean OAuth-style endpoint for your back office.

Transaction & statement export — Pull up to six months of M-PAiSA wallet history (the same window the app exposes), with paging, date filters and CSV/JSON/PDF export ready for accounting and reconciliation.

NPS bank bridge — Since the October 2024 Reserve Bank of Fiji NPS go-live, M-PAiSA wallets settle near-real-time with all major Fijian banks. We expose this as a single transfer-and-status API.

Tap-to-pay & MDES cards — Hook into the 2026 M-PAiSA digital card issuance flow (powered by Entrust + Mastercard MDES) for in-app card provisioning, NFC tap-on-phone and merchant settlement reporting.

What we deliver

Deliverables checklist

OpenAPI 3.1 specification covering login, wallet, statements, NPS transfers and merchant callbacks
Protocol & auth-flow report (handshake, token rotation, signature scheme, session re-bind)
Runnable Python and Node.js reference clients with retry, pagination and idempotency keys
Postman collection plus pytest / jest integration suites against a sandbox
Compliance pack — KYC field map, retention policy template, RBF NPS audit checklist

Engagement models

Pick the commercial model that matches your appetite for integration work:

Source-code delivery from $300 — you receive the runnable client, OpenAPI spec and docs; payment is released after you have validated the build against your own sandbox.
Hosted pay-per-call API — we operate the M-PAiSA bridge and you pay only per successful call. Ideal for teams that want to skip ops and stay usage-based.
Custom retainer — for banks, remittance operators and PSPs that need protocol drift monitoring across M-PAiSA app updates.

Data available for integration

The M-PAiSA app surfaces a rich set of Fiji-specific financial data. The table below maps the most useful data types to the screen they originate on, the granularity we can extract, and the typical downstream business use after an OpenData / OpenFinance bridge is in place.

Data type	Source screen / feature	Granularity	Typical use
Wallet balance	Home / Account	Real-time, FJD denominated	Treasury dashboards, low-balance alerts, working-capital monitors
Transaction history	Statement / History	Per-transaction, up to 6 months, with reference numbers	Reconciliation against ERP, automated bookkeeping, dispute resolution
NPS bank transfers	Bank to M-PAiSA / Send to bank	Per-transfer with sending bank code, status and timestamp	Cross-bank settlement reporting, anti-fraud screening, liquidity sweeps
Bill payments	Pay Bills (FEA, water, FRCS, council, school fees)	Per-bill, biller code, customer reference, amount	Receivables ingestion for utilities, FRCS tax revenue, school admin systems
Merchant QR payments	Pay Merchant / QR scan	Per-payment, merchant ID, MCC, terminal reference	POS reconciliation, loyalty enrichment, merchant analytics
International remittance inflow	IMT — Receive from Overseas	Per-credit, sender corridor, partner (WorldRemit, Xoom, Remitly, OrbitRemit, KlickEx)	Diaspora analytics, AML monitoring, FX hedge planning
Mastercard MDES digital card	M-PAiSA Card / Tap-to-Pay	Card token, last-4, NFC transaction events	Card-spend analytics, chargeback handling, in-store loyalty
KYC / customer profile	Account / Verify	Tier, ID type, mobile MSISDN, residency flag	Onboarding orchestration, compliance reporting, segmentation

Typical integration scenarios

1. Diaspora remittance reconciliation

A remittance operator in Australia or New Zealand pushes IMT credits into M-PAiSA wallets every day. We bridge the inbound IMT feed (sender corridor, partner ID, FJD amount, status) into the operator's ledger so finance can match each payout to the originating MTO transaction within minutes — important context: M-PAiSA brings roughly FJD 48m of personal remittances into Fiji every month, so even a small mismatch becomes a material reconciliation problem.

Data involved: IMT inflow events, wallet credit entries, partner reference. OpenFinance mapping: AISP-style read-only access to the recipient wallet's relevant credit history.

2. NPS-driven payroll & B2C disbursement

Since 14 October 2024 the Reserve Bank of Fiji's National Payment System has connected M-PAiSA to all major Fijian banks. A payroll provider can therefore push salaries directly from a corporate bank account into employee M-PAiSA wallets in near-real time. We expose a single POST /transfers endpoint that hides the bank/wallet routing and returns NPS settlement status.

Data involved: NPS transfer initiation, bank code, settlement timestamp, end-to-end reference. OpenFinance mapping: PISP-style payment initiation under the customer's signed mandate.

3. SME accounting & tax sync

An SME using M-PAiSA for QR collections wants its sales to flow into Xero/QuickBooks and the FRCS tax facility. We pull the merchant statement, normalise each line into double-entry journals, and split GST automatically. Because the FRCS payment facility itself runs on M-PAiSA (per the 2025 FRCS / Vodafone Fiji MOA), we can also push tax payments back through the same bridge.

Data involved: Merchant transactions, biller payments, FRCS receipts. OpenFinance mapping: Combined AISP read + PISP write under merchant consent.

4. Tap-to-pay loyalty enrichment

With M-PAiSA's Mastercard MDES digital card and tap-on-phone (launched with Entrust in April 2026), in-store payments now generate token-based card events. We subscribe to those events via webhook, enrich them with merchant MCC and basket data from the retailer's POS, and feed a unified loyalty engine — one wallet ID, one card token, one customer view.

Data involved: NFC card transaction events, merchant reference, MDES tokens. OpenFinance mapping: Card-on-file analytics tied to consented wallet identity.

5. Compliance & AML monitoring for an MFI

A microfinance institution lends to small Fijian merchants and wants daily visibility on borrower wallet flows. Our integration streams transaction-level data into the MFI's risk engine, flags structuring patterns and produces an audit-ready trail consistent with RBF anti-money-laundering expectations and the broader UN Capital Development Fund (UNCDF) guidance on responsible mobile-money use.

Data involved: Transaction history, KYC tier, counterparty wallet IDs. OpenFinance mapping: AISP read-only with strict purpose-limitation logging.

Technical implementation

Three short examples follow. They are deliberately implementation-shaped (not vendor copy) so engineering leads can see the request/response surface, the auth pattern, and how errors propagate. Real endpoints, signing keys and partner IDs are wired in during onboarding.

Login & session bind

POST /api/v1/m-paisa/auth/login
Content-Type: application/json
X-Client-Id: <PARTNER_CLIENT_ID>

{
  "msisdn": "+679XXXXXXX",
  "device_fingerprint": "a1b2c3d4",
  "consent_id": "cns_2026_05_10_001"
}

200 OK
{
  "access_token": "eyJhbGciOi...",
  "refresh_token": "rt_8f...",
  "expires_in": 1800,
  "wallet_id": "MP-FJ-7740019",
  "kyc_tier": "tier2"
}

Statement export (paged)

POST /api/v1/m-paisa/statement
Authorization: Bearer <ACCESS_TOKEN>
Content-Type: application/json

{
  "wallet_id": "MP-FJ-7740019",
  "from_date": "2026-02-10",
  "to_date":   "2026-05-10",
  "channels":  ["WALLET","NPS","IMT","MERCHANT"],
  "page": 1,
  "page_size": 100
}

200 OK
{
  "currency": "FJD",
  "page": 1,
  "total_pages": 4,
  "items": [
    {
      "txn_id": "TX-2026050900871",
      "ts": "2026-05-09T03:14:22Z",
      "type": "NPS_CREDIT",
      "amount": 250.00,
      "counterparty": "BSP Fiji",
      "ref": "NPS-RBF-99812"
    }
  ]
}

NPS bank-to-wallet transfer + webhook

POST /api/v1/m-paisa/transfers/nps
Authorization: Bearer <ACCESS_TOKEN>
Idempotency-Key: idem-9f2a-...

{
  "from_bank":   "ANZ-FJ",
  "from_account":"01-XXXXXX-30",
  "to_wallet":   "MP-FJ-7740019",
  "amount":      120.00,
  "currency":    "FJD",
  "purpose":     "PAYROLL"
}

202 Accepted
{ "transfer_id": "NPS-2026050900732", "status": "PENDING" }

# Webhook callback (signed, HMAC-SHA256)
POST https://your-app.example/m-paisa/webhook
{
  "event": "transfer.settled",
  "transfer_id": "NPS-2026050900732",
  "status": "SETTLED",
  "settled_at": "2026-05-09T03:14:55Z",
  "rbf_e2e_ref": "RBFNPS20260509000732"
}

Compliance & privacy

Regulatory alignment

M-PAiSA is a licensed mobile-money service operating under the supervision of the Reserve Bank of Fiji and connected to the National Payment System that went live for mobile wallets on 14 October 2024. Every integration we deliver references RBF mobile-money guidance, follows the Fiji Personal Information Protection framework, and respects Vodafone Fiji's published terms. Where the customer is in a jurisdiction with stricter regimes (PSD2 in the EU, the UK FCA Open Banking standard, GDPR for EU residents), we apply the higher bar.

Privacy controls we enforce

Explicit, revocable consent records linked to a consent_id on every API call
Purpose-limitation logging — each read is tagged with its business purpose
Data minimisation: KYC fields are only forwarded when contractually required
Encryption in transit (TLS 1.3) and at rest (AES-256) with rotated KMS keys
Right-to-erasure workflow for end users who withdraw consent

Data flow / architecture

A typical M-PAiSA integration is a four-node pipeline. Each step is independently testable and can be swapped for a hosted equivalent if you choose the pay-per-call model.

Client side — your end user authorises the bridge inside your own app or web flow; consent is captured and a consent_id issued.
M-PAiSA bridge / ingestion — our adapter handles login, token rotation, paging and rate-limit back-off against the M-PAiSA endpoints.
Normalisation & storage — raw payloads are normalised into a canonical wallet/transaction model and persisted to your warehouse (Postgres, BigQuery or S3 + Iceberg).
API output / analytics — downstream systems read a stable OpenAPI surface; alternatively, webhooks fan out events (transfer.settled, statement.ready, card.tx.posted).

Market positioning & user profile

M-PAiSA is the dominant mobile-money wallet in Fiji, operated by Vodafone Fiji and used by individuals, SMEs, government billers (including FRCS and many councils) and inbound remittance corridors from Australia, New Zealand, the United States, Vanuatu, Samoa and the Cook Islands. The user base spans urban smartphone users on Android and iOS, rural unbanked customers reached through agent networks, and merchants ranging from market-stall operators to national retailers using QR and the new tap-on-phone Mastercard. For an integration partner this means three primary buyer profiles: B2C fintechs targeting the Fijian diaspora, B2B platforms (payroll, accounting, ERP) serving Fijian SMEs, and regulated institutions (banks, MFIs, MTOs) that need bidirectional NPS-grade flows. Our bridge is built with all three in mind.

Screenshots

Click any thumbnail to view the full-resolution screenshot from the official Vodafone Fiji M-PAiSA Google Play listing.

Similar apps & integration landscape

M-PAiSA sits inside a global mobile-money ecosystem. Customers we work with frequently need a unified view across several of the wallets and remittance apps below — these are listed purely as ecosystem context, not as competitors to rank.

Digicel MyCash (Fiji)The other major Fijian mobile wallet, also connected to NPS. Many customers want a single statement view across both M-PAiSA and MyCash.

M-Pesa (Kenya, Tanzania, etc.)The reference mobile-money platform. Operators expanding from East Africa to the Pacific often need M-PAiSA bridges that match their existing M-Pesa data shape.

GCash (Philippines)Large Southeast-Asian e-wallet; remittance corridors from the Philippines often touch both GCash and M-PAiSA accounts in mixed households.

Easypaisa (Pakistan)Pakistan's leading mobile wallet; integration patterns (KYC tiers, agent cash-in) closely mirror M-PAiSA and inform our reference design.

JazzCash (Pakistan)Another Pakistan-based wallet; useful comparator for billing integrations and merchant QR ecosystems.

bKash (Bangladesh)South-Asian mobile money giant; teams comparing mobile-money APIs across regions often request bKash and M-PAiSA in the same engagement.

Airtel MoneyMulti-country African wallet; frequently appears alongside M-PAiSA in cross-border remittance dashboards.

MTN MoMoAfrica-wide mobile money network; relevant for partners building Pacific ↔ Africa diaspora payment products.

Orange MoneyOperates across Francophone Africa and parts of the Middle East; integration patterns are similar to Vodafone's M-PAiSA stack.

WorldRemit / Xoom / Remitly / OrbitRemit / KlickExMajor remittance apps that already push funds into M-PAiSA wallets. Customers often need a unified inbound credit feed across all of them.

About OpenFinance Lab

We are an independent technical studio focused on mobile-app protocol analysis and OpenFinance / OpenBanking API delivery. The team has shipped integrations across Pacific, South Asian and African mobile-money operators, and works in English with overseas clients on a fixed-fee or pay-per-call basis.

Authorized protocol analysis, app interface refactoring, OpenData connectors
Production Python, Node.js and Go SDKs with retry, idempotency and observability baked in
Cloud-ready packaging (Docker, Helm), plus optional managed hosting
Source-code delivery from $300 — pay after delivery upon satisfaction
Pay-per-call hosted API — no upfront cost, only per successful call

Contact

Send us the target app (M-PAiSA, in this case) and the specific data or flows you need. We will respond with a fixed-fee scope or a pay-per-call quote within one business day.

Open contact page

Engagement workflow

Scope confirmation: list the M-PAiSA capabilities you need (login, balance, statement, NPS transfer, MDES card events).
Protocol analysis & API design — typically 2–5 business days.
Build & internal validation against a sandbox — typically 3–8 business days.
Documentation, sample apps, integration tests — 1–2 business days.
First delivery usually lands in 5–15 business days; partner approvals (Vodafone Fiji, sponsoring bank) can extend the timeline.

FAQ

What do you need from me to start an M-PAiSA integration?

Target app name (M-PAiSA, provided), the concrete capabilities you need (wallet balance, transaction history, NPS bank-to-wallet transfers, merchant payments), and any existing Vodafone Fiji merchant credentials, sandbox accounts, or business approvals you already hold.

How long does an M-PAiSA delivery take?

Typically 5–12 business days for a first API drop covering login, wallet balance and statement export. Tap-to-pay, MDES card issuance, or multi-bank NPS reconciliation flows can extend the timeline depending on Vodafone Fiji and partner approvals.

How do you handle compliance and Reserve Bank of Fiji rules?

We work only under customer authorization or documented public/authorized APIs, align flows with Reserve Bank of Fiji digital-payment guidance and the National Payment System framework, log every consent, and apply data-minimization to KYC fields. NDAs are signed when required.

Can the M-PAiSA integration handle international remittance inflows?

Yes. M-PAiSA already receives International Money Transfers from Vanuatu, Samoa and the Cook Islands, plus partners such as WorldRemit, Xoom, Remitly and OrbitRemit. Our integration can ingest these inbound credits, reconcile them against your ledger and surface them through a single statement API.

Original app overview (appendix)

M-PAiSA is the mobile-money wallet operated by Vodafone Fiji Limited (package fj.com.vodafone.mpaisawallet). Per the official Google Play description, "You can send and receive money, pay businesses and bills all in the palm of your hands. Bringing you the M-PAiSA App that makes life more convenient, easy and simple all while maintaining an elegant look and providing futuristic features."

Beyond that one-line description, the app — and the broader M-PAiSA service — supports:

Wallet-to-wallet transfers within Fiji and pay-to-merchant via QR.
Bill payments to utilities, councils, schools and the Fiji Revenue & Customs Service (FRCS).
International Money Transfer (IMT) inflows from corridors including Vanuatu, Samoa, the Cook Islands, Australia, New Zealand and the US, via partners such as WorldRemit, Xoom, Remitly, OrbitRemit and KlickEx.
National Payment System (NPS) integration since 14 October 2024 — near-real-time bank-to-wallet and wallet-to-bank transfers between M-PAiSA and all major Fijian banks.
Soundbox / merchant acceptance for in-store payment confirmation.
Mastercard MDES digital card issuance and tap-on-phone payments, launched in April 2026 with Entrust as the Issuer TSP partner.
Six-month account statement download directly inside the app at no cost.
Strong customer authentication via PIN and biometrics.

M-PAiSA brings approximately FJD 48 million of personal remittances into Fiji each month and is widely cited (including by the UN Capital Development Fund) as a key driver of financial inclusion in the country. This page is an independent technical positioning of how the app's data and payment rails can be exposed for OpenData / OpenFinance integration; M-PAiSA and Vodafone are trademarks of their respective owners.