Vouchr Integration
What options are available to integrate with Vouchr systems?
Currently we provide SDKs for iOS and Android allowing you to integrate the Vouchr experience into your own sending and receiving application. Additionally, receiving a gift can optionally be made available via a WebSDK.
Direct API access is currently unavailable, however the Client SDK’s may be used in a completely headless manner, or can consist of a combination of themable prebuilt screens along with partner-provided screens. Vouchr options may be enabled/disabled as required by the partner.
See iOS SDK and Android SDK and Web SDK documentation
System Architecture
What is your high-level network architecture?
Payments
What payment models are Supported?
Three basic payment models exist for transmitting gifts with payment info.
- Parallel - no payment info is contained in the gift itself, but is transmitted independently by the partner at the time of the payment
- Passthrough - in this case whatever payment information is put into the gift is revealed to the recipient upon claim.
- Callback - most flexible system, here the Vouchr system calls the partner systems at stages of the gift including creation, claiming and expiry.
See further details in Payment Details
Authentication
How is authentication managed between the Application and Vouchr Systems?
- Most partners use JWT for authentication and authorization, which is then verified Vouchr-side.
- Other options are available if required, talk to your Vouchr representative.
- take a look at JWT Authentication Details
Privacy
What are the compliance/privacy considerations?
We require very little personal or partner data to be shared with us. Some ways we manage this include:
- where contact information may not be shared, we provide the ability to retrieve a redemption url for a created gift that can then be distributed by the partner’s own systems.
- name of recipient can be anonymous as long as there’s a unique id associated with them (id can be anonymous).
- name of sender can be limited to first name, first-name last initial, etc to decrease the scope of data.
- there’s no need to transmit other personal data about the users.
What data is shared with Vouchr?
| Data | Details | SDK | Services | Info |
|---|---|---|---|---|
| Sender | Name | R | R | This can be limited to nickname, first name, or first name / last initial |
| Sender | Partner ID | R | R | A unique ID is required to associate a user within the system, but can be a surrogate id unique to the Vouchr System |
| Recipient | Name | O | O | Not required |
| Recipient | Contact Info | O | O | If vouchr is responsible for delivering the receive url, either SMS or email of recipient must be provided. If receive url is partner-delivered, unnecessary |
| Recipient | Partner ID | O | O | If recipient partner ID is available, can be used to associate gifts with a particular partner’s user |
| Gift | Notes | O | O | Notes/messages may be transmitted along with the gift if enabled by the partner in the SDK |
| Gift | Images | O | O | Images may be transmitted along with the gift if enabled by the partner in the SDK, and can be limited to sender-uploaded, free image search, or partner-specified searchterms only |
| Gift | Videos | O | O | Videos may be transmitted along with the gift if enabled by the partner in the SDK, and can be limited to sender-uploaded, or YouTube available images |
| Gift | Animations | O | O | Animations may be transmitted along with the gift if enabled by the partner in the SDK, and can be freeform-searched or partner-specified searchterms only |
| Gift | Sounds | O | O | Sounds may be transmitted along with the gift if enabled by the partner in the SDK, and can be limited to sender-uploaded, or selected from partner-determined list |
| Gift | Game Scores | O | O | If a score is required to unlock a gift |
| Payment | Payment Info | O | O | See Payment Options |
R = Required O = Optional
How do we keep payment data private?
Vouchr sits on top of your existing payment platform, and we do not store money or process payments. We have a number of methods we recommend to facilitate your existing payments in a secure manner.
Some suggestions:
- a delivery url can be sent in the package that requires it’s own authentication on the receiving end (an e-transfer url that requires independent bank login post-receive).
- a ‘payment identifier’ or surrogate id can be sent in the contents of the gift, which the partner generates on the sender
- the partner’s client app or implementation of web-reveal can do the exchange/authentication necessary for it when claimed within app entirely within a partners services
- data can be encrypted with a shared secret known only to the sender and recipient
- payment can be delivered independently of the gift
See further details in Payment Details
Hosting
What hosting options are currently available?
Currently Vouchr REST services are hosted via the Google Cloud. Depending on the client and stage of integration, this may be via a multi-tenant system, single-tenant, or even partner-deployed if required. The Web-reveal component of the system may be hosted on Vouchr’s systems, or deployed by the partner. (see details below).
What are some of the hosting benefits?
- System is hosted and scaled via Google App Engine
- This harnesses Google’s robust architecture.
- Systems are automatically scaled as demand requires.
- Systems can be hosted in specific regions per compliance or availability reasons.
What does disaster recovery look like?
- Backups are made to Google managed warm storage redundantly and in multiple geographic regions.
What protection is offered against network attacks?
- Google DDOS and firewall protections are provided.
- Google vulnerability scanning enabled.
How does Vouchr handle security?
- Secure Planning - security considerations of our clients in the financial industry are considered when planning all new features.
- Automated Code Scanning - all code is scanned automatically for common vulnerabilities before it’s merged.
- All code peer reviewed - every line of code that makes it into our system is reviewed by senior developers with an eye towards security.
- Encryption - all databases are encrypted at rest, and additionally application-level encryption is applied to sensitive fields with separate keys per partner.
- We use established methods for authentication and encryption.
- PenTesting - we work with our partners to select vendors to independently audit our security and address all concerns.
- Single-tenant and partner deployments are an option for select partners.
Web Reveal Hosting
There are several options for hosting the link to the web-reveal / landing page depending on partner preferences and abilitities
- Partner Hosted
- Vouchr Hosted, Partner Aliased
- Vouchr Hosted
See details here Web Reveal Hosting
Dependencies
What Open-Source projects do you rely on?
See the folowing links for each of our projects