Essential Services. Buy Now, Pay Later.
Delivered via WhatsApp.

LulamisaPay bridges the gap between South African households and the services they can't afford upfront — electricity, water, traffic fines, airtime — using the phone app they already have.

💬 WhatsApp-first conversation 🛒 BNPL for essential services 🔌 Interfile & PayCity ready 🔒 POPIA compliant · fraud-gated 🇿🇦 ZAR · SA ID verified

See the Opportunity Integration Guide

22M+^¹

WhatsApp users in SA

R350bn+^²

Consumer debt owed to municipalities

~40%^³

Credit-active SA consumers impaired

3 taps

From WhatsApp to vend

¹ DataReportal: Digital 2025 South Africa · ² Auditor-General SA: MFMA 2022/23 Report · ³ NCR Consumer Credit Market Report (quarterly)

Market Opportunity

The Problem Is Real. The Channel Is Ready.

Millions of South Africans face electricity cut-offs and traffic fines they can't pay in a single lump sum. The existing payment rails don't help them. We do.

What is BNPL?

Buy Now, Pay Later (BNPL) is a short-term credit product where the customer receives the service immediately but repays in instalments over weeks or months — interest-free or at low interest, depending on the provider. The customer applies through their BNPL provider's checkout page; approval is instant. LulamisaPay receives confirmation of the approved transaction and pays the bill holder on the spot. The BNPL provider then collects the repayments from the customer and settles the full amount back to LulamisaPay on an agreed schedule.

The Current Pain

🔌 Electricity cut-offs
Households fall into arrears & go dark. A R600 top-up they can't afford upfront is R600 of lost service delivery.

🚗 Traffic fine escalation
Fines double, licences lapse, AARTO demerit points accumulate — all because a R400 fine can't be split into instalments.

💸 No suitable BNPL product
Existing BNPL players serve retail. No one solves essential-services BNPL at scale on the channel most South Africans already use daily.

The LulamisaPay Answer

✅ WhatsApp-first UX
No app download needed. The customer selects their service and receives the result entirely in WhatsApp — only the payment step opens a secure browser page (BNPL checkout or card portal).

✅ LulamisaPay floats the bill
Bill holders are paid immediately from LulamisaPay's prefunded balance or card. BNPL settlement flows back to LulamisaPay. Zero credit risk for the bill holder.

✅ Fraud-gated, POPIA-compliant
SA ID verification, velocity limits, high-value holds, encrypted PII — production-hardened from day one.

Customer Experience

Three Taps. Zero Friction.

Service selection, cart, and delivery live entirely in WhatsApp. The only step that leaves WhatsApp is the payment itself — a link opens the BNPL partner's checkout page or a card payment portal in the browser, then the customer returns to WhatsApp for their token and invoice.

💬

Step 1

Customer messages

Sends "Hi" or any message to LulamisaPay's WhatsApp Business number. Greeted with a service menu.

🪪

Step 2

One-time ID verify

SA ID number captured once — stored encrypted (AES-256). POPIA notice accepted. All future sessions are seamless.

🛒

Step 3

Select & cart

Picks electricity, water, fine, airtime — or adds multiple to the cart for one checkout. Service fee shown upfront.

💳

Step 4

BNPL or full pay

LulamisaPay sends a checkout link. Tapping it opens the BNPL partner's own checkout page or a card payment portal in the browser. Card data goes directly to the payment provider — never to LulamisaPay.

⚡

Step 5

Delivered immediately

Electricity token, fine clearance, account credit — sent back to the customer in WhatsApp alongside a PDF invoice.

How Money Moves

LulamisaPay Floats the Bill — Then Gets Settled

LulamisaPay acts as the float provider. Bill holders (Interfile, PayCity, Eskom…) are paid immediately from LulamisaPay's prefunded account or credit card on file. BNPL settlement flows back to LulamisaPay on an agreed cycle — the customer never touches the bill holder's portal.

Customer selects service & chooses to pay via BNPL (or card)

A secure checkout link is sent to the customer's WhatsApp. Tapping it opens the BNPL partner's checkout page or a card payment portal in the browser — card data goes directly to the payment provider, never to LulamisaPay. The customer returns to WhatsApp after payment.

BNPL Partner approves & fires a PAID webhook

The BNPL system makes the credit decision. A signed PAID callback is sent to LulamisaPay. Nothing irreversible happens on LulamisaPay's side until this arrives.

Fraud gate (manual hold on high-value)

High-value transactions pause here before value is handed over — protecting against a PAID webhook that later reverses before the irreversible vend.

🏦 LulamisaPay pays the bill holder

LulamisaPay draws from its prefunded balance at the bill holder — or the bill holder charges LulamisaPay's credit card on file, whichever method the provider supports. The customer is not involved in this step at all.

✅ Service delivered to customer

Electricity token issued, fine cleared, account credited. The bill holder vends immediately once payment clears on their side. Receipt + invoice sent to WhatsApp.

💳 BNPL Partner settles to LulamisaPay

The BNPL provider's batch settlement transfers the full checkout amount to LulamisaPay's bank account. LulamisaPay retains the service fee; the principal recovers the float advance. Float gap is now closed.

Bill Holder (Interfile / PayCity / Eskom)

Zero credit risk

LulamisaPay pays them at service trigger — no waiting
Payment from LulamisaPay's prefunded balance or credit card on file — whichever method the provider supports
Zero changes to existing API, pricing, or settlement terms
Reduced arrears; revenue guaranteed regardless of how the end-customer pays

BNPL Partner

Settles to LulamisaPay

Collects full checkout amount from customer in instalments as normal
Batch settlement flows back to LulamisaPay on agreed schedule
Access to an essential-services segment not currently reached by BNPL
Rich transaction metadata for your own risk & BI models

LulamisaPay — Float + Fee model

Revenue

Service convenience fee charged to the customer (retained on settlement)
Carries the short-term float gap between paying the bill holder and BNPL settlement
Float exposure bounded by settlement cycle; tracked per-transaction in the ledger
Different rates for BNPL vs full-pay, admin-configurable without redeploying

Float Exposure Timeline (per transaction)

Day 0
BNPL confirms

LulamisaPay pays
bill holder

← float gap — principal at risk →
LulamisaPay carries this exposure

T+1 to weekly
BNPL settles → LulamisaPay

Principal recovered on settlement · Service fee retained as revenue · Net float tracked per-transaction in the reconciliation API

Partner Value

What's in It for You

LulamisaPay is built around the specific needs of BNPL providers and bill-holder service delivery partners. Select your category.

Why partner with LulamisaPay?

Tap into a completely new use-case: essential-services BNPL — electricity, water, fines, airtime
No changes to your checkout or risk engine — LulamisaPay generates a checkout URL via your existing API
LulamisaPay handles ID verification, fraud gating, and customer communication
Structured settlement reporting via API or email on agreed cycles
Rich transaction metadata: service type, account, beneficiary — feeds your own BI and risk models
LulamisaPay carries the float risk — your obligation is simply the instalment collection from the customer

Risk layers — what LulamisaPay handles

🪪 SA ID verification

Identity captured once, AES-256 encrypted. Every transaction is tied to a verified SA citizen.

📊 Velocity limits

Rolling 24h caps on transaction count and value per account. New-account limits block SIM-swap cash-out.

🛑 High-value hold

Transactions above a threshold are held for manual review before the irreversible vend.

📋 Idempotent webhooks

Duplicate PAID webhooks never result in a double charge — enforced by a DB-level partial unique index.

How LulamisaPay pays you

There are two models — whichever fits your platform:

Model A — Prefunded account

LulamisaPay maintains a float balance on your platform. When a transaction is triggered, LulamisaPay draws from that balance. You remit a top-up when the balance drops below an agreed threshold.

Model B — Credit card on file

LulamisaPay registers a card at your payment gateway. Each triggered transaction is billed to LulamisaPay's card in real time. No prefunded balance required.

In both models the bill holder is paid before vending — zero credit risk for you.

Integration checklist

Provide an API endpoint: POST /vend or equivalent trigger
Accept a LulamisaPay-signed request header for authenticity
Return a vend reference / token / confirmation in the response
Optional: webhook back to LulamisaPay on async vend completion
Provide sandbox credentials for testing (2–3 days integration)
No changes to your customer-facing portal or app required

Sample integration call

POST /api/vend HTTP/1.1
Host: api.interfile.co.za
Authorization: Bearer <lulamisapay_key>
Content-Type: application/json

{
  "account":    "9001234567",
  "amount_cents": 60000,
  "reference":  "LP-TXN-abc123",
  "service":    "ELECTRICITY"
}

→ 200 OK
{
  "token":    "1234-5678-9012-3456",
  "status":   "VENDED",
  "ref":      "IF-20260610-99988"
}

Security & Compliance

Production-Hardened from Day One

Every layer — from the WhatsApp webhook to the database — is designed with South African regulatory requirements and OWASP security controls in mind.

🔒

AES-256 PII Encryption

Phone numbers and SA ID numbers are encrypted at column level using SQLAlchemy-utils StringEncryptedType. Encrypted columns remain equality-queryable.

🪪

POPIA Gate

Every new user must accept the POPIA notice before any PII is stored. Consent is recorded with a timestamp. No PII captured without explicit opt-in.

🔑

HMAC-SHA256 Webhooks

All inbound WhatsApp and BNPL webhooks are verified with HMAC-SHA256 signatures before any processing. Replays and spoofed calls are rejected.

🛑

Idempotent Ledger

A partial unique index on the ledger_entries table guarantees exactly one CHARGE per transaction. Duplicate PAID webhooks silently no-op — no double-billing possible.

📊

Velocity Fraud Engine

Rolling 24h transaction count and value caps per account. New-account limits. Blocklist for confirmed fraudsters. All thresholds are admin-configurable without redeploying.

⏸️

High-Value Hold

Transactions above a configurable threshold are held for manual review before the irreversible vend — preventing loss on card reversals that arrive after value is handed over.

📋

Full Audit Trail

Every transaction stage (created → paid → fulfilled) is logged to an append-only audit_logs table keyed by transaction UUID. Support can trace exactly where anything got stuck.

⚡

Rate Limiting

Redis-backed sliding-window rate limiting on all inbound webhook endpoints. Fails open (passes traffic) if Redis is down — service continuity over hard block.

🗄️

Alembic Migrations

Database schema is managed with Alembic version-controlled migrations. No manual SQL in production; every schema change is reviewed, tested, and reproducible.

Getting Started

Integration in 4 Weeks

The typical partner goes from first API call to live production in four weeks. We handle all the complexity — you provide sandbox credentials and a test account.

Week 1

Discovery & Access

Sign NDA & partnership agreement
Receive sandbox credentials
API documentation handover
WhatsApp Business number provisioned

Week 2

Sandbox Integration

Checkout URL generation tested
PAID webhook delivery confirmed
Vend adapter connected
Invoice delivery tested

Week 3

UAT & Compliance

End-to-end UAT on staging
POPIA data-flow review
Fraud threshold tuning
Settlement report format agreed

Week 4

🚀 Go Live

Production credentials activated
First real customer transaction
Monitoring dashboards shared
Ongoing reconciliation agreed

Frequently Asked Concerns

Things Service Providers Ask Us

Honest answers to the questions every potential partner has before signing.

What happens if the BNPL customer misses an instalment?

That is entirely the BNPL provider's credit risk — not yours and not ours. LulamisaPay pays the bill holder immediately after BNPL confirms the transaction. Once LulamisaPay has paid you and you've vended the service, the instalment repayment relationship is purely between the BNPL provider and the end-customer. LulamisaPay's settlement from the BNPL provider is based on the agreed batch schedule — not on whether the end-customer keeps paying their instalments.

What if LulamisaPay's prefunded balance runs dry?

LulamisaPay maintains a minimum float level and receives automated low-balance alerts before any transaction could fail. The prefunded balance is topped up via EFT or credit facility before reaching zero. In the credit-card model there is no balance at all — the card is charged per transaction so this concern doesn't apply. Either way, vend requests are only triggered after LulamisaPay has confirmed sufficient payment capacity.

How do we reconcile — how do we know what LulamisaPay paid us?

Every transaction carries a LulamisaPay UUID and your own external reference. Structured reconciliation reports (CSV or JSON) are available via an API pull or email on agreed daily/weekly cycles. The report includes: transaction UUID, your reference, amount, service type, vend status, and payment timestamp. You can match these line-for-line against your own ledger.

Is LulamisaPay regulated? Are they a payment service provider?

LulamisaPay operates as a technology intermediary orchestrating payments between existing licensed participants — the BNPL provider (regulated) and the bill holder's own payment gateway. LulamisaPay does not hold customer funds; it manages its own float to pay bill holders. We are in active discussion with relevant bodies regarding appropriate licensing as the product scales. We are happy to share our legal opinion on request.

What if the vend fails after LulamisaPay has already paid us?

If the vend API returns a failure, LulamisaPay's support team is immediately notified via an alert. The transaction is marked FULFILLMENT_FAILED and flagged for manual resolution. Depending on the failure cause (your API down, token generation error, etc.) the standard resolution is either a retry or a refund. Settlement for failed vends is handled case-by-case; no deduction happens without mutual agreement.

What data about our customers will LulamisaPay see?

LulamisaPay only sees the data necessary to trigger the vend: account reference, amount, and service type. It does not receive your customer's full profile, usage history, or any data not explicitly passed in the vend API call. All PII at LulamisaPay's side (the end-customer's phone and ID) is AES-256 encrypted and accessed under POPIA consent. We are happy to sign a data processing agreement specifying the exact data flows.

How does the BNPL settlement cycle work? When does LulamisaPay get paid?

The BNPL provider settles to LulamisaPay's bank account on an agreed batch cycle — typically T+1 to weekly depending on the partner. LulamisaPay carries the float during this window: it has already paid the bill holder on Day 0 but receives the cash from BNPL later. This is LulamisaPay's core business risk; it does not pass this risk to the bill holder or the end-customer.

Can we start with a pilot — one service type only?

Absolutely. Most integrations start with a single service type (e.g. electricity only) and expand after the first 30 days of live traffic. The platform is modular: additional service types can be added by registering a new adapter — no core changes required. A pilot is actually our preferred approach because it lets both sides validate the reconciliation process and settlement timing before scaling.

What's Next

Roadmap

Where LulamisaPay is going — so you can plan your partnership accordingly.

Live

Now in Production

WhatsApp conversation engine
Electricity, water, fines, airtime
BNPL + full card payment
Multi-item cart checkout
PDF invoicing + email delivery
Fraud engine + POPIA gate
Beneficiary payments

Beta

In Development

Float balance dashboard (partner-facing)
Reconciliation API (JSON/CSV pull)
BNPL settlement recording in ledger
Prefunded balance auto top-up alerts
Admin portal for fraud threshold tuning

Coming

Planned

DStv / streaming subscriptions
School fees BNPL
Funeral cover premiums
Merchant self-service onboarding
Multilingual support (Zulu, Xhosa)
USSD fallback for feature phones
Instalment scheduling API

Essential Services. Buy Now, Pay Later.Delivered via WhatsApp.