POLi integration into mobile casino applications: architecture, security and UX practices

1) Context and limitations

POLi functionality: deposits only; withdrawal - through other methods (transfer bank/card/wallet).
Jurisdictions:

Australia: POLi operations discontinued (September 2023); online casinos/AU resident slots are prohibited (IGA 2001).
New Zealand: POLi available at licensed venues; mobile integration is relevant.
Conclusion: below is a technical diagram for markets where use is allowed (NZ and other legal jurisdictions).

2) Architectural connection options

A. Redirect/Hosted Payment Page (HPP)

The client → the cash desk creates a payment session → redirect to the bank (browser/application bank) → return by'return _ url '→ confirmation via webhook/polling.
Pros: minimum PCI requirements, stable model, fewer risks.
Cons: depends on correct processing of app-switch and return deeplink.

B. Server-to-Server + redirect (hybrid)

The server creates a payment from the POLi provider, the mobile client only initiates a redirect; the final status comes with a webhook.
Pros: clear reconception, comfortable retrays, idempotency on the backend.
Cons: more server logic.

💡A complete "pure API" without a redirect is impractical: bank authentication requires switching to a bank.

3) User flow (mobile UX)

1. Cash desk → POLi selection.
2. Enter an amount → create a payment session (txn\_ id, state/nonce, lifetime).
3. App-switch: open a bank (or a browser with an Internet bank).
4. Bank login/2FA → transfer confirmation.
5. Return 'return _ url '/deeplink to the application → the result screen.
6. The backend receives the webhook and finalizes the deposit; the client requests a status of 'txn _ id' (pull confirmation) in case of web hook delays.

4) iOS specificity

Use ASWebAuthenticationSession or SFSafariViewController for the browser step; direct WKWebView is less suitable due to cookies/redirects.
Universal Links для `return_url`; processing in'scene (_: continue:) '.
Session timeouts ≥ 10 minutes, background mode is not required, but saving the cash register state is required.
If the bank opens as a separate application, provide a friendly back-to-app script and re-obtain status upon return.

5) Android specificity

Custom Tabs for web streaming is preferred; for bank applications - intent filters and verified App Links for 'return _ url'.
Result processing - through deeplink-activity; re-querying status at 'onResume ()'.
Do not store payment status in'Activity '; Use the ViewModel/repository that is undergoing configuration changes.
Folback to the system browser when the bank/application is unavailable.

6) Integration security

TLS is everywhere, prohibiting unprotected protocols. iOS ATS/Android Network Security Config - enabled.
CSRF/Replay-protection: one-time 'state '/' nonce', reconciliation on return.
Idempotency: idempotency-key to create payment; reprocessing webhooks is safe.
Webhooks: signature, fixed outgoing IP (if available), Retray with exponential pause, deduplication by event\_ id.
Logs: do not log bank logins/OTP; Mask the PII store: 'txn _ id', redirect/return time, status codes.
Root/Jailbreak signals: a soft warning and a block of high-risk operations according to business rules.
Protection of return URLs: whitelist 'return _ url' on the provider and application side.

7) Status processing and error resistance

Статусы: `processing` → `succeeded`/`failed`/`unknown`.
If the user has closed the bank/browser - show the screen "Continue payment/Choose another method."
When 'unknown': do not block the player - keep the order waiting, re-poll the backend, wait for the webhook.
Standardize error codes (bank unavailable, limit, authentication, user cancel, timeout).
Take into account fractional confirmations (the bank has written off, the merchant has not yet been updated) - explain this in UI.

8) Reconcilation and finance

Daily reconciliation: POLi provider reports ↔ your database (by 'merchant _ ref', amount, currency, time).
A separate queue for "desynchrony"; manual cases - in the back office tilling.
For "deposit" bonuses - accrue after 'succeeded'; for 'processing '/' unknown' - set hold.

9) UX box office practices (mobile-first)

Visible progress bar and timer "Bank session will expire in...."
A clear copy on the buttons: "Go to the bank," "Confirmed - return to the application."
Clear amounts/currency, immediate validation of limits before redirect.
Saving deposit draft; Reopen the session when the application is restored.
Availability: VoiceOver/TalkBack labels, sufficient contrast, Dynamic Type/FontScale.

10) Limits, KYC/AML, Liability

Limits are set by the bank and operator, not POLi; Show the available range before you start paying.
KYC/AML do not depend on the method - volume/frequency checks work the same; high risks - manual verification.
Responsible play policy: deposit/pause limits are also available with POLi; Add quick links to manage limits at checkout.

11) Regional features and phicheflags

AU: disable POLi at the phicheflag/build level; show the disclaimer (service unavailable; online casinos are prohibited).
NZ: allow POLi; Pull the list of banks/limits from the configuration (remote config).
Geofencing, localization of currencies/formats, server allow-lists of merchants in the country.

12) Test matrix and QA

Banks: at least one case for each large bank and by 2FA types (SMS, push, token).
Platforms: iOS/Android, current major versions, dark/light theme, different locales/languages.
Failure scenarios: bank cancellation, expired session, network break, closing webview, incorrect deeplink, repeating webhook.
Load: peak hours, webhook delays, mass retrays.

13) Monitoring and operating system

Metrics: cash conversion, CTR "Go to the bank," average 'time-to-funds', share of'unknown', frequency of webhook retrays, bank failure for reasons.
Alerts: webhook timeout, 'failed' surge one can at a time, 'unknown'> threshold rise.
Incident runbook: switching the priority of methods, informing users, force polling of statuses, post-mortem.

14) What integration doesn't do

Does not add withdrawals.
Does not bypass the limits of the bank or operator.
Does not replace KYC/AML procedures and responsible play.

Result

POLi integration into mobile applications is built around secure redirect/HPP with correct app-switch, reliable processing of return deeplink, confirmation via webhooks and strict idempotency. The key to stability is transparent statuses, friendly recovery scenarios and full-fledged reconcilation. In Australia, POLi is unavailable and not applicable to online slots; in New Zealand, the method remains working and gives users quick deposits with correct technical and legal settings.