Now in Pilot · India

Payments that
know you're there. No QR. No fraud.

NexPay uses Bluetooth proximity to verify physical presence before any payment happens. Cryptographically secure. Instant. No QR code required.

Request Early Access See how it works
BLE Active
₹100
Received from Shil
Verified
Ravi
₹60
2:15 PM
Kapil
₹150
2:30 PM
Kartik
₹420
2:45 PM
Fraud Eliminated
0 QR attacks
vs ₹1.5B lost in QR fraud
Merchant Validation
74% say yes
35 merchants · 2 days
BLE Proximity Verification · No QR Code Required · SWETA Cryptographic Security · UPI Compatible · 50M+ Indian Merchants · Replay Attack Protection · AES-256-GCM Encryption · Ed25519 Signatures · BLE Proximity Verification · No QR Code Required · SWETA Cryptographic Security · UPI Compatible · 50M+ Indian Merchants · Replay Attack Protection · AES-256-GCM Encryption · Ed25519 Signatures ·
₹139T
Annual UPI transaction value in India
74%
Merchant adoption intent in cold pilot study
0
QR codes needed. Payment via physical presence only
50M+
Indian merchants in NexPay's addressable market
How It Works

Payment in seconds.
Fraud in zero.

NexPay replaces the QR scan with a cryptographic proximity handshake. No visual trust. No screenshots. No spoofing.

01 / DISCOVER
Walk in. Device detects you.

The NexPay soundbox broadcasts a signed BLE signal. Your phone detects it automatically. No scanning. No opening a camera. Just walk in.

02 / VERIFY
Proximity is proven cryptographically.

SWETA performs a challenge-response handshake using X25519 key exchange and Ed25519 signatures. Your physical presence is verified — not assumed.

03 / PAY
One tap. Payment confirmed.

Transaction payload is encrypted with AES-256-GCM and signed. Amount confirmed. Soundbox announces instantly. Money moves on UPI rails.

04 / DONE
No fraud possible. No QR to fake.

There is no QR code to replace, no screenshot to fake, no VPA to mistype. The attack surface of traditional UPI payments is eliminated entirely.

The Problem

QR codes are
structurally broken.

India's UPI payments depend on a piece of paper anyone can replace. The trust layer is visual, not cryptographic. That's the fundamental flaw.

QR Spoofing

Attackers replace merchant QR stickers with their own. Customers pay the wrong account. Merchants lose money. No one knows until it's too late.

Fake Screenshots

26% of merchants in our study experienced fake payment screenshots. A photo of a "successful" payment shown at the counter. Money never moved.

Wrong Merchant Payments

37% of merchants had customers accidentally pay neighboring shops. QR codes sit next to each other. Humans make mistakes. BLE proximity doesn't.

Spoof Apps

Fake payment apps that simulate the UPI confirmation screen. The soundbox announces. The merchant hands over goods. No money ever left the customer's account.

Traditional QR Payment
QR_SPOOFED
FAKE_SCREENSHOT
WRONG_MERCHANT
SPOOF_APP
Security Architecture

SWETA. The security
layer that changes everything.

Secure Wireless Encrypted Transaction Architecture. Every primitive is audited, open-source, and chosen for a reason.

Key Exchange
X25519 ECDH

Ephemeral session key derived fresh for every transaction. Session keys live in memory only and expire the moment the payment completes. No key reuse. Ever.

Signatures
Ed25519

Every BLE advertisement, handshake message, and payment payload is signed. Merchant identity is verified against a NexPay CA-issued certificate before any transaction begins.

Encryption
AES-256-GCM

All transaction metadata encrypted with authenticated encryption. Confidentiality and integrity in a single pass. No MITM attack is cryptographically feasible.

Key Derivation
HKDF-SHA256

Session keys derived with context binding — client ID, merchant ID, timestamp, and nonce. A captured handshake from any other session is cryptographically useless.

Proximity Defense
RTT Relay Detection

Round-trip timing checks catch relay attacks that RSSI alone cannot. A relay adds measurable latency. Legitimate physical proximity responds in under 5ms.

Device Trust
Hardware Attestation

Android Play Integrity API and iOS App Attest verify device and app integrity before any session. Rooted or modified devices cannot initiate transactions.

Market Validation

35 merchants.
2 days.
Real signal.

Cold merchant interviews. Zero marketing. Prototype-stage product. The data speaks for itself.

74%
Merchant adoption intent from cold approach
100%
Re-engagement — every merchant agreed to a demo
26%
Had directly experienced UPI fraud
1,150+
Combined daily UPI transactions across 35 merchants
"If it stops fake apps, I want it."
Karthik · Shree Dosa Center
"I need this."
Vijay · Samosa King
"This sounds like the future."
Vikram Singh · Super Fresh Mart
"Students fool me sometimes, I need this."
Anushree · Momos Point
"Kids often scan the wrong board. This would fix that completely."
Kamal
Kamal Stores · Stationary
"Stickers get ruined overtime, no need to print stickers is great."
Kamlesh
Fresh Veggies · Kirana
"Mornings are crazy, this would help clear the rush faster."
Kishore
Laxmi Dairy · Kirana
Market Opportunity

Building on India's
₹139 Trillion foundation.

TAM·₹139T Total UPI Value
SAM·₹55.6T
SOM
₹2.78T

NexPay targets proximity-based UPI transactions at physical merchant locations, estimated at 40% of all UPI volume. A 5% share of this market over 3 years represents ₹2.78 Trillion in transaction value.

Join the Pilot

Be the first.
No QR required.

NexPay is running its first merchant pilot in India. If you're a merchant, investor, or fintech partner, we want to talk to you.

Get Early Access Investor Enquiries
35
Merchants Validated
100%
Re-engagement Rate
Live
Production Backend