A NestJS-based REST API that automates bank payment processing through Android device automation using Appium and WebDriverIO.
This API automates payment flows for Russian banks by controlling Android devices/emulators. Currently supports Tinkoff Bank payment processing via QR codes using the SBP (Faster Payments System) protocol.
- Automated Tinkoff Bank Payments: Process QR-based payments automatically
- Multi-Device Support: Manages up to 3 Android emulators simultaneously
- Automatic Authentication: Handles PIN entry for Tinkoff Bank app
- Queue Management: Distributes payment requests across available devices
- Framework: NestJS 10.x
- Language: TypeScript
- Automation: WebDriverIO 8.x + Appium
- Runtime: Node.js
- Node.js (v16+)
- Appium Server running on configured host
- Android emulator(s) with:
- Chrome browser installed
- Tinkoff Bank app installed and configured
noResetcapability enabled to preserve app state
npm installCreate a .env file in the project root:
EMULATOR_IP='192.168.0.2'
EMULATOR_PORT_ONE='4723'
EMULATOR_PORT_TWO='4724'
EMULATOR_PORT_THREE='4725'EMULATOR_IP: IP address where Appium server is runningEMULATOR_PORT_*: Ports for each Appium instance (one per emulator)
# Development mode with hot-reload
npm run start:dev
# Production mode
npm run start:prod
# Debug mode
npm run start:debugThe API server starts on http://localhost:3000
Processes a Tinkoff Bank payment via QR code URL.
Request Body:
{
"url": "https://qr.nspk.ru/AD10002O6J4LS2SD98CBJGAML0P94GO2?type=02&bank=100000000004&sum=20600&cur=RUB&crc=D547"
}Response:
"goot"- API receives payment URL via POST request
- Selects an available Android emulator from the pool
- Connects to emulator via Appium/WebDriverIO
- Opens Chrome browser and navigates to payment URL
- Detects and clicks "Tinkoff Bank" option
- Checks if PIN entry is required
- Automatically enters PIN (7-0-8-3)
- Releases emulator back to available pool
src/
├── tinkoff-pay/ # Tinkoff payment automation module
│ ├── dto/ # Data transfer objects
│ ├── tinkoff-pay.controller.ts
│ ├── tinkoff-pay.service.ts
│ └── tinkoff-pay.module.ts
├── pay-monero/ # Monero payment module (stub)
├── authorization/ # Authorization module (stub)
├── authentication/ # Authentication module (stub)
├── app.module.ts
└── main.ts
Manual test scripts are provided:
# Test Tinkoff payment flow
node testTin.js
# Test Sberbank flow (experimental)
node testSber.js
# Test Sovcombank flow (experimental)
node testSov.jsThe service manages a pool of 3 Android emulators. When a payment request arrives:
- An available emulator is selected and marked as busy
- Payment automation runs on that device
- Upon completion, the emulator is marked as available
- If all emulators are busy, the request waits 5 seconds and retries
- Store credentials securely (environment variables, secrets manager)
- Implement proper authentication/authorization
- Use encrypted communication channels
- Audit all payment transactions
- Currently only supports Tinkoff Bank
- Requires pre-configured Android devices with logged-in bank apps
- Hardcoded XPath selectors may break with app updates
- No transaction verification or error handling for failed payments
The project structure includes placeholders for:
- Monero Payments: Cryptocurrency payment processing
- Authentication: User authentication system
- Authorization: Role-based access control
# Format code
npm run format
# Lint code
npm run lint
# Run unit tests
npm run test
# Run e2e tests
npm run test:e2e
# Test coverage
npm run test:covUNLICENSED - Private project
This is an automation tool for personal/testing use. Ensure compliance with bank terms of service and local regulations before deploying in production environments.