NetzonPay

Introducing

NetzonPay

A centralized subscription billing platform for all Netzon apps.
Auto-charging • Card Tokenization • Multi-channel PH Payments

MVP Ready FIUU-Powered .NET 10 + Next.js 15

Press → to begin • March 2026

The Problem

Why We Need NetzonPay

Netzon builds 5+ apps for clients and internal use. Each one needs subscription billing — but there's no unified solution.

🔒

Access Gating

Each app needs to gate features behind subscriptions — but they all do it differently.

💳

Payment Collection

Cards, GCash, Maya, BPI — each app would need its own FIUU integration.

🔄

Recurring Billing

Auto-charging stored cards monthly? Each app rebuilding this from scratch is wasteful.

📊

Tracking & Visibility

Who paid? Who didn't? Who's active? No single view across all Netzon apps.

🔧

Maintenance Burden

5 apps × payment integration = 5× the bugs, 5× the security surface, 5× the effort.

⚡

Time to Market

New apps are delayed because billing setup takes weeks each time.

The Solution

One Platform for All Apps

NetzonPay is like Netflix billing — but for every Netzon app. One integration, automatic charging, full visibility.

App

Netzon CRM

App

App B

App

App C

App

App D

Platform
NetzonPay API

        Subscriptions • Auto-charging • Tokenization • Status tracking
      

Gateway

FIUU Payment Gateway

Card charging • E-wallets • 3DS • PCI-DSS compliant

Payment Engine

How FIUU Fits In

FIUU processes the payments. NetzonPay orchestrates the billing.

What FIUU Provides

🏦 Hosted Payment Page

We never touch card data — FIUU handles it

🔐 Card Tokenization

Store cards as tokens for auto-charging

🔄 Recurring Payments

Merchant-initiated transactions with stored tokens

🛡️ 3DS Authentication

First payment = 3DS. Auto-charges skip it.

📱 Multi-channel PH

GCash, Maya, BPI, Visa/MC, QRPH

📡 Webhooks

Real-time payment status notifications

What NetzonPay Builds On Top

📋 App Registry

Register each Netzon app, set plans and pricing

📅 Subscription Management

Track users, plans, billing dates, status

⏰ Auto-Charge Scheduler

Cron job charges stored cards on billing dates

🎛️ Admin Dashboard

Internal tool for Netzon staff to manage everything

🌐 Payment Portal

User-facing page for plan selection and payment

🔍 Status API

Apps call this to check if subscription is active

Architecture

System Architecture

Frontend

Next.js 15

Dashboard + Payment Portal
shadcn/ui • Better Auth

Backend
.NET 10 Web API

          Controllers • Services • Background Workers

          EF Core • FluentValidation • Serilog

Database

PostgreSQL 16

ACID • JSONB

Cache / Jobs

Redis 7

Locks • Queue

Gateway

FIUU

pay.fiuu.com
api.fiuu.com

Minimal APIs / Controllers Background Services TanStack Query Hangfire Jobs

Stack

Tech Stack

⚙️ Backend (.NET 10)

Runtime	.NET 10 (LTS)
ORM	Entity Framework Core 10
Database	PostgreSQL 16
Cache	Redis + Hangfire
HTTP Client	Refit (typed)
App Auth	API Key (X-Api-Key)
Admin Auth	JWT Bearer
Validation	FluentValidation
Logging	Serilog + Seq

🎨 Frontend (Next.js 15)

Framework	Next.js 15 (App Router)
UI	shadcn/ui + Tailwind CSS
State	TanStack Query
Forms	react-hook-form + zod
Auth	Better Auth
Charts	Recharts
Toasts	Sonner

🐳 Infrastructure

Local	Docker Compose
Production	AWS ECS / Vercel
FIUU	Sandbox → Production

MVP Features

What We're Building

📋

App Registry

Register Netzon apps, generate API keys, configure payment channels per app. Each app gets a unique nzp_xxxx key.

📅

Subscription Plans

Create plans per app: Monthly, Quarterly, Annual. Set PHP amounts, trial periods, billing cycles. Maps to FIUU recurring.

🌐

Payment Portal

User-facing page showing app name, plans, prices. Redirects to FIUU hosted page. Card tokenized for auto-charging.

⚡

Auto-Charging

Daily scheduler charges stored tokens via FIUU API. 3 retries over 7 days. Netflix-style recurring billing.

🎛️

Admin Dashboard

Overview stats, subscriber management, payment logs, manual actions (cancel, refund, retry). Real-time visibility.

🔍

Status API

Apps call GET /subscriptions/check to gate access. Returns active status, plan, expiry. Simple boolean check.

Data Model

Database Design

PostgreSQL 16 — 7 tables powering the entire billing lifecycle.

apps

PK id UUID

name VARCHAR

slug UNIQUE

api_key HASHED

callback_url

is_active BOOL

plans

PK id UUID

FK app_id

billing_cycle VARCHAR

amount DECIMAL

trial_days INT

is_active BOOL

subscribers

PK id UUID

FK app_id

external_user_id

email VARCHAR

name VARCHAR

phone VARCHAR

subscriptions

PK id UUID

FK subscriber_id

FK plan_id

status ENUM

period_start / end

retry_count INT

payment_methods

PK id UUID

FK subscriber_id

type card/ewallet

fiuu_token ENCRYPTED

card_last4 / brand

is_default BOOL

payments

PK id UUID

FK subscription_id

amount DECIMAL

status ENUM

fiuu_txn_id BIGINT

fiuu_channel / status

payment_sessions

PK id UUID

FK subscriber_id

FK plan_id

status ENUM

expires_at TIMESTAMPTZ

return_url

audit_logs

PK id UUID

admin_user

action VARCHAR

entity_type / id

details JSONB

created_at

API

API Design

🔑 App API X-Api-Key

// Create payment session
POST /api/v1/sessions
{ app_id, external_user_id, email,
  plan_id, return_url }
→ { session_id, payment_url }

// Check subscription status
GET /api/v1/subscriptions/check
  ?app_id=...&external_user_id=...
→ { active: true, plan, expires_at }

// Cancel subscription
POST /api/v1/subscriptions/{id}/cancel
→ { status: "cancelled", access_until }
      

🛡️ Admin API JWT Bearer

// Dashboard stats
GET /api/v1/admin/dashboard
→ { total_subscribers, active, revenue,
    recent_payments[] }

// CRUD endpoints
GET/POST/PUT/DEL /admin/apps
GET/POST/PUT/DEL /admin/plans
GET             /admin/subscribers
GET             /admin/payments

// Manual actions
POST /admin/subscriptions/{id}/retry
POST /admin/subscriptions/{id}/refund
      

📡 FIUU Webhooks Server-to-Server

POST /fiuu/return

Browser redirect — user comes back after payment. Verify skey, update payment, redirect to success.

POST /fiuu/notify

Server-to-server notification (most reliable). Verify skey, update payment idempotently.

POST /fiuu/callback

Deferred updates — for cash payments, status changes. Return CBTOKEN:MPSTATOK.

Live Demo

Interactive Payment Flow

Experience the full payment lifecycle. Toggle between client and admin views.

Landing

Plans

Payment

Processing

Success

App Access

https://haotang.app

HAO
TANG

Staff & Kitchen Portal

Streamline your restaurant operations with real-time order management, kitchen coordination, and staff dashboards.

Everything You Need

📋

Order Management

Track and manage orders in real-time

👨‍🍳

Kitchen Dashboard

Kanban board for kitchen workflow

📊

Analytics

Sales reports and insights

👥

Staff Management

Roles, shifts, and permissions

🏪

Multi-Branch

Manage multiple locations

🔔

Live Updates

Real-time order notifications

HAO
TANG

Choose Your Plan

All plans include core POS features. Scale as you grow.

Starter

₱999/mo

1 Branch
Basic POS
Staff Dashboard
Email Support

Professional

₱1,999/mo

3 Branches
Kitchen Dashboard
Analytics & Reports
Priority Support

Enterprise

₱3,999/mo

Unlimited Branches
All Features
Custom Integrations
Dedicated Support

FIUU

₱1,999.00

Hao Tang — Professional Plan

💳 Visa/MC

GCash

Maya

BPI

✓

Save card for future payments

Processing your payment...

○ Connecting to payment gateway...

○ Verifying card with 3D Secure...

○ Processing payment...

○ Tokenizing card for future charges...

○ Activating subscription...

✓

Welcome to Hao Tang! 🍲

Your subscription is now active. Access your Staff & Kitchen Portal.

PlanProfessional

Amount₱1,999.00/mo

Next BillingApril 27, 2026

Payment MethodVisa •••• 1234

FIUU Txn ID#374829105

Powered by NetzonPay — card tokenized for auto-renewal

Staff Dashboard Live

📍 Hao Tang Azuela ▾

Active Orders 8

Carlos Rivera ACTIVE

Mar 27, 2026 — 12:30 PM

2 PaxHotpot & Grill

2× Beef Slice₱0.00

1× Pork Belly₱0.00

2× Extra Rice₱50.00

Total₱50.00

Maria Santos ACTIVE

Mar 27, 2026 — 12:25 PM

4 PaxHotpot Only

4× Mushroom Set₱0.00

2× Tofu Platter₱0.00

1× Seafood Add-on₱180.00

Total₱180.00

Juan Reyes ACTIVE

Mar 27, 2026 — 12:15 PM

3 PaxHotpot & Grill

3× Wagyu Set₱0.00

3× Egg Noodle₱0.00

1× Premium Platter₱350.00

Total₱350.00

Ana Garcia ACTIVE

Mar 27, 2026 — 12:10 PM

2 PaxHotpot Only

2× Pork Slice₱0.00

2× Veggie Mix₱0.00

2× Drink₱80.00

Total₱80.00

Kitchen Dashboard Live

📍 Hao Tang Azuela ▾

New Orders

Order History

Menu Management

Pending 2

Table 1 Refill

12:30 PM

2× Beef Slice

1× Pork Belly

2× Extra Rice

Total₱50.00

Table 3 Refill

12:25 PM

4× Mushroom Set

1× Seafood Add-on

Total₱180.00

Preparing 0

No orders in preparation

Ready 0

No orders ready

Admin Dashboard Live

📍 Hao Tang Azuela ▾

📊

Admin analytics and store management

Dashboard Overview

Active Subs

299

↑ +12 this week

Past Due

12

Revenue (Month)

₱92,690

↑ +8.3%

Failed Charges

5

Recent Payments

Subscriber	App	Amount	Status	Time
Juan Dela Cruz	Hao Tang	₱1,999	PAID	Just now
Maria Santos	Netzon CRM	₱299	PAID	2 min ago
Pedro Reyes	Hao Tang	₱3,999	FAILED	15 min ago
Ana Garcia	Netzon CRM	₱2,990	PAID	1 hr ago
Rico Mendoza	Hao Tang	₱999	PAID	2 hr ago

Auto-Charge Simulation

See what happens when the billing cycle hits

⏰

Scheduler
Triggers

🔐

Get Stored
Token

💳

Charge
via FIUU

✓

Payment
Success

📅

Extend
Sub

Registered Apps

App Name	Slug	Status	Subscribers	API Key
Hao Tang	haotang	ACTIVE	187	nzp_ht_••••••
Netzon CRM	netzon-crm	ACTIVE	98	nzp_crm_••••••
TimeTracker Pro	timetracker	ACTIVE	14	nzp_tt_••••••
Inventory Hub	inventory-hub	PENDING	0	nzp_ih_••••••

Subscribers

Name	App	Plan	Status	Next Billing
Juan Dela Cruz juan@email.com	Hao Tang	Professional ₱1,999/mo	ACTIVE	Apr 27, 2026
Maria Santos maria@email.com	Netzon CRM	Monthly ₱299/mo	ACTIVE	Apr 15, 2026
Pedro Reyes pedro@email.com	Hao Tang	Enterprise ₱3,999/mo	PAST DUE	Overdue
Ana Garcia ana@email.com	Netzon CRM	Annual ₱2,990/yr	ACTIVE	Mar 26, 2027
Rico Mendoza rico@email.com	Hao Tang	Starter ₱999/mo	ACTIVE	Apr 20, 2026
Lisa Tan lisa@email.com	TimeTracker Pro	Monthly ₱199/mo	TRIALING	Apr 10, 2026

Payment Transactions

Subscriber	Amount	Status	Channel	FIUU TXN	Date
Juan Dela Cruz	₱1,999.00	PAID	Visa	#374829105	Mar 27, 2026 10:32
Maria Santos	₱299.00	PAID	GCash	#374829098	Mar 27, 2026 10:30
Pedro Reyes	₱3,999.00	FAILED	Visa	#374829091	Mar 27, 2026 10:17
Ana Garcia	₱2,990.00	PAID	Mastercard	#374828955	Mar 27, 2026 09:32
Rico Mendoza	₱999.00	PAID	Maya	#374828901	Mar 27, 2026 08:45
Lisa Tan	₱199.00	PENDING	BPI	#374828880	Mar 27, 2026 08:20

Settings

FIUU Gateway

Environment: SANDBOX

Merchant ID: NZP_SANDBOX_001 • Verify Key: ••••••••

Auto-Charge Schedule

Runs daily at 2:00 AM PHT

Max retries: 3 • Retry window: 7 days • Grace period: 3 days

Notifications

Email provider: Resend

Payment receipt ✓ • Renewal reminder ✓ • Failed charge alert ✓

Rate Limits

App API: 100 req/min • Admin API: 60 req/min • Session creates: 10/min per user

Core Engine

Auto-Charging Flow

The heart of Netflix-style billing — daily scheduler + stored card tokens + FIUU API.

How It Works

// AutoChargeWorker.cs — runs daily at 2 AM PHT

1. Query subscriptions WHERE
   status = 'active'
   AND current_period_end <= NOW()
   AND payment_method.type = 'card'

2. For each due subscription:
   AcquireRedisLock("autocharge:{id}")
   GetStoredToken(subscriber_id)
   ChargeFiuuToken(token, amount)

3. If success (00):
   → payment.status = "success"
   → ExtendPeriod(+1 cycle)

4. If failed (11):
   → payment.status = "failed"
   → subscription.status = "past_due"
   → retry_count += 1
   → If retry > 3 → "expired"
      

Retry Schedule

Retry	Delay	Action
1st	+1 day	Auto-retry charge
2nd	+3 days	Retry + email warning
3rd	+7 days	Final retry + "ending" email
Failed	—	Status → expired, access revoked

E-Wallet Subscribers

⚠️ GCash, Maya, and bank transfers cannot be auto-charged — they require user action each time.

→ Send payment reminder before billing date
→ Provide a "Renew" link (creates new payment session)
→ Grace period → past_due → expired

Security

Security & Compliance

🔒

HTTPS Everywhere

TLS 1.3 on all endpoints. User → Portal, Portal → FIUU, Apps → API, Dashboard → API.

🛡️

PCI-DSS Compliant

Card data never touches our servers. FIUU is PCI-DSS v4.0 certified. We stay out of PCI scope.

🔐

Hash Verification

Every FIUU response verified via skey hash (MD5 chain). Constant-time comparison prevents timing attacks.

🗝️

Secret Management

FIUU keys in env vars. API keys hashed (SHA-256). Passwords hashed (Argon2id). Tokens AES-256 encrypted.

🚦

Rate Limiting

100 req/min per API key. 60 req/min per admin. 10 session creates/min per user. No limit on FIUU webhooks.

🔄

Idempotency

FIUU webhooks may fire multiple times. We use fiuu_txn_id as idempotency key + Redis locks to prevent double-processing.

🚫

Never Stored

Card numbers, CVV, full expiry, bank passwords — none of these ever hit our servers or database.

📝

Audit Trail

All admin actions logged in audit_logs table with JSONB details. WHO did WHAT to WHICH entity, WHEN.

Roadmap

Phased Delivery Plan

12 weeks to production. Four focused phases, each with a clear deliverable.

Phase 1

Foundation

Weeks 1-3

.NET 10 Web API setup
Database schema + migrations
FIUU integration (vcode, skey)
Webhook handlers
Payment portal page
Docker Compose + sandbox

Basic payment flow E2E

Phase 2

Subs & Dashboard

Weeks 4-6

Subscription lifecycle
Status check API
Card tokenization
Admin dashboard UI
Subscriber management
Refund flow

Full lifecycle + admin visibility

Phase 3

Auto-Charging

Weeks 7-9

Daily charge scheduler
FIUU recurring tokens
Retry logic (3x / 7 days)
Redis distributed locks
Email notifications
Subscription management portal

Netflix-style auto-billing

Phase 4

Production

Weeks 10-12

Security hardening
API docs (OpenAPI)
Load testing (500 subs)
FIUU production setup
Cloud deployment
First app integration

Live with first Netzon app

Discussion

Open Questions

Items that need resolution before or during implementation.

#	Question	Who	Priority
1	FIUU merchant account — Do we have sandbox + production credentials?	Biz + FIUU	BLOCKER
2	MIT support — Confirm FIUU supports merchant-initiated transactions with stored tokens in PH	FIUU Tech	BLOCKER
3	Token flow — Does FIUU auto-tokenize on hosted page (token_status=1)?	FIUU Tech	HIGH
4	Auto-charge API — Which FIUU endpoint for recurring charges with stored token?	FIUU Tech	HIGH
5	E-wallet recurring — Can GCash/Maya be auto-charged? Or only cards?	FIUU Tech	MEDIUM
6	Pricing — What amounts will each Netzon app charge subscribers?	Product	MEDIUM
7	Pilot app — Which Netzon app goes first for integration?	Management	MEDIUM

Next Steps

Let's Build NetzonPay

A unified payment platform serving all Netzon apps with Netflix-style auto-charging.

1️⃣

Resolve Blockers

Get FIUU sandbox credentials and confirm MIT support

2️⃣

Start Phase 1

.NET API setup, database, FIUU integration, payment portal

3️⃣

Pick Pilot App

Select first Netzon app for integration testing

Questions?

NetzonPay MVP • March 2026 • 12-week delivery