How to restrict a shop's wifi to let customers to do only UPI transactions on it? Possible?

Thread Starter

Shafty

Joined Apr 25, 2023
144
Today I went to a convenient store...
Shopped, Dropped (in cart) and Moved to Checkout.
But Data exhausted in my mobile internet.

So, Is there way to let the users (Customers Like Me) to connect to a hotspot just to do only UPI transactions?

How to restrict a shop's wifi to let customers to do only UPI transactions on it? Possible? (Strictly UPI only. Otherwise customers will come to the shop for free wifi to watch porn and all)
 

djsfantasi

Joined Apr 11, 2010
9,156
I assume that UPI is the financial transaction system in India

You can do what you’re asking, but you’ll need a lot more info. If the transaction is done somewhere on the Internet and not local to the retail establishment, you’d need to be able to configure your router. Establish two internal WiFi networks. One for the customers and one for the establishment functions. Then, from the customer WiFi network, you’d restrict outgoing traffic to the UPI server AND ports. Normally, responses would be allowed, but there’s a chance that the system developed by National Payments Corporation of India (NPCI) might need incoming rules as well.

But you need to know how to configure the router’s firewall to do this. And be allowed to do so by your ISP.

There’s no way I could tell you how to do this not knowing the NPCI UPI system nor the hardware needed to connect to your ISP. If this is above your pay grade (knowledge), then you probably would need to hire someone.
 

MisterBill2

Joined Jan 23, 2018
18,174
To limit what can be done through a wifi connection the first step is to assure that there is no means to connect to the internet. In addition, there must only be connection from the wifi port to the software to be used. This implies that no microsoft code should be present on that computer, not the operating system nor the software performing the operation.
 

djsfantasi

Joined Apr 11, 2010
9,156
To limit what can be done through a wifi connection the first step is to assure that there is no means to connect to the internet. In addition, there must only be connection from the wifi port to the software to be used. This implies that no microsoft code should be present on that computer, not the operating system nor the software performing the operation.
On what computer must there be no Microsoft software present?

What if the application resides on the Internet. As UPI does?

I disagree with your statement. With appropriate firewall rules, you can limit external traffic to specific IPs and specific ports from any (& I mean “any”) internal device. Even Microsoft software could not connect to the Internet regardless if it wanted to or not.

And it doesn’t matter if is a stateful connection or stateless connection. Nor if it is persistent or not. Artful configurations can lock down anything. And with an ALF, you can even lock down specific transactions. And even protect against application weaknesses.
 
Last edited:

bassbindevil

Joined Jan 23, 2014
824
Yes, I don't see why you can't add your own router configured as a firewall and access point, even if the ISP provided you with their own router and didn't give you full administrator access to configure it.
 

MisterBill2

Joined Jan 23, 2018
18,174
On what computer must there be no Microsoft software present?
THe computer that has the wifi connection is the only one I am referencing. That statement is based on the reality that Microsoft code is not adequately verified prior to distribution. And that statement is verified by the weekly updates, patches, and assorted fixes issued. Products that are adequately verified do not need constant upgrades.

What if the application resides on the Internet. As UPI doesIf the application resides only as an internet then there is indeed a challenge.

I disagree with your statement. With appropriate firewall rules, you can limit external traffic to specific IPs and specific ports from any (& I mean “any”) internal device. Even Microsoft software could not connect to the Internet regardless if it wanted to or not.

And it doesn’t matter if is a stateful connection or stateless connection. Nor if it is persistent or not. Artful configurations can lock down anything. And with an ALF, you can even lock down specific transactions. And even protect against application weaknesses.
 
Top