Skip to main content

C.2 InApp Deposit/Withdraw

InApp Deposit/Withdraw enables brokers to embed their cashier functionality directly within cTrader, allowing users to perform financial transactions without leaving the trading platform. This module provides a seamless funding experience while maintaining broker control over payment processing.

Overview

The InApp Deposit/Withdraw module enables:

  • Embedded cashier functionality within cTrader interface
  • Seamless deposit and withdrawal workflows
  • Broker-branded payment processing screens
  • Real-time balance updates and confirmations
  • Support for multiple payment methods and currencies

Prerequisites

Before implementing InApp Deposit/Withdraw, ensure completion of:

  • Part A: All foundation requirements
  • Part B: Either B.1 (Full SSO) or B.2 (Light Identity Handoff)

Architecture

Integration Flow

  1. User Initiation: User clicks deposit/withdraw button in cTrader
  2. Token Generation: cTrader backend generates OT token for user context
  3. Screen Launch: Broker cashier screen opens with token authentication
  4. Transaction Processing: User completes transaction in broker interface
  5. Result Communication: Transaction result communicated back to cTrader

Authentication Methods

  • Full SSO: Long-term tokens with broker-owned identity
  • Light Identity: One-time tokens with cTrader identity provider

Implementation Flow

Deposit Flow

Stage 1: User Initiation

  1. User clicks deposit button in cTrader

    • Located in cTrader interface (toolbar, menu, or ribbon)
    • Triggers deposit workflow initiation
    • User context available for token generation

  2. cTrader backend generates OT token

    • Endpoint: /ctid2/inAppOneTimeToken/data (Light Identity)
    • Context: User ID, account info, action type (deposit)
    • Token: Short-lived token for broker authentication

Stage 2: Broker Screen Launch

  1. cTrader opens broker deposit screen

    • URL: https://brokerCrmUrl.com/inapp/deposit
    • Parameters: token, account, lang, source, theme
    • Method: Opens in embedded browser/modal within cTrader

  2. Broker screen validates token

    • Validation: Verify OT token validity and user context
    • User Identification: Extract user information from token
    • Account Context: Load user's trading accounts

Stage 3: Deposit Processing

  1. User selects deposit method and amount

    • Payment method selection (credit card, bank transfer, etc.)
    • Amount entry and currency selection
    • Account selection for deposit destination

  2. Broker processes payment transaction

    • Integration with payment provider
    • Transaction validation and processing
    • Real-time status updates

Stage 4: Completion and Communication

  1. Transaction completion

    • Payment confirmation received
    • Account balance updated
    • Transaction recorded in broker system

  2. Result communication to cTrader

    • Callback: Notify cTrader of successful deposit
    • Balance Update: Update account balance in cTrader
    • User Notification: Show confirmation to user

Withdrawal Flow

Stage 1: User Initiation

  1. User clicks withdraw button in cTrader

    • Triggers withdrawal workflow
    • User and account context available

  2. cTrader backend generates OT token

    • Similar to deposit flow
    • Action context set to "withdraw"

Stage 2: Broker Screen Launch

  1. cTrader opens broker withdrawal screen

    • URL: https://brokerCrmUrl.com/inapp/withdraw
    • Parameters: token, account, lang, source, theme

  2. Broker screen validates and pre-loads

    • Token validation and user identification
    • Load available withdrawal methods
    • Display account balances and withdrawal limits

Stage 3: Withdrawal Processing

  1. User completes withdrawal request

    • Select withdrawal method
    • Enter withdrawal amount
    • Provide required verification information

  2. Broker processes withdrawal

    • Validation of withdrawal request
    • Compliance checks and verification
    • Initiation of withdrawal transaction

Stage 4: Completion and Communication

  1. Withdrawal processing

    • Transaction submitted for processing
    • Status tracking and updates
    • Compliance documentation

  2. Result communication

    • Withdrawal status communicated to cTrader
    • Account balance updates (if applicable)
    • User notifications and confirmations

API Specifications

cTrader Backend Endpoints

OT Token Generation (Light Identity)

GET /ctid2/inAppOneTimeToken/data
Authorization: Bearer {userSessionToken}

Response Example:

{
    "otToken": "abc123xyz789",
    "userId": 12345,
    "email": "user@example.com",
    "tradingLogin": 67890,
    "action": "deposit",
    "expiresAt": "2023-01-01T12:05:00Z"
}

Broker CRM Required Endpoints

Token Validation

POST /api/validate-token
Content-Type: application/json

Request Body:

{
    "token": "abc123xyz789"
}

Response Example:

{
    "valid": true,
    "userId": 12345,
    "email": "user@example.com",
    "tradingLogin": 67890,
    "accounts": [
        {
            "login": 67890,
            "balance": 10000.00,
            "currency": "USD"
        }
    ]
}

Balance Update Callback

POST /ctrader/callback/balance-update
Content-Type: application/json
Authorization: Bearer {crmApiToken}

Request Body:

{
    "tradingLogin": 67890,
    "newBalance": 10500.00,
    "transactionId": "txn_123456",
    "transactionType": "deposit",
    "amount": 500.00,
    "currency": "USD",
    "timestamp": "2023-01-01T12:00:00Z"
}

Required Screens

Deposit Screen

  • URL: /inapp/deposit
  • Parameters: token, account (optional)
  • Functionality:
    • Payment method selection
    • Amount entry and validation
    • Account selection
    • Payment processing
    • Transaction confirmation

Withdrawal Screen

  • URL: /inapp/withdraw
  • Parameters: token, account (optional)
  • Functionality:
    • Withdrawal method selection
    • Amount entry with limits validation
    • Verification information collection
    • Withdrawal processing
    • Status tracking

Implementation Requirements

Broker CRM Requirements

Payment Integration

  • Payment Provider Integration: Connect with payment processors
  • Method Support: Support multiple payment methods
  • Currency Handling: Multi-currency support
  • Compliance: Regulatory compliance for financial transactions

Security Requirements

  • PCI Compliance: PCI DSS compliance for card processing
  • Data Protection: Secure handling of financial data
  • Fraud Detection: Implement fraud detection mechanisms
  • Audit Trail: Complete transaction audit logging

Frontend Requirements

Responsive Design

  • Mobile Compatibility: Optimize for mobile devices
  • Touch Interface: Touch-friendly payment forms
  • Loading States: Clear loading indicators during processing
  • Error Handling: User-friendly error messages

User Experience

  • Progress Indicators: Multi-step process indicators
  • Form Validation: Real-time form validation
  • Confirmation Screens: Clear transaction confirmations
  • Help Support: Access to help and support during process

URL Examples

Deposit URLs

<!-- Basic deposit URL -->
https://brokerCrmUrl.com/inapp/deposit?token=abc123&lang=en

<!-- With specific account -->
https://brokerCrmUrl.com/inapp/deposit?token=abc123&account=67890&lang=en

<!-- With theme and source -->
https://brokerCrmUrl.com/inapp/deposit?token=abc123&account=67890&lang=en&theme=dark&source=Mobile

Withdrawal URLs

<!-- Basic withdrawal URL -->
https://brokerCrmUrl.com/inapp/withdraw?token=xyz789&lang=en

<!-- With specific account and theme -->
https://brokerCrmUrl.com/inapp/withdraw?token=xyz789&account=67890&lang=en&theme=light

Error Handling

Payment Processing Errors

{
    "error": "Payment Failed",
    "message": "Payment processing failed. Please try again.",
    "code": "PAYMENT_FAILED",
    "retryAllowed": true
}

Insufficient Funds

{
    "error": "Insufficient Funds",
    "message": "Insufficient funds for withdrawal.",
    "code": "INSUFFICIENT_FUNDS",
    "availableBalance": 1000.00,
    "requestedAmount": 1500.00
}

Token Errors

{
    "error": "Invalid Token",
    "message": "Authentication token is invalid or expired.",
    "code": "INVALID_TOKEN"
}

Security Considerations

Financial Security

  • Encryption: Encrypt all financial data transmission
  • Token Security: Secure token generation and validation
  • Session Management: Secure session handling
  • Access Control: Proper access controls for financial operations

Compliance Requirements

  • KYC/AML: Know Your Customer and Anti-Money Laundering compliance
  • Regulatory Reporting: Transaction reporting requirements
  • Data Protection: GDPR and other data protection compliance
  • Audit Requirements: Comprehensive audit trail maintenance

Testing Requirements

Functional Testing

  • Deposit Flow: Test complete deposit process
  • Withdrawal Flow: Test complete withdrawal process
  • Error Scenarios: Test various error conditions
  • Edge Cases: Test unusual scenarios and edge cases

Security Testing

  • Payment Security: Test payment security mechanisms
  • Data Protection: Verify data protection measures
  • Access Control: Test access control mechanisms
  • Vulnerability Testing: Security vulnerability assessment

Performance Testing

  • Load Testing: Test with multiple concurrent transactions
  • Stress Testing: Test system limits and recovery
  • Response Time: Ensure acceptable response times
  • Reliability: Test system reliability and uptime

Business Benefits

For User Experience

  • Convenience: Deposit/withdraw without leaving trading platform
  • Speed: Faster transaction processing
  • Accessibility: Easy access to funding options
  • Trust: Familiar broker interface for financial transactions

For Business Operations

  • Conversion: Improved deposit conversion rates
  • Retention: Better user experience improves retention
  • Efficiency: Streamlined transaction processing
  • Analytics: Better transaction data and analytics

For Revenue Generation

  • Increased Deposits: Easier deposit process increases funding
  • Reduced Friction: Less friction leads to more transactions
  • Cross-selling: Opportunities for additional services
  • Customer Lifetime Value: Improved user experience increases CLV

Best Practices

User Experience

  • Clear Instructions: Provide clear, step-by-step instructions
  • Progress Feedback: Keep users informed of progress
  • Error Recovery: Easy recovery from errors
  • Mobile Optimization: Optimize for mobile users

Technical Implementation

  • Async Processing: Use asynchronous processing for long operations
  • Retry Logic: Implement retry logic for failed transactions
  • Logging: Comprehensive logging for debugging and monitoring
  • Monitoring: Real-time monitoring of transaction status

This InApp Deposit/Withdraw integration provides a seamless funding experience within cTrader, enhancing user engagement and transaction conversion rates while maintaining broker control over payment processing.