A borrower who opens โชคเงิน sees one figure that runs the whole relationship: a pre-approved credit line, drawn down in parts, with interest charged on whatever is outstanding — daily. Per the app's own worked example, a 20,000 THB draw at a 29.2% annual rate accrues at roughly 0.08% a day. That single detail sets the tempo for any integration: the number a partner wants is not a static statement, it is a live position that changes overnight. Most of the interesting data behind this app is exactly that shape — headroom, exposure, and a due-date calendar that move while you watch them.
The service is operated by บริษัท ดิจิทัล พิโก จำกัด (Digital Pico) and built by บริษัท ลานนาโฟล จำกัด (Lanna Flow), per its Play Store listing, and it carries a Pico license from Thailand's Fiscal Policy Office. That framing matters, because it fixes both the ceiling on the data (one modest line per borrower) and the legal route to it (the borrower's consent, under Thai data-protection law). Everything below maps what sits behind the OTP login and how we would reach it.
What sits behind the OTP login
These are the surfaces the app exposes to its own user, named the way the app presents them. An integration reads them for the borrower who has consented — nothing more.
| Data domain | Where it originates in the app | Granularity | What an integrator does with it |
|---|---|---|---|
| Identity & KYC | Onboarding — national ID card fields, phone number, OTP confirmation | One verified profile per borrower | Match the borrower to a partner CRM record; keep to the minimum fields the use case needs |
| Pre-approved credit line | Account home — the "วงเงิน" the app grants up front | Single active line, capped at 50,000 THB (per its listing) | Track headroom; drive top-up or eligibility logic |
| Draw-downs / withdrawals | The "ถอน" flow — cash taken against the line on demand | Per-transaction, timestamped | Reconcile disbursements against a partner ledger |
| Outstanding balance & interest | Account home — used amount plus daily accrual (~0.08%/day in the app's example) | Live, recomputed each day | Real-time exposure, dashboards, risk cut-offs |
| Repayment schedule | Repayment section — due dates across a 91–180 day term | Per-installment | Collections calendar, dunning, reminder automation |
| Payment & payoff history | History — scheduled payments, early closures (no penalty, per the app) | Per-payment | Arrears detection, early-payoff and behaviour scoring |
| Bank account on file | Onboarding — the account used for disbursement and debit | One per borrower | Reconcile transfers; verify settlement |
Getting to the data legally
Three routes apply to an app like this. They differ in what they reach, how long they last, and what we set up to run them.
Borrower-consented session integration
The app authenticates a borrower by phone and OTP, then carries a short-lived session token. Under the borrower's written consent, we capture and document that auth chain and the calls behind the account screens, then replay the credit-line, balance and repayment endpoints on the borrower's behalf. Reachable: everything in the table above. Effort: moderate — the auth is straightforward, the work is in mapping fields accurately and handling token refresh. Durability: good, with a re-validation pass when the app front end changes. Setup: a consenting account and the consent records are arranged with you as the build gets going.
Consent-based data sharing as Thai open data matures
Thailand is building a national, consent-driven data-sharing framework — the Bank of Thailand's "Your Data" project, announced in October 2024, with individuals expected to begin exercising data-sharing rights in the second half of 2026 (per BOT). Its earliest rails, like dStatement, move data between banks. A Pico lender is not a bank, so this is a forward path rather than a channel you can call today. We design the session integration so that swapping in a standardized consent channel later is a contained change, not a rebuild.
Native records the borrower can pull
Where the app lets a borrower view or export their own schedule and payment list, that content is a lightweight fallback for the slower-moving data (the calendar, the payment log). It will not carry the live daily-interest figure well, so we treat it as a supplement, not the source of truth for exposure.
What we would build first is the consented session — it is the only route that reads the live position now, and Thai data-protection law gives the borrower a clear right to authorize it. The Your Data path is where we would migrate the same integration once a standard channel reaches non-bank lenders.
What lands in your repo
Each item is scoped to this app's real surfaces — the credit line, the accruing balance, the repayment calendar.
- An OpenAPI (Swagger) specification for a clean read API over the borrower's line, balance, draw-downs, schedule and payment history.
- A protocol and auth-flow report: the OTP-to-token exchange, session lifetime, refresh behaviour, and the request/response shape of each account call as confirmed during the build.
- Runnable source for the key endpoints in Python and Node.js — the auth loop, a balance/headroom fetch, and a repayment-schedule pull.
- Automated tests, including a fixture that exercises the daily-interest rollover so a stale balance is caught.
- Interface documentation a partner engineer can follow without us in the room.
- Data-retention and consent-record guidance sized to PDPA obligations for sensitive financial data.
A look at the credit-line call
Illustrative shape only; field names and the token lifetime are confirmed against the live session during the build. It shows the two moves that matter — authenticate, then read the position.
POST /api/v1/auth/otp/verify
{ "phone": "+66XXXXXXXXX", "otp": "••••••" }
→ 200 { "access_token": "…", "token_type": "Bearer", "expires_in": 1800 }
GET /api/v1/credit-line
Authorization: Bearer …
→ 200 {
"currency": "THB",
"approved_limit": 50000,
"available": 32500,
"outstanding": 17500,
"daily_rate": 0.0008, # ~0.08%/day, per the app's worked example
"accrued_interest_today": 14.0,
"as_of": "2026-07-02T02:00:00+07:00"
}
# 401 -> OTP session expired; re-run auth before reading exposure.
# "as_of" is load-bearing: interest is recomputed daily, so the caller
# must know how fresh the number is.
Keeping the sync honest
Two facts drive the freshness design. The balance moves every day because interest accrues daily, and the session token is short-lived. So we run a scheduled pull keyed to the daily rollover plus an on-demand refresh before any decision that reads exposure, and we carry an as_of stamp through the API so a caller never mistakes a cached figure for the current one. When the app updates its screens, field mappings can shift; a re-validation step in maintenance catches that before it reaches your data.
Pico rules, PDPA consent, and where Thai open data is heading
โชคเงิน operates under a Pico license from the Ministry of Finance, supervised by the Fiscal Policy Office rather than the Bank of Thailand's bank regime. Thai Pico rules cap a single line at 50,000 THB and allow an all-in effective rate up to 36% a year (per Thai legal summaries); the app advertises up to 32% APR (per its Play listing). Those limits are why the dataset is one small line per borrower.
The dependable legal basis for reaching that data is the borrower's consent under Thailand's Personal Data Protection Act, in force since June 2022. The PDPA treats financial information as sensitive personal data requiring explicit consent, and it gives the data subject rights to access and to data portability — the borrower can authorize sharing of what the lender holds about them, and can withdraw that consent at any time. We build to that: scoped consent, consent records kept with the integration, data minimized to the fields the use case needs, and NDAs where a client requires them.
The country's shared open-data channel is still ahead of us. BOT's "Your Data" framework and dStatement point to consent-based sharing becoming standardized, with citizens exercising data-sharing rights from the second half of 2026 (per BOT), but those rails begin inside the banking sector and do not yet cover a Pico lender. We treat that as the direction of travel, not present-day plumbing, and keep the build ready to adopt it.
Build details worth flagging
The daily-interest accrual is the first thing we plan around. Because the outstanding figure and the interest on it change overnight, we design the sync so the API never serves a balance without saying how old it is, and we test the day-boundary case directly. A borrower's line can also close mid-term — the loan runs 91 to 180 days — so we model the single-active-line shape the Pico ceiling implies and reflect a closed or repaid line rather than leaving a dangling record.
The second is the OTP-gated session. Access rests on a phone-OTP login with a short token, so we build the refresh loop so a borrower's consent stays live without a fresh prompt on every call, and we log each read against the consent that authorized it. Access itself — a consenting test account and the PDPA paperwork — is set up with you while the work gets going; it is part of what we do, not something to sort out before we can start.
Screens we mapped
Store screenshots we reviewed while mapping the account surfaces. Select to enlarge.
Other Thai lending apps in the same bucket
If the goal is one integration across several Thai consumer-credit apps, these sit in the same category and hold comparable per-user data. Named for context only.
- MoneyThunder — Abacus Digital (SCBX) lending app; holds personal-loan and nano-finance account state under BOT supervision.
- FINNIX — MONIX (SCBX) revolving credit line; per-user limit and draw-down records behind an app login.
- PROMISE สินเชื่อส่วนบุคคล — personal-loan app carrying application status and repayment records.
- Good Money — Government Savings Bank digital lending app for underserved borrowers, built on Mambu.
- Siam DL (Siam Digital Lending) — personal-loan and nano-finance products with in-app account balances.
- Kredivo Thailand — buy-now-pay-later and installment credit; per-user limits and repayment schedules.
- DigiCredit — instant-loan app with per-borrower limit and disbursement history.
- ป๋าเปย์ (PaPa Pay) — cash-ready credit line with draw-down and repayment data.
How we checked
We read the app's Google Play listing and its stated product terms on 2 July 2026, then cross-checked the Pico licensing and interest ceiling against Thai legal summaries and confirmed the data-portability picture against the Bank of Thailand's own open-data and "Your Data" pages. Primary sources:
- โชคเงิน on Google Play (product terms, operator, contact)
- Bank of Thailand — Project "Your Data" (Oct 2024 announcement)
- Bank of Thailand — dStatement (Digital Bank Statement)
- Pico finance license overview — Fiscal Policy Office supervision, limits
Mapped by the OpenBanking Studio integration desk, 2 July 2026.
Questions integrators ask about โชคเงิน
Which of โชคเงิน's numbers can a consented session actually reach?
The pieces that move: the pre-approved credit line, the unused headroom, the current outstanding amount, and the interest accruing on it each day. Alongside those sit the 91-to-180-day repayment schedule and the record of payments made or lines closed early. Identity and bank-account fields are read only to the extent the integration needs them.
โชคเงิน is Pico-licensed rather than a bank, so does that change the legal basis?
It does. The service sits under Fiscal Policy Office supervision as a Pico lender, not under the bank rules that drive schemes like dStatement. So the dependable basis for reaching its data is the borrower's own PDPA consent to share records held about them, not a bank-to-bank portability channel.
Will Thailand's 'Your Data' framework give a cleaner channel later?
It may. The Bank of Thailand has said individuals begin exercising data-sharing rights in the second half of 2026, per its own announcement, but that framework started with banks. We build against the borrower-consented session now and can move to a standardized channel once one covers Pico lenders.
Do we need our own โชคเงิน account before you can build this?
No wall to clear first. The starting point is the app name and what you want out of its data; a consenting test account and the PDPA paperwork are arranged with you while the work gets going.
Getting it built
Most of these builds hand off inside one to two weeks. You can take it as source-code delivery from $300 — runnable code, the OpenAPI spec, tests and documentation, paid only after we deliver and you are satisfied — or skip running anything yourself and call our hosted endpoints, paying per call with nothing upfront. Tell us the app and what you need from its data at /contact.html and we will scope it against these surfaces.
App profile — โชคเงิน - กู้ไว ปลอดภัย
All figures below are as stated on the app's Google Play listing.
- Package ID: com.lanna.flow.loan
- Category: Finance — online personal loan / revolving credit line
- Operator / lender: บริษัท ดิจิทัล พิโก จำกัด (Digital Pico), holding a Pico license from Thailand's Fiscal Policy Office
- Developer: บริษัท ลานนาโฟล จำกัด (Lanna Flow), lannaflow.com
- Loan amount: 1,000–50,000 THB
- Term: minimum 91 days, maximum 180 days
- Advertised rate: up to 32% APR
- Onboarding: phone number + OTP, national ID card details, bank account
- Markets: Thailand (Thai-language app)