In our continued effort to expose grey-market financial infrastructure, we turn to a cluster of mass transaction gateways that have quietly enabled untraceable fund movement on a global scale. These include:
- pay.trx-point
- payplanet / mentgate.payplanet
- globalpay
- wpay
- payservise
- pmtscheckout
Each platform shows consistent hallmarks of unlicensed financial activity, anonymized ownership, and repeated use in networks facilitating gambling-related payouts and crypto exits. Though they maintain a thin appearance of legitimacy—clean UI, vague merchant dashboards—our findings suggest their primary role is facilitating non-transparent, high-volume cash flow redirection.
🔍 Common Infrastructure Traits
Across all listed platforms, we identified the following shared indicators:
- No licensing or regulatory affiliations publicly disclosed
- WHOIS data either anonymized or hidden via offshore registrars
- Landing pages either inactive, redirecting, or cloned from other gateways
- No clear “About” or corporate structure
- Minimal or non-existent customer support contacts
These signs are typical of gateways designed to process funds for high-risk industries—notably gambling, adult entertainment, and crypto arbitrage—without drawing regulatory attention.
🧬 Potential Links to Pakistan: JazzCash & Easypaisa-Style Flows
While none of the listed gateways publicly claim operations in Pakistan, multiple names were observed in fragmented datasets tied to laundering chains involving fake JazzCash/Easypaisa interfaces.
Documents sourced via investigative collaborations include:
- Mentions of
mentgate.payplanetandpmtscheckoutin back-end redirection logs of phishing kits posing as Pakistani PSPs. - Traffic from Pakistan-based IPs appearing in testing environments linked to these domains.
- Payout scripts shared in Telegram channels focused on “bypass-ready wallets” that recommend payservise and wpay as “neutral rails.”
However, at this stage, there is insufficient direct evidence to confirm active deployment in Pakistan. The circumstantial indicators suggest these gateways may serve as hops in longer laundering chains, with Pakistani traffic possibly routed through them as one stage in a broader cross-border structure.
🕳 Shadow Funnels for High-Risk Cash Flow
What makes this cluster dangerous is its scalability. These platforms are built to handle mass programmatic payouts, often via API calls with minimal onboarding requirements. Such infrastructure enables:
- Fake affiliate commissions for gambling networks
- Fast exit for online casino payouts disguised as digital service refunds
- Embedded integrations into Telegram bots or fraud-adjacent browser extensions
Combined with evasive design and no public accountability, they become a risk vector for financial institutions—especially in regions with growing usage of local fintech rails (like Pakistan’s JazzCash/Easypaisa).
🚨 Recommendations for Financial Monitors
We urge payment compliance departments and fraud prevention analysts to:
- Flag activity from these gateway domains and aliases
- Investigate any merchant claims or invoices involving these names
- Monitor for script-based payment automation tools that use these endpoints
- Cross-check referrals and redirect flows in user traffic involving Pakistani wallet themes
🔍 Final Note
As laundering networks become more modular and transnational, platforms like payplanet, wpay, and pmtscheckout form the connective tissue that enables volume, speed, and opacity. Their role in moving illicit funds across jurisdictions—without triggering traditional red flags—should not be underestimated.
This report is based on information obtained through internal tech-forensics, open-source investigation, and limited-access law enforcement datasets. Additional verification is ongoing.