Payment Gateway System Design | Payment Processing | System Design

Подписаться 20 тыс.

Просмотров 189 тыс.

50% 1

Payment Gateway is a software used by ecommerce website to help buyer make payment online. It is usually integrated with a payment ingestion and payment processing unit. In this video I have talked about how card payment works, how 3D secure card payment works, how will you design your own system like Razorpay, Paypal etc. High level software design of payment gateway has been discussed here along with relevant APIs which each service will use.
Payment is a very big domain hence capturing each details in one video is tough and same goes for system design interview or coding interview. Do discuss with your interviewer the topic where focus is required from interviewer's point of view and drill deep into it.
0:00 Introduction
0:45 Content
02:15 Terms to Note
06:03 How Card Payment works?
10:08 How 3D secure Card Payment works?
14:21 Requirements for System Design of Payment Gateway
15:43 Design Considerations
17:46 High Level Design
25:30 Relevant APIs
27:42 Payment Processor
32:55 Susbcribe
You can buy us a coffee at : www.buymeacoffee.com/thetechg...
system design: • System Design | Distri...
DS for beginners: • Arrays Data Structures...
leetcode solutions: • Leetcode 84 | Largest ...
github: github.com/TheTechGranth/theg...
facebook group : / 741317603336313
twitter: / granthtech

Наука

Опубликовано:

5 июл 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 106

@7even463 Год назад

This is an incredibly helpful video. A million thanks!

@jen-yaku6989 8 месяцев назад

Very clear! It helps a lot. Thank you very much.

@dcz9337 4 месяца назад

I have read several RU-vid videos forpayment gateway system design and this is the most detailed one I have ever seen

@RaphaelSousa-or1dl Месяц назад

hello have you implemented a payment gateway design before? I'm trying to come with a design myself but I have some questions, I'd like to discuss with someone

@neerajpatane6682 Год назад

A very good overview for high level understanding . Concepts explained in simple terms.

@poorti2188 2 месяца назад

Explained in simple way with indepth knowledge.. only failed transaction topic couldn't understood in technical terms API and DB impact..

@nitinblue1 2 года назад

Thanks for the video. nice break down of the flow and well explained.

@TheTechGranth 2 года назад

Glad it was helpful. Do like and subscribe and share with others 🙂

@dhenukarangam2799 2 года назад

Learnt a lot from the video. Thank you 😊

@dhwanilshah5680 2 года назад

Amazing video! Waiting for a low level design video of the same 😍😍

@TheTechGranth 2 года назад

Glad it was helpful and thanks for suggestion will add it to my list 🙂 Do like and subscribe and share with others 🙂

@cozimbatman4100 Год назад

Informative...Thank you for the video

@malayk6838 Год назад

Well explained :)...Keep it up Sir...and help us!

@emmanuelerinwusi5539 Год назад

Great work bro! Thank you

@jigarbhati 2 года назад

Good high level overview overall. You missed explaning how failure scenarios are handled which are also crucial to discuss here IMO. 1. How do you ensure Database and Distributed Queue stay in sync? It can happen that database got updated but not the Distributed Queue. e.g. Payment gateway updates database and before it could write to distributed log queue, the payment gateway instance dies. 2. How do you ensure you get exactly-once semantics from the distributed queue so that you don't double process the same txn? e.g. if Payment processor processes the txn and before it could update distributed queue offset, the instance died. When the new instance of processor comes up, how will it ensure the same txn id is not processed again?

@waattzup 2 года назад

Create a video on the same.He has provided the starting point!!

@dhruveshk9457 Год назад

kafka can handle

@subhadevpal2736 Год назад

great explanation.

@mma206224398 2 года назад

this is amazing, i am waiting for the low level design

@TheTechGranth 2 года назад

Glad it was helpful. Do like share and subscribe 🙂

@haridotvenkat Год назад

Thanks for the video. Can redis be used and replace rdbms and distributed queue?

@sirishagch 14 дней назад

Thankyou. It is detailed. How the user session will be maintained in this process?

@vimalanrajendran8142 2 года назад

Which SDLC model are you for Qr code payment?

@gtobadiah6406 2 года назад

Is it the only video you have for payment processor, do you have part 1, 2, 3 ...n of this video?

@civirus0796 2 года назад

Great video Can anyone suggest resources to learn writing such design using python?

@ErhanPatir 4 месяца назад

Is "connecting to external system from internal" a correct design ? or do we need to add something between Payment Processor and outside for security ?

@shilpamaryjose8169 2 месяца назад

Thanks for the details. Just one correction though - It would be the "Interoperability domain" and not "Interportability domain".

@Paradise-kv7fn 2 года назад

But in CAP theorem, sacrificing P doesn’t make sense as networks are unreliable. We just cannot have CA systems. They would be either CP or AP. In our case, consistency is even more important. So, it should probably be a CP system.

@TheTechGranth 2 года назад

Sacrificing P does not mean we don't have partition in our system. Please check out this: ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-ThjBc80X_hU.html

@pariveshplayson 2 года назад

It should be a CP system.

@petar55555 8 месяцев назад

You don't sacrifice P, it always and up being AP or CP, or full CAP is you want to sacrifice latency

@seunghwanson3248 2 года назад

hey, thanks for the video. In your Card Payment work diagram, where and how would PSP (payment service providers) fit in?

@jwang9182 2 года назад

Technically, we are the PSP. payment gateway + payment processor. It is what paypal or stripe does

@omprakash-dz2xh Год назад

I think we Don't need to create a separate API for each payment methods like upi,e-wallets . Payment gateway will call psp and psp will have routing engine which will route the request depending upon payment methods like cards e-wallet etc. This will help right from beginning I.e from load balancer where loads can be distributed on the basis of payment method id to dB

@mondemtakati3648 Год назад

8.Den I 88

@mondemtakati3648 Год назад

8iiii

@OODevelopers 5 месяцев назад

Thanks for this video. I have a doubt here about card transactions. In 3D secure payment we have to deal with otp page right. Once authorization is successfull user will be redirected to otp page that redirection happens directly from issuer bank end? Once issuer verifies otp it will respond to card association and card association responds to pg?

@AdityaKumar-ho8pm Месяц назад

Can you tell me which coding and code stack is best for NBFC/ Bank EMI transaction? And what is the future possibility like AI?

@rahulg Месяц назад

the explanation is good but consistency and availability are 2 conflicting goals. most distributed systems must be designed with partition tolerance as a non-negotiable requirement. This means that during network partitions, the system must continue to operate and serve requests to the best of its ability, even if this results in temporary inconsistencies or reduced availability.

@rajkaran9720 Год назад

Hi Can you also explain how the money is get credit in Merchant account. Is the the issuer bank who's doing the debit and credit both or just Debit and then Payment processor is doing the credit.?

@rachitjain2110 2 года назад

I will not repeat on P part of CAP as there are enough comments already. Other pieces that are not making sense to me are as follows: 1. If the front end fleet moves the request to a queue, the front end service hosts become asynchronous (non-blocking). But they need to reply approve/deny to the caller and that will not work if they put the message in the queue. Because the service that reads from the queue will not have caller's connection to respond back. So I believe that should be a blocking call end to end. 2. Retry logic has flaw. Consider the payment gateway calls the Merchant bank and the host at Merchant bank is super slow and along with that the connection is dropped due to a network glitch. As part of retry, payment gateway will retry with that transaction Id and it goes to another host at Merchant bank that processes it successfully. And now the slow host at Merchant bank also processes the transaction. This can be saved if Merchant bank hosts check for transaction Id and are idempotent.

@shankerlolakapuri8676 2 года назад

IMO: 1. There is no xml/json converted to ISO 8583, merchants/acquirers do generate ISO 8583 (POS machines are capable of doing that and only that). They have to onboard with Payment N/w's like visa,MC and continue to inline with spec changes. May be online wesite sends a json internally to a payment service team who converts json from online to ISO 8583. 2. that number you are referring to in card number is called BIN(6 , now first 8 digits of the card) and issuing bank has to buy it and unique globally 3. On Consistency/partition tolerant, usually most of the issuer banks/processors only use RDBMS over NOSQL and can be highly consistent and never allow parallel processing on single card 4. Its rrn/stan is used e2e for tracking but not the transaction id generated by payment gateway

@Goldenextra Год назад

You really do know these things. Can we be friends?

@AbhishekKumar-vf3cu 2 года назад

Hey, thanks for the video. It helped a lot Can you make system design video of recommendation system? It is asked a lot nowdays

@TheTechGranth 2 года назад

Glad it was helpful. Do like and subscribe and share with others 🙂. Recommendation system has a lot of variety, can you explain your problem statement please

@TheTechGranth 2 года назад

BTW you might want to read about Collaborative Filtering

@ashup5822 9 месяцев назад

You may want to correct the 3D Secure part considerably. There is no PIN exchanged in Online 3dSecure transactions.

@user-ck2pj4vv3o Год назад

Can you explain on the Payment Aggregator Hub asked by banks

@kundanlal4199 Год назад

Hi Sir, Can you explain credit card flow with authentication and authorization, url redirection to user for password and how many cycle it takes, is it direct to bank and user or via payment gateway

@MBA44 10 месяцев назад

ur awesome

@atuladitya2421 2 года назад

Hey, Thanks for the video, I didn't understood the retry logic clearly. Suppose for a transaction_id that has failed, we are pushing that id to a failed queue, but how exactly the retry service is picking that up and working on it. Can you please clarify that.

@TheTechGranth 2 года назад

Retry service will just replay the original flow, as if this was the 1st time message was received, only difference being, this service will pick up the message that was put in failed queue

@proudindian8397 Год назад

@@TheTechGranth what if retry service fails?

@pragatianant5724 Год назад

one thing PG only makes a card txn not net banking and e-wallets. and other Card networks they issue 6-digit BIN to issuing banks

@AnkurGandhi8489 2 года назад

How payment clearing service works in UPI payments?

@skblabla 6 месяцев назад

persistence to DB and message queue will not be transactional, based on the diagram shown, we will have to use outbox pattern with CDC to achieve this

@rawangbr6097 Год назад

very good job can i have the presentation please ?

@nitinblue1 2 года назад

Question - Payment gateway module if i am not wrong is part of amazon itself i guess.. Which means transaction id is being generated within amazon... how do you force outside services to use that same transaction id ? I am sure issuer bank for example will also generate its transaction id, how do you map these 2 transaction ids.

@TheTechGranth 2 года назад

Payment gateway will be with Amazon but payment gateway will have a payment processing module which is provided by acquiring bank. So the transaction id between Amazon and acquiring bank will be in sync based on contract between payment processing module and gateway. For issuer bank and other middle party involved like visa and MasterCard etc. It will all be standard message like ISO 8583 or other switch message, which will have some tracking field for transaction id, which can be provided by acquiring bank/ Amazon itself

@RaphaelSousa-or1dl Месяц назад

If Payment Ingestion and Payment Processor services are two different microservices, shouldn't they have acess to different databases? The way you described they're using the same database, is that right?

@paragbari7820 Год назад

PLease explain How to use the MAP setup.

@aakashmendiratta8158 4 месяца назад

Hey, one question, I believe there should be only one service that interacts with the DB, if you have two components writing to the DB, it will not centralise the logic in one place. So what i mean is to expose the database via apis. Let me know your thoughts on this.

@Seedley Год назад

how do you covert from json to ISO 8583

@AbhishekKumar-vf3cu 2 года назад

Hey, can you make system design video on aadhar system or any web link pls? Thanks and i like your videos ❤

@TheTechGranth 2 года назад

Really glad to hear this. Kindly like subscribe and share with others 🙂 Can you please elaborate on the requirement of Aadhar system?

@uditagrawal6603 2 года назад

Wouldn't creating partition on the basis of date presents problem of hot partition, considering 10M transactions/day. Can we create partitions on the basis of transactionId, as query based on date will be used in clearing service which is done in background, WDYT? Also there can be a transaction archival service which can move the past day transaction to Cassandra for reducing load on RDBMS.

@TheTechGranth 2 года назад

Regarding archival service you are right, we can can have a service like that to move old data to some history database, type of database will depend of the purpose of archived data. If we want to run some aggregation Cassandra can be good choice. For partition, transaction Id won't be a good choice because there will be too many partitions for your table which will cause a lot of maintenance overhead. A good idea will be to have partition on date and have further subpartition of transaction type for the day or some other key which can distribute the transaction for the day

@uditagrawal6603 2 года назад

@@TheTechGranth Thanks for the reply. But wouldn't making partition on date will cause hot partition, as there will be load of around ~10M transactions/day on the single partition only. Instead that load can be distributed across multiple partitions based on transactionId, also there are no such query patterns in the system in which we need to query based on date like in IRCTC or airbnb, except the clearing service(which happens in background). In the real time we would be required to fetch the transaction by txId mostly which can easily be served. Maintainence will always be part of partitioning whatever key we choose, but mainly what drives partition key is the access pattern. Do let me know what you think?

@TheTechGranth 2 года назад

@@uditagrawal6603 that is why is suggested a subpartition, please keep in mind that there will be lot of select query in your application, not just for clearing but also for refund, retry etc. Which happens more than you think. One thing which can be done is, since we are externally generating transaction I'd, we can create sub partition on list of transaction Id for the day. So range partition on date and list partition on transaction Id, so data will be properly distributed. Btw do like the video and subscribe and share with others 🙂

@uditagrawal6603 2 года назад

@@TheTechGranth yes but things like retry or refund would also be based on txid only, to be honest I didn't get the reason of storing based on date as I don't get which queries we would be doing based on date? Also it would be helpful ,if you could guide us on partition and sub partitioning. Another query how are we handling hot partitions? Btw series is awesome , I already liked and subscribed 😊

@BlackGodOfWarTom Год назад

why ssl no tls? seems ssl has been deprecated.

@egor.cleric 8 месяцев назад

the Video is 1 year about, but there still SSL in communication. Should I continue to watch it?

@luckylove72 Год назад

Need to include OTP service and update the diagrams.

@alishanummer1550 2 года назад

How to choose which backend server to use for payment gateways development

@TheTechGranth 2 года назад

You mean hardware?

@alishanummer1550 2 года назад

@@TheTechGranth backend languages like php, java, nodejs

@TheTechGranth 2 года назад

@@alishanummer1550 choice of language for this application will be same as how we choose language for any other language. It should be scalable, testable, easily deployable, debuggable and more importantly pool of experienced engineers that an organisation have who knows that language

@anegawsisay6730 11 месяцев назад

How the identify weather the trasaction is on -us ,off-us and Remote -on us

@anegawsisay6730 11 месяцев назад

How to the identify weather the trasaction is on -us ,off-us and Remote -on us

@sairarafique 10 месяцев назад

Issuer bank represents the customer.

@petar55555 8 месяцев назад

SSL is deprecated, use and teach TLS

@VenuGopal-pr1ix 6 месяцев назад

If payment ingestion to the Payment Processor occurs through a distributed queue, what immediate response can the payment ingestion provide to the user? Users expect to see payment success instantly in most applications. Rather than displaying 'payment in progress' and then sending a notification, how can this immediate feedback be managed?

@RaphaelSousa-or1dl Месяц назад

I have the same question, have you tried implementing something like this?

@namnguyen-kc4kp 3 месяца назад

At ru-vid.com/video/%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE-NxjGFIgFCbg.html, "Consistency and availability should be chosen over partition tolerance". The video creator is referring to the famous CAP theorem, but he understands it in the wrong way. The CAP theorem states that a system can only have 2 over 3 properties: Consistency, Availability, and Network partition tolerance. And the creator is saying that we should prioritize CA over P. In reality, network partitions in distributed system is unavoidable, making partition tolerance (P) a necessary consideration. Therefore, we can only choose either consistency or availability (CP or AP), but CA is impractical.

@Deepz007 8 месяцев назад

Assuming this is Microservice based design, why Payment Ingestion and Payment processor talking to same RDBMS ?

@RaphaelSousa-or1dl Месяц назад

I have the same question, I'm trying to come up with a design where each one would have it's own db but I dont know how to manage the data consistency across them

@himeshgupta6478 2 месяца назад

What is SSL?

@pariveshplayson 2 года назад

Have never heard of a system not being partition tolerant.

@YogeshKumar-ye8nd Год назад

VIsa, Mastercard are not Banks ..why are referring them as a bank?

@mohammedissam3651 Год назад

Without indignity , how did you know ? That this is what really happened inside bank's. I really wanna know how digital money works? Any recommendations .. please 🥺 Can I transfer millions 🤔 to Paypal or should I do it in smaller transactions and multiple Paypal accounts with low budget ? Does Paypal accounts with 9,920 dollar , allowed and safe ? Can I trust Paypal? Can I do big really big transactions in cryptocurrency? What is the relationship between Paypal and cryptocurrency? It's your choice, To help or not 😃. You seem like you worked in this field.

@ThinkSoftware 2 года назад

Your understanding of the partition tolerance in the CAP theorem is incorrect. In a distributed system, partitions can’t be avoided. So, while you can discuss a CA distributed system in theory, for all practical purposes, a CA distributed system can’t exist. So, you can't chose consistency and availability over partition tolerance. And if you prefer consistency and availability over partition tolerance, then in case a partition happen (which is normal in distributed systems), the system won't work (thus affecting availability).

@TheTechGranth 2 года назад

Firstly glad to see your comment 🙂, really appreciate your effort and contribution to the tech world. I understand partition is required for any distributed system, may be the explanation was not clear on that part 🙂

@nandhakumarkr3147 Год назад

That's absolutely correct AP / CP is possible in distributed system

@amanverma2321 Год назад

Sir how to integrate in desktop based application??

@cxrsmm Год назад

FAILURE: Invalid request parameters or checksum mismatch orderId: txnAmount: checksum: false expectedChecksum: WiUeqDfCTopDs+YruikFxgA/KBasNUdaHm4GfQHyqo7Y2YYwmEnySf0spR0yLB8GIy90Mx6hvRQ7PWo3MtL5QSBGf/vX8BqDmc/0n8Ko9JA=

@primenews5842 2 года назад

how much will it cost me if you create for me?

@lapalabraencapsulas2305 Год назад

@sujatamanandhar6137 11 месяцев назад

Hello could anybody help me?? I've been scammed through this portal creation? They've taken my money in pretense of paying me back but haven't. Whay can I do

@TheTechGranth 11 месяцев назад

Sorry for your loss but posting here will not help as we only provide tutorial on system design, please connect with the concerned organization using legal means