Search⌘ K
AI Features
Home
Courses
Grokking Modern System Design Interview

Design of a Payment System

Define the System Design for a secure payment processor, covering high-level architecture, APIs, and storage schema. Detail components like fraud detection and reconciliation. Learn to ensure transaction reliability and resilience by applying idempotency, retry strategies, and fallbacks to manage transient failures.

We'll cover the following...

In the previous lesson, we defined the requirements and resource estimates for our payment system. Now, we will cover its high-level design.

High-level design

High-level design of the payment system
High-level design of the payment system

  1. A customer clicks the pay button on a merchant’s website, which triggers the payment service.

  2. The payment service processes the customer’s information and sends the transaction details to the risk check system for fraud detection.

  3. If the transaction passes the risk check, the payment service forwards the request to the payment gateway.

  4. The payment gateway validates the payment details and forwards the request to the card issuer’s bank.

  5. The issuer’s bank processes the request and sends the payment to the merchant’s account via the payment service.

  6. The merchant’s account balance is updated to reflect the successful transaction.

AI Powered
Saved
1 Attempts Remaining
Reset
Decoupling fraud checks
How does decoupling fraud checks from the payment gateway improve scalability and security?

Now that we have a high-level design, let’s define the APIs that will serve as the system’s entry points.

API design

The following APIs are essential to meet our functional requirements.

User registration and authentication

  • User registration: This API handles new user registration.

registerUser(username, email, password)

The registerUser API hashes the user’s password before saving it to the database. The table below explains the API’s parameters.

Parameter

Description

username

A unique user name opted for by the customer.

email

Customer’s email id to be used later in the authentication phase.

password

The customer’s password is used for authentication later.

  • User authentication: This API authenticates users. We will assume a basic authentication mechanism.

authenticateUser(username, password)

Payment processing

The following APIs handle payment processing tasks.

  • Payment authorization: This API verifies that the customer has sufficient funds to complete the payment. If successful, it associates the transaction with the merchant and returns an authorization code.

authorizePayment(amount, card_number, expiration_date, CVV, merchant_id)

The table below describes the API’s parameters.

Parameter

Description

amount

The amount to be paid by the customer for a purchase.

card_number

16-digit customer’s payment card number.

expiration_date

The expiry date of the payment card.

CVV

A 3-digit card verification value of the payment card.

merchant_id

A unique identifier for the merchant receiving the payment. Used to route the transaction and reserve funds for the correct merchant account.

  • Payment capture: This API captures previously authorized ...