link here i designed uber while designing uber i  also discussed one part of it which was a billing  

service however i didn't go into the the actual  design of the billing service so in today's video  

i'm going to discuss what would be the design  of a payment service or payment gateway service  

this is a very important topic because a payment  service is involved everywhere where money is  

involved let me give you some examples many of  us now buy stuff from amazon or ebay usually if  

you go to amazon.com and you create an account  it also asks for your credit card information  

and when you provide that credit card information  that information is stored in amazon servers  

in a secure manner and now if you buy anything  from amazon on from amazon website amazon actually  

goes and charge your credit card if you buy  something from a third-party seller on amazon.com  

in that case after charging your credit card the  amazon also transfers the money to the third-party  

seller as well similarly let's take another  example i think now most of us use smartphones and  

most of the time other people are using iphone or  android if you're using iphone then you must have  

an account with apple app store and you must  have provided your credit confirmation there  

in that case so that if you buy anything from  apple app store or if you do any in-app purchase  

then the payment service at the apple app store  charge your credit card the third example is uber  

uber provides different services like trips and  ubereats if a customer uses uber to book a trip  

then uber deducts charges from the customer credit  card that is stored securely on uber servers part  

of that tip charges goes to uber and the rest  goes to the drivers another example is netflix  

when you create an account with netflix netflix  also asks for payment information and when you  

provide your credit card information then netflix  stole that information securely on netflix servers  

after that netflix service deducts the charges  from customer credit card monthly the very first  

transaction in this case is customer initiated and  it is called customer initiate transaction or cit  

then the subsequent uh transaction by the netflix  are merchant initiated transactions i can give you  

many other examples where the payment  service is involved however i'm going to just  

stop here right now and i will just give you one  more example and this example is stripe payment  

gateway service stripe is a payment processing  platform that can be integrated with hundreds of  

e-commerce websites shopping carts and other  third-party applications that many businesses  

rely on to charge their customers for the goods  and services that those businesses provide it is  

used by third-party sellers to integrate payment  processing service in their e-commerce platform  

to charge their customers for example i  use this stripe for charging my customers  

when they buy my online course similarly  there are other third-party sellers as well  

which actually create their e-commerce website  using maybe shopify and then they integrate with  

stripe to charge their customers for the goods and  services whether they are physical goods or they  

are digital goods or services so in today's video  we will discuss how to design a payment gateway  

service like stripe however before going to the  design of stride payment gateway service i would  

like to welcome you to my youtube channel if  you are watching this video first time and i  

would appreciate that if you haven't subscribed  to my channel yet then please do subscribe to my  

channel and please do click the bell icon i will  be uploading more videos in the future as well  

so before going into details of how we will  design strap let's first discuss how the credit  

card system work a credit card system comprises  of the following actors the very first actor in  

a credit card system is a customer or credit  card holder a customer is a person who owns a  

credit card or a debit card and use it to buy  goods or services from a seller or a merchant  

then a merchant is a business that sells goods  and services to customers and accept credit card  

or debit cards for payment each merchant maintains  a merchant account that enables them to accept  

credit card or debit card from the customers then  we have issuer or issuing bank the card issuers  

are the financial institutions or banks  that distribute credit cards to the consumer  

that is they are the customer's bank an issuing  bank transfers money for purchases to the  

acquiring bank it is liable for purchases made  by the customer if the customer does not pay then  

the fourth actor in this system is acquirer or  acquiring bank an acquiring bank is a financial  

institution or bank that processes credit or debit  card payment on behalf of a merchant the acquirer  

allows merchants to accept credit card payments  from the card issuing banks within an association  

the acquiring bank is liable  for charges made by the merchant  

if the merchant does not provide goods or services  purchased then the final actor is a card network  

or association it is also called a scheme a card  association or scheme include visa master discover  

american express etc the card associations set  interchange rates and qualification guidelines  

and act as the arbiter between the issuing banks  and acquiring banks among other vital functions  

now when a customer provides the credit card to a  merchant for some transaction then that financial  

transaction comprises two phases the first phase  is authorization phase in authorization phase a  

card holder begins a credit card transaction by  presenting their card to a merchant as payment  

for goods or services the merchant uses their  credit card machine software or gateway to  

transmit the card holder information and the  details of the transaction to the acquiring bank  

or the bank's processor the acquiring bank or  its processor captures the direction information  

performs some basic validation and routes it  through the appropriate card network to the  

card holders issuing bank for approval when the  card network receives the transaction information  

it performs basic validation and then the  transaction information is routed between  

issuing and acquiring banks through  credit card network the credit card  

issuer receives the collection information  from the acquiring bank or its processor  

through card network and response by approving  or declining the direction after checking to  

ensure among other things that the transaction  information is valid the cardholder has sufficient  

balance to make the purchase and that the account  is in good standing in case of transaction  

approval the issuer holds the amount of money  that is needed for the transaction the card issuer  

sends a response code back to the appropriate  network to the acquiring bank or its processor  

in case of transaction approval the successful  authorization code is sent the response code  

reaches the merge joints terminal software or  gateway and stored their awaiting settlement in  

case of successful authorization code the merchant  releases the good or services to the customer that  

is the card holder now at the end of the business  day the clearing and settlement phase once  

in this process all the approved authorization  codes along with their transaction details for  

the whole day are returned to a batch file by the  merchant or the payment gateway at merchant's end  

and is sent to the acquiring bank via secured  file transfer protocol the acquiring bank  

reconciles and forwards it to the card network  via secure file transfer protocol the card network  

reads all the authorization codes along with their  transaction details from the merchant provided  

batch file and then write them into a separate  batch files targeting different issuers and then  

pass those batch files to each issuer via secure  file transfer protocol the issue when received the  

batch file release the money that it held for  the approved transactions to the card network  

which then transfers the money to the acquiring  banks the acquiring bank submit the money in the  

merchant bank account now i have a question for  you let me know in the comments below that why the  

acquirer and the scheme and the issue are  still using secure file transfer protocol for  

the settlement and clearance process in general  pci compliance is required by the credit card  

companies to make online transactions secure and  protect them against identity theft any merchant  

that wants to process store or transfer credit  card information is required to be pci compliant  

according to the pci compliance security  standard console getting all the compliance  

is not impossible but yet it is very cumbersome  to achieve for small third party sellers like  

me for example now more than 80 percent of  online businesses are selling internationally  

this brings all sort of issues that the businesses  need to worry about for example how do you address  

the diverse customer preference of a global  audience during the checkout experience  

also the way customers prefer to pay for google  services online varies drastically from region to  

region different geography may have different  compliance requirements this is where stripe  

comes into the picture stripe make it very easy  for any type of business anywhere in the world  

to discover and accept popular payment methods  with a single integration the stripe works as a  

master merchant and payment facilitator for the  third party sellers thus the stripe registers a  

master merchant account with the acquirer or  acquiring bank and provides virtual merchant  

account to the third party sellers now the  online sellers or merchants create a virtual  

merchant account with stripe and integrate their  website checkout workflow with stripe checkout  

now let's see how the stripe charge a customer  on behalf of a merchant a card holder begins  

a credit card transaction by presenting their  card to stripe checkout on an e-commerce website  

as payment for goods or services the e-commerce  website has a virtual mature account with stripe  

stripe check out forward the transaction  request along with merchant id to the stripe  

which behave as a master merchant and payment  facilitator for the e-commerce website the master  

merchant that is stripe performs some basic  validation and then uses the software gateway  

to transmit the cardholder's information and the  details of the transaction to its acquiring bank  

or the bank processor the acquiring bank or its  processor captures the transaction information  

performs some basic validation and routes it  through the appropriate card network to the  

card holders issuing bank for approval when the  card network receives the transaction information  

it performs basic validation and then the  transaction information is routed between  

issuing and acquiring banks through credit  card network the credit card issuer receives  

the transaction information from the acquiring  bank or its processor through card network and  

responds by approving or declining the transaction  after checking to ensure among other things  

that the transaction formation is valid the card  holder has sufficient balance to make the purchase  

and that the account is in good standing in  case of transaction approval the issuer holds  

the amount of money that is needed for transaction  the card issuer sends a response code back to the  

appropriate network to the acquiring bank or  its processor in case of transaction approval  

the successful authorization code is sent the  response code which is the master merchandise type  

through the acquiring bank this type updates the  transaction details in its local database and  

inform the merchant about transaction status in  case of successful authorization code the merchant  

releases the good or services to the customer  card holder now at the end of the day there  

are workflows that run in stripe which actually  takes all the authorization code and pass them to  

the issuer for final settlement and clearance now  let's discuss some functional and non-functional  

requirements for stripe it is very important  to understand that coming up with a right set  

of functional non-functional requirements is  very important most of the time the candidates  

fail the interview because they are unable to  actually collect the right set of requirements  

and that is why you should give new importance  to the requirement collection so the very first  

requirement for strive payment gateway service  is that the stripes should enable the third-party  

sellers or merchants to charge their customers  without being pci dass compliant according to  

pci dss any entity that is involved in either  storing or transferring credit card information  

it needs to be pci dss compliant but now if you  go and check my website when you buy my course  

and do the checkout this is a page that is donated  directly by stripe and you enter your credit card  

information into that page which transfers that  information directly to strike so my website is  

not even involved in the checkout process let me  know in the comment below how stripe does this  

for the merchants the second requirement  is of course in order to use the stripe  

the merchants need to create account with a stripe  the third requirement is the merchants should be  

able to charge their customers and also they  should be able to perform refund whenever needed  

the fourth functional requirement is the merchant  should be able to see all the different types of  

transactions that have happened in their account  the transaction details should include the  

transaction type that is whether it's a purchase  or the refund or the bank transfer etc it status  

the order associated with the transaction and the  date and time and other such important information  

the fifth functional requirement is the merchant  should be able to create two different types of  

transactions one type of transaction is a one-time  payment for example if you buy my course then you  

get unlimited access there's no monthly or yearly  subscription for my course right now then the  

second type of transaction is periodic purchases  for example there are other online courses  

for system design that actually have a yearly  subscription model where they charge you daily  

or sometimes even monthly now the sixth important  functional requirement is that the payment gateway  

service should be able to store the credit  card information of the customers securely  

for the case where the credit card needs to be  charged periodically for example monthly or yearly  

then there are some other extended requirements  for example the staff should be able to generate  

invoices for the purchases another requirement is  the merchant should be able to generate a report  

for some period of time like how many different  types of transactions happen during that period  

how many difference will happen how many  like purchases happened etc etc another extra  

requirement is that stripes should allow different  modes of payment for example not just credit card  

but debit card or maybe even cash transaction  as well another extended requirement is that  

the strap should allow audit support now let's  discuss some non-functional requirements the very  

first non-functional requirement is the service  needs to be highly available think about what  

would happen if a customer is trying to purchase  a product from a merchant website and is unable to