00:00 - 00:04

hey everyone today we explore the design

00:02 - 00:06

of a global payment system much like

00:04 - 00:09

PayPal that handles high transaction

00:06 - 00:11

volumes and sells both merchants and

00:09 - 00:13

consumers worldwide I'll walk through

00:11 - 00:15

each step of the design discuss how

00:13 - 00:17

various components interact and analyze

00:15 - 00:19

the trade-offs involved in making key

00:17 - 00:21

architectural decisions this is

00:19 - 00:23

especially relevant for those preparing

00:21 - 00:26

for system design interviews at leading

00:23 - 00:29

te companies like meta or Google so

00:26 - 00:29

let's get started

00:31 - 00:36

before diving into the system design

00:33 - 00:38

let's quickly clarify two key components

00:36 - 00:39

the payment Gateway and the payment

00:38 - 00:42

processor which I have previously

00:39 - 00:43

explained in depth but at a high level

00:42 - 00:45

think of payment Gateway as the bridge

00:43 - 00:48

between the user's device and the

00:45 - 00:49

payment processor it securely transits

00:48 - 00:52

payment data from the user's device to

00:49 - 00:54

the processor handling the encryption

00:52 - 00:56

and authorization of the transaction for

00:54 - 00:58

example when you enter your car details

00:56 - 01:00

on a website the payment Gateway

00:58 - 01:02

encrypts this data and send it for

01:00 - 01:04

approval and once the payment data

01:02 - 01:06

reaches the payment processor it

01:04 - 01:09

communicates with the users's bank or

01:06 - 01:11

card Network like Visa or MasterCard to

01:09 - 01:13

validate the payment information it

01:11 - 01:15

confirms available funds and completes

01:13 - 01:17

the transaction it's the engine working

01:15 - 01:19

behind the scenes to ensure the money

01:17 - 01:20

flows from the users Bank to the

01:19 - 01:23

Merchant's

01:20 - 01:25

account now first and foremost let's

01:23 - 01:27

clarify the requirements to ensure we

01:25 - 01:29

are all on the same page here we are

01:27 - 01:31

designing a global payment system at

01:29 - 01:34

accessible to users worldwide both

01:31 - 01:36

merchants and consumers are our primary

01:34 - 01:39

users and the system supports onetime

01:36 - 01:42

payments recurring payments refunds and

01:39 - 01:44

dispute resolutions it can also handle

01:42 - 01:46

multiple currencies with real-time

01:44 - 01:49

exchange rates the system should scale

01:46 - 01:51

to handle transaction volumes similar to

01:49 - 01:53

PayPal which means thousands of

01:51 - 01:55

transactions per second it must also

01:53 - 01:58

meet International and Regional

01:55 - 02:00

regulations like PCI DSS and kyc

01:58 - 02:02

requirements as far as nonfunctional

02:00 - 02:05

requirements are concerned it should

02:02 - 02:08

display High reliability scalability low

02:05 - 02:09

latency and topnotch

02:08 - 02:11

security understanding these

02:09 - 02:13

requirements And discussing them with

02:11 - 02:15

the interviewer will set the foundation

02:13 - 02:16

of your design now our system goals

02:15 - 02:18

should align closely with the

02:16 - 02:20

requirements so when we talk about high

02:18 - 02:24

availability aim for

02:20 - 02:26

99.99% uptime it should be efficiently

02:24 - 02:27

able to handle Peak loads and grow with

02:26 - 02:29

user

02:27 - 02:30

demand it should Implement robust

02:29 - 02:33

measures to protect data and

02:30 - 02:35

transactions ensure quick and seamless

02:33 - 02:37

transaction processing and you must

02:35 - 02:38

design the system to easily add new

02:37 - 02:41

features or support additional

02:38 - 02:43

currencies and payment methods with

02:41 - 02:45

these goals in mind we can start

02:43 - 02:46

architecting the system all right we'll

02:45 - 02:49

first break down the architecture of a

02:46 - 02:51

high performance payment system focusing

02:49 - 02:54

on three key layers the client layer the

02:51 - 02:56

service layer and the data layer first

02:54 - 02:58

the client layer this is where users

02:56 - 03:01

interact with the system through web

02:58 - 03:03

apps mobile apps or apis it is

03:01 - 03:05

responsible for sending requests like

03:03 - 03:08

login or payment initiation to the

03:05 - 03:10

backend next we have the service layer

03:08 - 03:12

this is the heart of the system here

03:10 - 03:15

various microservices handle business

03:12 - 03:17

logic like verifying account balances

03:15 - 03:20

processing payments and interacting with

03:17 - 03:21

external gateways these Services

03:20 - 03:23

communicate asynchronously through

03:21 - 03:26

message Brokers like Kafka ensuring

03:23 - 03:28

scalability and fall tolerance and

03:26 - 03:30

finally the data layer this is where all

03:28 - 03:32

the important data is stored relational

03:30 - 03:35

databases handle transactional data no

03:32 - 03:37

SQL systems manage session data and logs

03:35 - 03:39

and caches like redis store frequently

03:37 - 03:42

access information for fast

03:39 - 03:44

responses together these three layers

03:42 - 03:46

will ensure the system is scalable

03:44 - 03:48

reliable and high performing let's start

03:46 - 03:50

with the client layer the client layer

03:48 - 03:51

is the front-facing part of the system

03:50 - 03:54

that interacts directly with the end

03:51 - 03:56

users both consumers and Merchants this

03:54 - 03:58

Slayer is responsible for user

03:56 - 04:01

interfaces and making requests to the

03:58 - 04:03

backend services it can include web

04:01 - 04:05

applications or web portals where users

04:03 - 04:07

can login manage accounts and make

04:05 - 04:10

payments Etc it can also have mobile

04:07 - 04:13

apps iOS or Android used by customers to

04:10 - 04:15

initiate payments check balances and so

04:13 - 04:17

on and so forth and finally the API

04:15 - 04:19

consumers the third party systems or

04:17 - 04:22

Services interacting with the payment

04:19 - 04:24

system via apis for example Merchants

04:22 - 04:26

integrating payments into their own

04:24 - 04:28

websites next the service layer is the

04:26 - 04:30

core of the system that contains all the

04:28 - 04:32

business logic and microservice is

04:30 - 04:34

responsible for processing user request

04:32 - 04:36

handling payments managing users and

04:34 - 04:38

more this layer is the brain of the

04:36 - 04:41

architecture where various microservices

04:38 - 04:44

interact data is validated and external

04:41 - 04:46

systems are called now again a payment

04:44 - 04:48

Gateway is the service responsible for

04:46 - 04:51

securely transmitting payment data from

04:48 - 04:53

the customer for example a web or mobile

04:51 - 04:55

app to the payment processor or bank it

04:53 - 04:58

handles tasks like encryption of the

04:55 - 04:59

payment for example the card details

04:58 - 05:02

authorization of the transaction with

04:59 - 05:04

the issuing bank or card Network fraud

05:02 - 05:05

deduction such as doing initial checks

05:04 - 05:08

or routing the request to the payment

05:05 - 05:10

processor in our design we will use

05:08 - 05:12

Amazon API Gateway as the entry point

05:10 - 05:14

for all request we will later combine it

05:12 - 05:16

with payment service and possibly parts

05:14 - 05:19

of the fraud detection service to play

05:16 - 05:21

the role of the payment Gateway these

05:19 - 05:23

components securely transfit the payment

05:21 - 05:26

data and interact with external payment

05:23 - 05:28

processor or Banks it's also responsible

05:26 - 05:31

for rate limiting request routing and

05:28 - 05:33

user Authentication making it General

05:31 - 05:34

Gateway for all API requests a payment

05:33 - 05:36

processor is the engine behind the

05:34 - 05:38

scenes that processes the actual payment

05:36 - 05:39

after receiving the data from the

05:38 - 05:42

Gateway it communicates with card

05:39 - 05:44

networks such as Visa or Mastercard

05:42 - 05:46

Banks both the issuing and the acquiring

05:44 - 05:49

bank and it also handles the financial

05:46 - 05:51

transactions including authorization

05:49 - 05:55

capturing funds or settling the payments

05:51 - 05:56

Etc in our design the payment service

05:55 - 05:58

account service and the transaction

05:56 - 06:00

service are performing the role of the

05:58 - 06:02

payment processor they verify user

06:00 - 06:04

balances initiate the transaction and

06:02 - 06:06

interact with banks or external payment

06:04 - 06:08

gateways they also handle currency

06:06 - 06:10

conversions they record the transaction

06:08 - 06:12

via the transaction service and update

06:10 - 06:14

the account balance via the account

06:12 - 06:16

service and of course they must ensure

06:14 - 06:19

asset compliance and manage distributed

06:16 - 06:21

transactions across services so at a

06:19 - 06:23

high level we are dealing with

06:21 - 06:25

distributed microservices architecture

06:23 - 06:28

this is the code logic where services

06:25 - 06:29

like user service payment account and

06:28 - 06:32

fraud detection service interact to

06:29 - 06:34

handle payments at scale user service is

06:32 - 06:37

responsible for user authentication and

06:34 - 06:38

profile management payment service

06:37 - 06:40

manages transaction processing and

06:38 - 06:42

external Communications with payment

06:40 - 06:44

gateways and Banks account service

06:42 - 06:47

tracks user balances in multiple

06:44 - 06:49

currencies and ensure Integrity during

06:47 - 06:50

transactions fraud detection service

06:49 - 06:53

performs real-time monitoring of

06:50 - 06:55

transactions to Flat potential frauds

06:53 - 06:57

using machine learning models and

06:55 - 07:00

notification service sends transaction

06:57 - 07:02

updates to users the service interact

07:00 - 07:04

asynchronously through message cues for

07:02 - 07:07

example Kafka rabbit mq for Reliable

07:04 - 07:09

communication and to decouple Services

07:07 - 07:10

we will later dive into how the services

07:09 - 07:13

themselves interact among each other but

07:10 - 07:15

first let's talk about data layer data

07:13 - 07:17

layer consists of relational databases

07:15 - 07:20

for transactional data and no SQL for

07:17 - 07:22

fast access of logs or session data we

07:20 - 07:24

use relational databases like post SQL

07:22 - 07:27

for transactional data to ensure asset

07:24 - 07:29

compliance for non-critical data like

07:27 - 07:32

logs and session information we use no

07:29 - 07:35

SQL databases like cassendra or mongod

07:32 - 07:37

TV in a microservices architecture it's

07:35 - 07:39

generally recommended to use database

07:37 - 07:42

per service to ensure loose coupling and

07:39 - 07:44

data Independence each service owns its

07:42 - 07:46

own data and the schema it uses but they

07:44 - 07:48

can communicate through even driven

07:46 - 07:50

mechanisms like Kafka rather than

07:48 - 07:53

sharing databases so user service

07:50 - 07:55

database stores user data and profile

07:53 - 07:57

information including authentication

07:55 - 08:00

details and kyc or know your customer

07:57 - 08:02

status account service database manages

08:00 - 08:05

user account balances across different

08:02 - 08:06

currencies this database ensures asset

08:05 - 08:09

compliance for critical financial data

08:06 - 08:11

payment service database stores metadata

08:09 - 08:13

about payment request such as who

08:11 - 08:16

initiated the request which Merchant it

08:13 - 08:18

is for what currency is being used and

08:16 - 08:20

the current status of the payment

08:18 - 08:22

currency exchange race table is another

08:20 - 08:24

form of metadata that's used when the

08:22 - 08:26

payment involves multiple currencies it

08:24 - 08:28

stores contextual information about the

08:26 - 08:31

exchange rates used at the time of the

08:28 - 08:33

payment request so before a payment is

08:31 - 08:35

processed the payment service records

08:33 - 08:37

metadata about the payment initiation

08:35 - 08:38

such as who initiated the request which

08:37 - 08:41

Merchant what payment method and

08:38 - 08:43

currency and Status during Payment

08:41 - 08:45

Processing the metadata about the

08:43 - 08:47

payment status such as pending is used

08:45 - 08:49

to track whether the payment was

08:47 - 08:51

successful or if it is still retrying if

08:49 - 08:52

currency conversion is needed the

08:51 - 08:54

payment service looks up the exchange

08:52 - 08:56

rate from the currency exchange rat

08:54 - 08:58

table and uses that rate for the

08:56 - 09:01

conversion and after the payment is

08:58 - 09:03

completed the metadata in the payment

09:01 - 09:06

request table is updated to reflect the

09:03 - 09:07

final status success or failed while the

09:06 - 09:10

detailed transaction records are stored

09:07 - 09:12

in the transaction service database

09:10 - 09:15

transaction service database handles all

09:12 - 09:17

transaction records ensuring durability

09:15 - 09:19

and traceability fraud detection service

09:17 - 09:21

database keeps a historical record of

09:19 - 09:23

flag transactions fraud scores and user

09:21 - 09:26

behaviors data which can be later used

09:23 - 09:28

for machine learning models and finally

09:26 - 09:30

notification service database TOS

09:28 - 09:32

notification log for tracking whether

09:30 - 09:34

payment confirmation messages like

09:32 - 09:37

emails SMS push notifications were sent

09:34 - 09:39

successfully now to handle massive data

09:37 - 09:40

sets and high read write operations you

09:39 - 09:43

should mention few things during the

09:40 - 09:45

interview Shing we partition the

09:43 - 09:47

database horizontally based on user IDs

09:45 - 09:49

or

09:47 - 09:52

regions we have read replicas to improve

09:49 - 09:54

read performance and provide redundancy

09:52 - 09:56

also talk about indexing frequently

09:54 - 09:58

queried fields to speed up database

09:56 - 10:01

operations I have made videos on each of

09:58 - 10:03

these topics in depth so do check them

10:01 - 10:06

out to get better clarity now let's jump

10:03 - 10:08

into the data in the no SQL database

10:06 - 10:10

session data typically includes details

10:08 - 10:12

about user login session tokens time

10:10 - 10:15

stamps and expiration times which can be

10:12 - 10:17

stored in a nosql database event logs

10:15 - 10:19

capture actions taken by users or

10:17 - 10:22

systems events for example logins

10:19 - 10:24

payments or password changes and they

10:22 - 10:26

need to be stored efficiently to support

10:24 - 10:28

high right throughput which also can be

10:26 - 10:30

stored in a nosql database now for each

10:28 - 10:33

key interaction between services will be

10:30 - 10:35

using Kafka qes or Kafka topics which

10:33 - 10:37

ensure asynchronous communication and

10:35 - 10:39

decoupling here's the list of Kafka

10:37 - 10:42

topics that might be in play based on

10:39 - 10:44

the described architecture so for

10:42 - 10:46

example we'll have balance check Q which

10:44 - 10:48

takes request from payment service to

10:46 - 10:50

account service for balance verification

10:48 - 10:51

balance response queue from account

10:50 - 10:54

service response with balance

10:51 - 10:55

verification result transaction

10:54 - 10:57

recording Quee for payment service

10:55 - 11:00

notifying transaction service to

10:57 - 11:02

purchase transaction data account update

11:00 - 11:05

que for notification for account service

11:02 - 11:07

to update the users balance notification

11:05 - 11:09

Q is for message to notification service

11:07 - 11:11

to send a confirmation to the users

11:09 - 11:14

fraud detection que is for transaction

11:11 - 11:16

details sent for realtime fraud analysis

11:14 - 11:18

payment Gateway queue for asynchronous

11:16 - 11:21

communication with external payment

11:18 - 11:22

gateways and Gateway response queue

11:21 - 11:24

which is responsible for response from

11:22 - 11:26

external Gateway back to the payment

11:24 - 11:28

service now this being a microservices

11:26 - 11:30

architecture we are using one of the

11:28 - 11:32

popular data database per service

11:30 - 11:35

microservices pattern so as far as

11:32 - 11:37

database ownership is concerned user

11:35 - 11:39

service owns the user database for user

11:37 - 11:41

profiles and authentication account

11:39 - 11:44

service owns the account database for

11:41 - 11:46

account balances and currency handling

11:44 - 11:48

payment service owns its own payment

11:46 - 11:50

meta database for logging payment

11:48 - 11:51

request transaction service owns the

11:50 - 11:54

transaction database for storing

11:51 - 11:56

transaction records fraud detection

11:54 - 11:58

service owns its own fraud detection

11:56 - 12:00

database for storing fraud logs and user

11:58 - 12:02

risk profiles

12:00 - 12:04

notification service owns its own

12:02 - 12:06

notification log database for storing

12:04 - 12:08

notification history all right now that

12:06 - 12:10

we have laid out all the components and

12:08 - 12:12

Basics let's explore the service layer

12:10 - 12:15

and how these all components interact

12:12 - 12:17

during a typical transaction flow so the

12:15 - 12:19

user initiates the login process from a

12:17 - 12:20

web or mobile app by sending credentials

12:19 - 12:23

to the API

12:20 - 12:25

Gateway the API Gateway sits behind a

12:23 - 12:27

load balancer which distributes the

12:25 - 12:29

incoming request across multiple API

12:27 - 12:32

gateways instances for for high

12:29 - 12:34

availability the API Gateway forwards

12:32 - 12:36

the login request to the user service

12:34 - 12:38

user service validates the user

12:36 - 12:40

credentials against a cach version of

12:38 - 12:42

the user profile in redus to speed up

12:40 - 12:44

authentication and if no cache entry

12:42 - 12:47

exist the user service fetches the user

12:44 - 12:49

data from the user service database if

12:47 - 12:52

the credentials are valid the service

12:49 - 12:54

generates a JWT token and stores session

12:52 - 12:56

related data such as user ID session

12:54 - 12:59

start time Etc and Rees for fast access

12:56 - 13:01

in future request the user service then

12:59 - 13:03

sends the JWT token back to the API

13:01 - 13:06

Gateway which returns it to the client

13:03 - 13:08

the JWT token will be used in subsequent

13:06 - 13:10

request for authorization and if you

13:08 - 13:13

want to know more about how JWT Works do

13:10 - 13:15

check out my video on JWT where have

13:13 - 13:19

explained it in detail with examples all

13:15 - 13:21

right now let's take a common example

13:19 - 13:22

once the user is authenticated

13:21 - 13:25

initiating a

13:22 - 13:27

payment so in this common use case the

13:25 - 13:29

user initiates a payment for example for

13:27 - 13:31

a purchase by sending the payment

13:29 - 13:33

details to the API Gateway the API

13:31 - 13:36

Gateway receives the payment initiation

13:33 - 13:39

request and verifies the jwd token to

13:36 - 13:41

authenticate the user once the user is

13:39 - 13:42

authenticated it forwards the request to

13:41 - 13:44

the payment service for further

13:42 - 13:45

processing the payment service checks

13:44 - 13:48

the red cash again for the users's

13:45 - 13:50

account balance if the balance is cashed

13:48 - 13:52

and sufficient the payment service locks

13:50 - 13:54

the required amount in radies and if the

13:52 - 13:57

balance is not cast or is outdated it

13:54 - 13:59

proceeds with the next step the payment

13:57 - 14:02

service publishes the message que to the

13:59 - 14:03

balance check Kafka Q asking the account

14:02 - 14:05

service to verify the user's account

14:03 - 14:08

balance and the message might include

14:05 - 14:10

user ID payment amount currency or a

14:08 - 14:13

correlation ID to track the request

14:10 - 14:15

response interaction the account service

14:13 - 14:17

listens to the balance check queue and

14:15 - 14:19

retrieves the users's account balance it

14:17 - 14:22

can use radi for the cash balance and if

14:19 - 14:24

not cashed it retrieves the balance from

14:22 - 14:27

post equl if sufficient funds are

14:24 - 14:29

available it updates the cash and locks

14:27 - 14:31

the funds in post SQL using database

14:29 - 14:33

transactions the account service then

14:31 - 14:35

publishes a response message to balance

14:33 - 14:37

response queue with a verification

14:35 - 14:38

result for example balance is sufficient

14:37 - 14:40

or

14:38 - 14:41

insufficient the payment service listens

14:40 - 14:43

for the response message from the

14:41 - 14:45

balance response queue and if funds are

14:43 - 14:47

sufficient it locks the amount and

14:45 - 14:49

proceeds with the payment processing for

14:47 - 14:50

example interacting with the external

14:49 - 14:52

payment Gateway or recording the

14:50 - 14:54

transaction and if funds are

14:52 - 14:57

insufficient the payment service returns

14:54 - 14:59

an error to the user via the API Gateway

14:57 - 15:01

now since PayPal or a similar similar

14:59 - 15:03

service combines both the Gateway and

15:01 - 15:05

processor roles the service layer in our

15:03 - 15:07

architecture implements both so the

15:05 - 15:08

payment Gateway functionality is about

15:07 - 15:11

receiving payment details and securely

15:08 - 15:13

transmitting them and payment process

15:11 - 15:16

functionality is validating and settling

15:13 - 15:18

transactions by interacting with banks

15:16 - 15:20

however PayPal still relies on external

15:18 - 15:23

Financial systems like bank or card

15:20 - 15:25

networks for actual money movement when

15:23 - 15:28

I say card networks it means networks

15:25 - 15:30

like Visa or Mastercard and when I say

15:28 - 15:32

Banks it's for both the merchant and the

15:30 - 15:34

customer to actually move funds this

15:32 - 15:36

Banking and card Network Integrations

15:34 - 15:38

are external from PayPal system and are

15:36 - 15:40

necessary to complete the financial

15:38 - 15:42

transactions do check out my previous

15:40 - 15:44

videos to understand their role better

15:42 - 15:45

all right coming back to the topic the

15:44 - 15:47

payment service many to interact with

15:45 - 15:49

external payment processor like

15:47 - 15:51

Mastercard or VISA to authorize and

15:49 - 15:53

settle the payment it publishes a

15:51 - 15:55

request to the payment Gateway Que in

15:53 - 15:58

Kafka which is processed asynchronously

15:55 - 16:00

to avoid latency for the user once the

15:58 - 16:02

external gate gway for example Visa

16:00 - 16:04

processes the payment it sends a

16:02 - 16:07

response for example payment approved or

16:04 - 16:08

declined VI the Gateway response cue the

16:07 - 16:10

payment service then consumes this

16:08 - 16:12

response and determines the outcome of

16:10 - 16:14

the transaction if the external payment

16:12 - 16:16

Gateway fails to respond the payment

16:14 - 16:18

service implements the retries using an

16:16 - 16:20

exponential backup strategy which I have

16:18 - 16:22

covered in my other videos and if

16:20 - 16:24

repeated failures occur a popular micros

16:22 - 16:26

Services pattern circuit breaker pattern

16:24 - 16:28

prevents overloading the external

16:26 - 16:30

service and once the payment is

16:28 - 16:31

confirmed either synchronously or

16:30 - 16:33

asynchronously the payment service

16:31 - 16:35

notifies the transaction service by

16:33 - 16:37

publishing a message to Kafka the

16:35 - 16:39

transaction service consumes the message

16:37 - 16:41

and purs the transaction details for

16:39 - 16:43

example the transaction ID time stamp

16:41 - 16:46

amount status Etc it ensures that these

16:43 - 16:48

operations adhere to asset properties

16:46 - 16:51

atomicity consistency isolation and

16:48 - 16:53

durability to maintain data Integrity

16:51 - 16:54

the payment service sends an item

16:53 - 16:57

potency key along with the request to

16:54 - 16:58

the transaction service to ensure that

16:57 - 17:00

the retrying of the payment due to

16:58 - 17:02

network or service failures doesn't

17:00 - 17:04

result in duplicate charges of

17:02 - 17:05

transaction the transaction service

17:04 - 17:08

checks the key before committing to the

17:05 - 17:10

transaction to the database and once the

17:08 - 17:12

transaction is successfully recorded the

17:10 - 17:14

payment service sends a message to the

17:12 - 17:16

account update queue in Kafka notifying

17:14 - 17:18

the account service to update the user's

17:16 - 17:20

balance the account service consumes the

17:18 - 17:22

message deducts the payment amount from

17:20 - 17:24

the user balance in the post equal

17:22 - 17:26

database and updates the balance and

17:24 - 17:28

Ries for future transactions after the

17:26 - 17:29

transaction is recorded the payment

17:28 - 17:31

Service public reaches a message to the

17:29 - 17:34

notification Q in Kafka indicating that

17:31 - 17:36

a notification email or SMS should be

17:34 - 17:38

sent to the users the notification

17:36 - 17:41

service consumes the message and sends

17:38 - 17:43

the confirmation via email SMS or push

17:41 - 17:45

notification to the user again

17:43 - 17:47

notifications are sent as synchronously

17:45 - 17:49

to avoid delaying the main payment flow

17:47 - 17:50

also simultaneously as the payment is

17:49 - 17:52

being processed the payment service

17:50 - 17:55

sends transaction data to the fraud

17:52 - 17:56

detection service bya Kafka the fraud

17:55 - 17:58

detection service consumes the message

17:56 - 18:00

and runs machine learning models to flag

17:58 - 18:02

potentially fraudulent transactions if

18:00 - 18:04

the fraud risk score is above a certain

18:02 - 18:06

threshold the fraud detection service

18:04 - 18:08

publishes a message to Kafka to Halt the

18:06 - 18:10

transaction or trigger additional

18:08 - 18:12

verification like multiactor

18:10 - 18:14

authentication if the transaction is

18:12 - 18:16

flagged the system can either roll back

18:14 - 18:19

the transaction using compensating

18:16 - 18:21

transactions or require additional user

18:19 - 18:24

input the payment service then responds

18:21 - 18:25

to the user via the API Gateway once a

18:24 - 18:28

transaction has been processed and

18:25 - 18:29

recorded to the system at this point the

18:28 - 18:31

client received a confirmation along

18:29 - 18:33

with the transaction received for

18:31 - 18:35

example the amount transaction ID and

18:33 - 18:37

time stamp and to minimize the perceived

18:35 - 18:39

latency for the user certain parts of

18:37 - 18:41

the flow like external Payment

18:39 - 18:43

Processing notifications and fraud

18:41 - 18:45

detection happens asynchronously the

18:43 - 18:47

user receives a response once the code

18:45 - 18:49

transaction is processed while this

18:47 - 18:51

background task for example sending

18:49 - 18:54

notifications or flagging fraud continue

18:51 - 18:55

to execute without blocking the response

18:54 - 18:57

to ensure resilience and high

18:55 - 18:58

performance we can Implement a number of

18:57 - 19:01

microservices patterns in our

18:58 - 19:02

architecture and it's very important for

19:01 - 19:04

you to talk about some of the

19:02 - 19:06

architecture patterns during your

19:04 - 19:08

interview now I have made videos on each

19:06 - 19:10

of these patterns where I simplify them

19:08 - 19:11

and if something doesn't make sense I

19:10 - 19:13

encourage you to develop a deep

19:11 - 19:15

understanding of them here I will

19:13 - 19:17

briefly talk about a few important

19:15 - 19:19

patterns in the context of this system

19:17 - 19:20

design circuit record pattern can be

19:19 - 19:22

used for external communication with

19:20 - 19:24

payment gateways or Banks if the

19:22 - 19:27

external service becomes unresponsive or

19:24 - 19:29

returns errors our circuit breaker trips

19:27 - 19:31

to prevent further calls it ensures that

19:29 - 19:33

the system doesn't get overloaded with

19:31 - 19:35

retries once the external service is

19:33 - 19:38

back online the circuit breaker

19:35 - 19:40

resets for item poent operations such as

19:38 - 19:42

interacting with an external payment

19:40 - 19:44

processor retries are triggered in case

19:42 - 19:46

of failures for example timeout or

19:44 - 19:48

network error this ensures eventual

19:46 - 19:49

consistency in operations like

19:48 - 19:51

transaction settlement without

19:49 - 19:53

duplicating operations an item potency

19:51 - 19:56

key ensures that ringer transactions due

19:53 - 19:58

to network failures or Etc won't result

19:56 - 20:00

in a duplicate charge the payment

19:58 - 20:02

service accepts a unique item potency

20:00 - 20:04

key from the client ensuring that

20:02 - 20:05

repeated request with same Key Don't

20:04 - 20:07

trigger multiple

20:05 - 20:09

transactions and for distributed

20:07 - 20:10

transactions across multiple services

20:09 - 20:12

such as payment service account service

20:10 - 20:15

or fraud deduction service a saga

20:12 - 20:17

pattern can be used to ensure eventual

20:15 - 20:19

consistency each service commits its

20:17 - 20:20

local transaction and compensating

20:19 - 20:22

actions are triggered if a failure

20:20 - 20:25

occurs in any part of the chain for

20:22 - 20:27

example refund in case the payment fails

20:25 - 20:29

now security is also a critical aspect

20:27 - 20:31

of any payment system in your interview

20:29 - 20:33

you can talk about encryption such as

20:31 - 20:36

data and Transit where all data is

20:33 - 20:38

encrypted using TLS or data at rest

20:36 - 20:41

where sensitive information in databases

20:38 - 20:43

is always encrypted you can also talk

20:41 - 20:45

about authentication and authorization

20:43 - 20:48

for example you can Implement multiactor

20:45 - 20:50

authentication for users or use role

20:48 - 20:53

based access control or rback to limit

20:50 - 20:55

system access fraud detection we are

20:53 - 20:57

already using for real-time monitoring

20:55 - 20:59

and machine learning models to detect

20:57 - 21:01

suspicious activities

20:59 - 21:02

these measures protect both the users

21:01 - 21:04

and the Integrity of the system and if

21:02 - 21:06

you want to learn in detail about each

21:04 - 21:08

of these Concepts do check out my

21:06 - 21:10

security playlist as we wrap up let's

21:08 - 21:12

think about what it takes to handle

21:10 - 21:14

PayPal like volumes of traffic the key

21:12 - 21:16

to scaling effectively lies in

21:14 - 21:18

optimizing every layer of your

21:16 - 21:20

architecture first microservices

21:18 - 21:21

architecture is crucial because by

21:20 - 21:24

breaking down functionality into smaller

21:21 - 21:26

Services each one can scale horizontally

21:24 - 21:28

based on demand without affecting the

21:26 - 21:30

others next load balancing helps

21:28 - 21:32

distribute incoming traffic across

21:30 - 21:34

multiple servers ensuring no single

21:32 - 21:36

instance gets overwhelmed Global load

21:34 - 21:39

balancers make sure traffic is routed to

21:36 - 21:41

the best performing server then there is

21:39 - 21:43

caching implementing inmemory Solutions

21:41 - 21:45

like radies for frequently Access Data

21:43 - 21:48

this drastically reduces the load on

21:45 - 21:50

your databases speeding up your apps

21:48 - 21:52

performance for tasks that aren't

21:50 - 21:54

critical to main flow asynchronous

21:52 - 21:56

procing with message cues can keep

21:54 - 21:58

things fast and responsive offload these

21:56 - 21:59

jobs without slowing down the user

21:58 - 22:01

experience

21:59 - 22:03

finally don't forget database

22:01 - 22:05

optimization use read replicas to handle

22:03 - 22:07

queries that don't need to hit the

22:05 - 22:09

primary database and manage large data

22:07 - 22:11

sets effectively with partitioning and

22:09 - 22:12

charting by tweaking each of these

22:11 - 22:15

layers you can build a system that is

22:12 - 22:16

highly scalable with low latency and

22:15 - 22:21

high through

22:16 - 22:21

[Music]

Designing a Global Payment System similar to PayPal

In this comprehensive exploration of designing a global payment system, akin to PayPal, we delve deep into the intricate architecture and key components that make this system robust, secure, and high-performing. We discuss the payment Gateway, payment processor, system requirements, nonfunctional requirements, and the three key layers of the system: client layer, service layer, and data layer. Every detail is meticulously examined to ensure scalability, reliability, and top-notch security.

Understanding Payment Gateway and Processor

Before delving into the system design, let's clarify two crucial components: the payment Gateway and the payment processor. The payment Gateway acts as a bridge between the user's device and the processor, securely transmitting payment data. On the other hand, the payment processor communicates with the user's bank or card network to validate payment information and complete transactions. These components work behind the scenes to ensure seamless money flow.

Meeting System Requirements

Designing a global payment system accessible to users worldwide involves meeting various requirements. From enabling one-time payments to handling multiple currencies with real-time exchange rates, the system must scale to handle high transaction volumes. International and regional regulations such as PCI DSS and KYC requirements must also be adhered to, ensuring high reliability, scalability, low latency, and robust security.

Architecting the System: Three Key Layers

The system architecture centers around three crucial layers: the client layer, where users interact with the system; the service layer, the heart of the system handling business logic; and the data layer, where critical data is stored. These layers work harmoniously to ensure scalability, reliability, and high performance.

Client Layer

The front-facing part of the system where users interact directly includes web applications, mobile apps, and APIs. This layer facilitates user interfaces, sends requests to backend services, and caters to various user interactions, ensuring a seamless experience for both consumers and merchants.

Service Layer

The core of the system where business logic resides, including microservices for handling user requests, processing payments, managing users, and interacting with external gateways. Asynchronously communicating through message brokers like Kafka ensures scalability and fault tolerance, making this layer the brain of the system.

Data Layer

The repository of all essential data, comprising relational databases for transactional data and NoSQL systems for fast access to session data and logs. Each layer plays a vital role in ensuring data integrity, scalability, and efficient data management across the system.

Interactions during a Transaction Flow

From user authentication to payment processing, each step in a typical transaction flow involves intricate interactions between the various components of the system. As users initiate payments, the API Gateway, user service, payment service, account service, and other microservices collaborate seamlessly to verify, process, and complete transactions. External interactions with payment gateways, banks, and card networks ensure secure and efficient financial transactions.

Architectural Patterns for Scalability and Resilience

To handle PayPal-like volumes of traffic, optimizing each layer of the architecture is crucial. Implementing microservices architecture, load balancing, caching, asynchronous processing, and database optimization are key elements for building a highly scalable and low-latency system. Security measures such as encryption, authentication, authorization, and fraud detection further enhance the integrity and reliability of the system.

In conclusion, designing a global payment system requires meticulous attention to detail, adherence to regulations, and a robust architecture that ensures scalability, reliability, and top-notch security. By incorporating the right components, interactions, and architectural patterns, a system similar to PayPal can handle high transaction volumes and cater to users worldwide seamlessly.