All Challenges
EasyPayment Gateway · Part 1

Payment Gateway 1 - Online Checkout

DatabasesAPI DesignAuth
Solve in Design Lab →

Problem Statement

PayFlow is a startup building a payment gateway for small and mid-size e-commerce merchants. The MVP must support:

- Card payments - accept Visa, Mastercard, and Amex via a REST API. Merchants integrate with a simple SDK.Idempotency - network retries must never result in double charges. Every payment request carries an idempotency key.PCI compliance - card numbers must never be stored in plaintext. Tokenize sensitive data and delegate actual card processing to an upstream processor (Stripe-like model).Webhooks - notify merchants when a payment succeeds, fails, or is refunded, with at-least-once delivery and retry logic.Merchant dashboard - a simple UI showing transaction history, daily revenue, and refund status.

The system targets 50,000 transactions per day across ~200 merchants, each averaging 250 transactions daily.

What You'll Learn

Build a payment processing service for a mid-size e-commerce store handling 50 k transactions/day. Build this architecture under realistic production constraints, then validate tradeoffs in the design lab simulation.

DatabasesAPI DesignAuth

Constraints

Daily transactions~50,000
Active merchants~200
Payment confirmation< 2 seconds
Webhook delivery< 30 seconds
Double-charge toleranceZero
Availability target99.9%
ApproachClick to expand

Interview-Ready Approach

1) Clarify Scope and SLOs

  • Problem statement: Build a payment processing service for a mid-size e-commerce store handling 50 k transactions/day.
  • Design for a peak load target around 100 RPS (including burst headroom).
  • Daily transactions: ~50,000
  • Active merchants: ~200
  • Payment confirmation: < 2 seconds
  • Webhook delivery: < 30 seconds
  • Double-charge tolerance: Zero

2) Capacity Planning Method

  • Convert traffic and growth constraints into request rate, storage growth, and concurrency budgets.
  • Keep at least 2-3x safety margin per tier (ingress, compute, storage, async workers).
  • Reserve explicit latency budgets per hop so p95 can be defended in review.

3) Architecture Decisions

  • Databases: Define a clear system-of-record and design read/write paths separately before adding optimizations.
  • API Design: Standardize API boundaries, idempotency keys, pagination, and error contracts first.
  • Auth: Centralize identity verification and keep authorization checks close to domain resources.

4) Reliability and Failure Strategy

  • Use strong write constraints (transactions or conditional writes) and explicit backup/restore strategy.
  • Apply strict input validation and backward-compatible versioning.
  • Use short-lived tokens and secure key rotation workflows.

5) Validation Plan

  • Run one peak-load test, one dependency-degradation test, and one failover test.
  • Verify idempotency for all retried writes and async consumers.
  • Track user-facing SLOs first: p95 latency, error rate, and successful throughput.

6) Trade-offs to Call Out in Interviews

  • Databases: SQL gives stronger transactional guarantees; NoSQL often gives better write scaling and flexibility.
  • API Design: Rich APIs improve developer speed but can create long-term compatibility burden.
  • Auth: Central auth simplifies policy, but makes auth service availability/security critical.

Practical Notes

  • Use idempotency keys stored in the database - check before processing and return the cached result on retries.
  • Tokenize card data at the API boundary; your database only stores tokens and last-four digits.
  • Webhooks need a retry queue with exponential backoff for failed deliveries.

Learn the Concept

Databases Topic HubAPI Design Topic HubAuth Topic Hub

Related guided labs:

Database Replication & Read ScalingNoSQL & Document DatabasesSchema Design Workshop

Practice Next

Reference SolutionClick to reveal

Why This Solution Works

Request path: The solution keeps ingress, service logic, and stateful dependencies separated so each layer can scale independently.

Reference flow: Web Clients -> API Gateway -> API Service -> Auth Service -> Primary SQL DB

Design strengths

  • Security controls are enforced at ingress to protect downstream capacity.

Interview defense

  • This design makes bottlenecks explicit (ingress, core compute, persistence, async workers).
  • It supports progressive scaling without re-architecting the core request path.
  • It keeps correctness-sensitive state changes in durable systems while offloading background work asynchronously.
Solve in Design Lab →Next: Payment Gateway 2