table of Contents
Bank and pay - outline design document
1. Background
This article describes the relevant processes payments between banks and enterprises in general. A payment system should include verification, risk control, payment routing, payment gateway module, with basic pay, refund, transfer ability, can check payment history, payment should have relevant monitoring module and error processing module.
2, Basic Concepts
2.1, pay check
Before business acceptance, in order to ensure the security of interfaces, interfaces to accept in order to verify the legitimacy of the security of the payment request message, the user's permissions, parameters. Try to ensure that the interface accepts only basic authentication, other complex validation process, asynchronous processing, can not be accepted by, the transaction is set to fail state, synchronization feedback directly to the caller.
2.2, risk control
Risk control is a module to identify unusual transactions and make additional validation, is an indispensable link in the payment system. Wind control can not completely avoid financial losses, can only minimize losses. Different wind control elements of different services, typically air control comprising the following elements:
- Wind volume control, you can set the interval transaction amount, transaction of non-compliance requests directly rejected.
- Frequency trading risk control, setting different frequency trading transaction classification threshold, the request is too high frequencies, directly rejected.
- Customary transaction risk control for individual or a group of user groups, users do portraits behavior analysis, abnormal transaction request, do secondary confirmation verification (such as phone verification code).
2.3 Payment Routing
Payment systems, payment routing refers to a merchant-party payment company assigned a number, of course, it can also be more finely divided, such as adding a card type, banks and other dimensions. The client choose a different payment routes, involving different final payment transaction logic. For example:
- Route 1: the client chooses Alipay payment routing for the customer -> Alipay transaction process.
- Route 2: The client chooses Shanghai Pudong Development Bank to pay, payment routing for the customer -> Shanghai Pudong Development Bank.
2.4 Payment Gateway
Payment Gateway is a payment system with the tripartite system of interactive interface, focusing on the design of payment gateway is to consider and exchange messages. In addition to the general system parameter verification to be carried out, both inside and outside the system parameter mapping, various requests like packaging, payment systems have to consider additional signatures and message encryption, detailed log of system interaction.
2.5 Monitoring
Monitoring the payment system mainly at the operational level of monitoring. General monitoring abnormal trading, routing and other abnormal conditions affecting the normal transaction, and promptly inform the police operator or technician. Monitoring can also provide a complete transaction information of the transaction process, easy operation and maintenance personnel to view the details of the transaction in the case of different nodes. Monitoring the way to have:
- Statistical methods: Statistical data and monitoring the timing comparison threshold, the abnormality in the statistics of the ratio exceeds a threshold value to trigger an alarm when the monitor.
- Heuristic: In a test transaction timed trial stability and stability of the system constituents channels.
- Buried law: Buried key node in pay, and check transaction status is in the desired state.
2.6, error handling
After monitoring the transaction anomalies, abnormal data can be part of the transaction, done at different nodes compensation correction. By restarting the program or man-made piece of data in the transaction payment request node error to correct abnormal transaction flow.
2.7, reconciliation
Reconciliation is the day before the transaction control on a global, unlike accounting and financial management systems, transaction reconciliation is to determine the correctness of the data stream, the general reconciliation process is as follows:
- Download file for reconciliation to download each tripartite system: FTP / HTTP get to reconciliation file
- Standardized Processing: The format of txt / xml / cvs / zip tripartite system into a reconciliation process selection file format;
- Local reconciliation preparation: the amount of data according to the size, / reconciliation system ready comparison with constituents from the library file / NoSQL / papers from the source library
- Two accounting data comparison.
- Repair difference data (labor / subsequent)
3, bank and payment process description
3.1, the flow segment
A payment process is divided into three parts, namely the pre-paid (pay-related initialization parameters), payment routing and payment realization (third-party docking system, such as banking, Paypal butt), business results after payment processing.
The entire payment process to achieve independence payments and payment routing module. Payment and payment routing for the sector to achieve common module, and no specific business-related.
And payment services, and the subsequent adaptation mode using the results of the processing, different service initiates a payment, the payment needs to be configured corresponding to the route, the configuration corresponding to the processing result. Three payment process, can be combined configuration.
Such as: order payment, payment routing is set to Alipay, to improve the results of treatment of order-related business.
Such as: claims processing, set the route for banks and payment processing, as a result of processing claims related businesses.3.2, workflow details
1. The client business needs, initiate a payment request.
2. The service module receives a payment request received by the client-initiated, sequentially made basic payment data check validation risk control, and routing the payment according to the type of service selected (e.g., transfers or bank). After a successful business acceptance, simultaneous receipt accepting the results to the client.
3. The service acceptance module, multi-thread mode, according to the payment request parameter set different routes, assembly payment parameters, constructs a payment request message mns (Spring boot or initiate events), task initiates a payment.
4. The bank-enterprise system package module after receiving event notifications, open a thread, do business with the bank to pay docking mission. When banks and enterprises docking, the need to assemble payment gateway data (data format, signature verification) in accordance with the requirements of the bank, and the bank receipt asynchronous wait for the results or the results of the initiative to get the final state bank feedback. The need to ensure the entire request idempotent and record details of the interaction process log (e.g. parameter request, feedback parameter, the request time consuming). After the bank layer flow system packaging process is completed, the event mode, initiating an asynchronous task to the result of the processing module.
The third-party payment system flow payment process is completed, to transfer the results of the processing module, in accordance with the result of the bank processing, record transaction flow, and record the final results of the final state the sum of the payment request (first request failed or succeeded in the end ). At the same time, improve the business status of the transaction.
6. After the result of the process section is completed, the final state of the feedback result to the client.
Monitoring : All sectors need to write a detailed log of the links, facilitate the transaction fails, do locate and correct the problem. A transaction record, the final should have at different aspects of the process have detailed information can be found to improve the life cycle of transaction information. If the trading volume, can first log into the cache Redis by Redis synchronize data to relational databases. If the small trading volume, it can be directly stored in a relational database.
Error handling : one transaction failures that may occur in different areas, a failure, should not all the processes have to start over, according to different nodes of the transaction, the timing system repair or human error involved in processing the transaction fails to do records. Such as: bank-enterprise system package module has been executed successfully, the result of processing module fails, call the bank and re-package module push the final result, only the result of the article payment request processing module re-processing. (To accomplish this node based on the repair mode, the logic required to record key parameters of the different nodes down a node request, while providing boot interface).
Reconciliation : According to financial needs, periodically export transaction flow system, to facilitate bank water system and water make data comparison.