Online Electronic Payment Gateway

The client wants an online electronic payment gateway for his e-commerce marketplace (start-up company). He wants his company to become the market leader by providing a consistent and trouble-free platform for online merchants and consumers to conduct transactions.

Required Features:

• A stringent verification process for the safety of the users.
• Instant refunds to the buyer’s bank account in a scenario where the customer received the wrong product.
• Clients also want his separate API so that he can provide this service as a third party to other e-commerce platforms.

Developing an online payment gateway requires a deep understanding of payment processing systems, security protocols, and regulatory compliance. Here we used Agile Methodology to execute this project.

• While determining the scope of the payment gateway, we make research the types of payments that will be accepted through the gateway, supported currencies, and the countries where the payment gateway will operate.
• After deciding the scope, we select the technology stack. For this project we use: Microsoft .Net, C#, HTML5, CSS3, Bootstrap, JavaScript, jQuery, and Angular JS to develop the software.
• Then we design the payment flow that includes designing a user-friendly interface and ensuring smooth integration with third-party services, such as banks and payment processors.
• We implement security protocols to ensure the confidentiality, integrity, and availability of the payment data. This includes encrypting sensitive information, implementing fraud detection mechanisms, and complying with regulatory standards such as the Payment Card Industry Data Security Standard (PCI DSS).
• After this, we tested the gateway and deploy the payment gateway to the production environment.

• Hardware: CPU Cores @ 3.1 GHz, 32 GB memory, 1TB storage
• Software: Microsoft .Net, C#, HTML5, CSS3, Bootstrap, JavaScript, jQuery, Angular JS, ETC.
• Database: MS SQL, 3 NF format, JSON file instead of SQL Query

We develop desired Fintech Division as a Payment gateway as per the given details:

A. End Users:

• Visitor
• Customers
• Merchant/Seller
• Staff of Administrator
• Administrator /Super Administrator
• L1/L2 Support

B. Flow Diagram And Proposed Model For Payment Gateway

We proposed a model of an Electronic payment gateway on the basis of the requirements of the client:

There are five interfaces.

• Customer Interface
• Server (e-payment Gateway) Interface
• Client Bank Interface
• Merchant Bank Interface
• Merchant Interface

Online Customers will connect to this e-payment gateway through the Internet. Gateway will connect to the Bank and check whether its bank accounts are enough to buy the required product. Online customers can also visit Merchant’s website through Gateway.

C. Transaction Process Management:

An Example of Credit Card Process by considering our proposed model:

• The customer submits his credit card for payment.
• Payment Gateway manages the complex routing of the data on behalf of the merchant through the following steps/entities.
• Payment Gateway passes the secure transaction information via a secure connection to the Processor.
• The Merchant Bank's Processor submits the transaction to the credit card network (like Visa or MasterCard). The credit card network routes the transaction to the bank that issued the credit card to the customer.
• The issuing bank approves or declines the transaction based on the customer's available funds and passes the transaction results back to the credit card network.
• The credit card network relays the transaction results to the merchant bank's processor. The processor relays the transaction results to Payment Gateway.
• Payment Gateway stores the transaction results and sends them to the website for the customer and merchant to see.
• The merchant delivers goods or services to the buyer.
• The issuing bank sends the appropriate funds for the transaction to the credit card network, which passes the funds to the merchant's bank.
• The bank then deposits the funds into the merchant's bank account. This is called 'settlement', and typically the transaction funds are deposited into the merchant's primary bank account within two to four business days.

The core of the PCI DSS is a group of principles and accompanying requirements, around which the specific elements of the DSS are organized:

We support the accompanying requirements (Developer and System Admin).

• Build and Maintain a Secure Network
• Protect Cardholder Data
• Maintain a Vulnerability Management Program
• Implement Strong Access Control Measures
• Regularly Monitor and Test Networks
• Maintain an Information Security Policy