The client wanted to create a payment-processing platform that would facilitate payment processing for e-commerce companies, be secure, and provide a wide range of additional services. INSART was expected to deal with the following challenges:
- Develop the platform from scratch to MVP (Minimum Viable Product) version.
- Ensure the platform was secure.
Develop the platform from scratch
Business value: The objective of the project was to provide, as an Internet Payment Service Provider (Visa IPSP) or Payment Facilitator (MasterCard PF), card acceptance services for e-commerce merchants through an innovative online platform. Through the platform, merchants could register their online shopping site, use the platform’s payment widget to receive payments on the site, and monitor their own revenues.
Details: The platform has the following modules:
- Merchant desktop: contains all information required for the merchants’ work.
- Partner desktop: allows the merchant to customize benefits from the partner program (commercial partners are merchants invited by the platform users);
- Administration desktop: contains information about merchants and their settings, rates, reserves, and payouts.
The merchant desktop includes a dashboard on which the merchant can find summarized data of his/her account. The account menu enables the merchant to edit the company’s profile, pricing plans, credentials, application programming interface (API) keys, and widgets, and manage layout options.
The partner desktop looks similar to the merchant desktop, but also allows the merchant to invite and register other merchants, and to manage pricing plans.
The administration desktop enables actions including managing merchants’ profiles, payouts, and reserves, as well as managing pricing plans.
In addition to those described above, the platform has the following features:
- A payment gateway, which enables merchants to receive payments via Visa/Mastercard.
- Shopping cart integration.
- A virtual terminal, which allows operators to enter card numbers manually.
- The ability to monitor and edit customer profiles. Merchants can see all payments made by their customers
- Generation of reports on:
- financial statements (general and detailed);
- processing statements (transactions, fees, reserves, chargebacks).
- A pay-by-link feature, which allows merchants to create invoices and send links thereto to clients. When clicking the link, the client is taken to a payment form in which he/she only needs to enter email and card data.
- Statistics for such indexes as transactions and disputes (chargeback requests).
Processes: A dedicated team was created by INSART to implement the project. The team included the following specialists:
- Project manager;
- Business analyst with expertise in FinTech projects;
- Four Java developers;
- QA specialist.
Agile with two-week sprints was chosen as the development methodology. Each sprint began with print planning, wherein the customer decided which tasks were of the highest priority and had to be done during the sprint. During daily status meetings were held for the team to discuss progress and brainstorm solutions to challenges.
Result: INSART developed this innovative online payment platform from scratch over about three years. The platform facilitates payments by e-commerce merchants. On its first release, following one year of development, the platform was workable and functional. However, since that time its functionality has been expanded significantly, with several advanced features.
General Payment Flow
Ensure the platform was secure
Business value: As with all Internet payment platforms, the main challenge was to facilitate secure online payments. The system had to incorporate fraud prevention with the following features:
- Filters to identify, screen, and check transaction data. Each transaction can only be completed if the data matches certain parameters.
- Hot listing based on each merchant process, which allows merchants to restrict risky transactions based on their own processing history.
- 3D-secure PIN code confirmation input by the cardholder.
Details: Since issues of security are extremely significant for payment platforms, the system’s fraud protection also enables customization of parameters such as:
- Minimum purchase price
- Maximum transaction amount
- Country monitor
- Billing/shipping address mismatch
- IP address velocity (too many orders from the same IP address)
- Card number velocity
- Email address velocity
- BIN country/IP country mismatch
- Card security code mismatch
- Address verification service
The platform prevents fraud via three steps:
- The merchant configures fraud prevention filters to flag, hold for review, or deny risky payments.
- Based on the settings, filters review incoming payments.
- The merchant’s filters automatically flag, deny, or hold payments for review.
Result: The fraud protection desktop allows platform users to customize it based on their own security issues.
The following technologies were used for the project:
- Programming language: Java7
- Application frameworks: Spring (Spring Security, Spring JDBC), Apache Tapestry
- Responsive design frameworks: Bootstrap, SmartAdmin
- Servers: Apache Tomcat, Jetty
- Database: PostgreSQL
- Load balancing: Nginx
The following development tools were selected:
- Java integrated development environment: Intellij IDEA
- Build manager: Maven
- Subversion repository: Git/SVN
The platform was integrated with Wirecard (payment processing) and Zendesk (ticket system).
Third-party platforms can integrate with the Swissnet platform in the following aspects:
- fullAPI: The API for merchants (a RESTful Web service).
- A payment widget.
- Community API (Connect API): The API for partners (a RESTful Web service).