Payment System Interface Modernization on AWS: Modern Cloud-Native Payment Systems
Publication date: April 6, 2022 (Diagram history)
This architecture shows you how to build a microservices-based payment system to handle scale and optimized performance with improved container-based deployment, and using API and event-based models for handling different channels in payment.
Payment System Interface Modernization on AWS Diagram
-
Users initiate transactions to payment interface system using mobile apps integrated with the payment system, or through bank-provided apps.
-
The request receiver accepts the request at the bank data center.
-
The request is routed to payment interface services in the AWS network from the bank using AWS Direct Connect.
-
A request from a merchant or other client arrives directly from the internet.
-
The request passes through AWS WAF and is received through the Amazon API Gateway, which routes requests to services using a VPC endpoint and Network Load Balancer (NLB).
-
In AWS, the request for payment interface services is received by the Amazon Elastic Kubernetes Service (Amazon EKS) cluster’s Application Load Balancer (ALB) ingress controller.
-
Ingress rules redirect the request to a targeted microservice for purposes such as payment, balance, virtual payment address (VPA), merchant, account, and so on.
-
Payment interface services reach the bank hardware security model (HSM), core banking systems hosted inside the bank using AWS Direct Connect.
-
Payment interface services perform create, read, update, and delete (CRUD) operations in the Amazon Relational Database Service (Amazon RDS) unified payment interface (UPI) database.
-
Payment interface services maintain sessions in Amazon ElastiCache (Redis OSS).
-
Payment interface services communicate with each other with an event-driven model using topics in Amazon Managed Streaming for Apache Kafka (Amazon MSK).
-
Payment interfaces microservices observability using Amazon OpenSearch Service and Amazon CloudWatch.
-
Use AWS Identity and Access Management (IAM), AWS Key Management Service (AWS KMS) , and AWS Secrets Manager to ensure the roles-based access, securing credentials, and data.
-
Payment interface near real-time transaction data is consumed by other systems in the bank DC using an Amazon Relational Database Service (Amazon RDS) replica over AWS Direct Connect.
-
Payment interface microservices container images are maintained inside Amazon Elastic Container Registry (Amazon ECR).
Download editable diagram
To customize this reference architecture diagram based on your business needs, download the ZIP file which contains an editable PowerPoint.
Create a free AWS account
Sign up for an AWS account. New accounts include 12 months of AWS Free Tier
Further reading
For additional information, refer to
Diagram history
To be notified about updates to this reference architecture diagram, subscribe to the RSS feed.
Change | Description | Date |
---|---|---|
Initial publication | Reference architecture diagram first published. | April 6, 2022 |
Note
To subscribe to RSS updates, you must have an RSS plugin enabled for the browser you are using.