Overview
The payment gateway microservice for MEXAR international remittance system. Handles inbound payment collection by integrating with 3rd party payment providers (Bayarind, Xendit, iPaymu), processing their webhook callbacks, and emitting structured inter-service events via Webhook and Kafka to notify payment status changes. Due to compliance requirements, only Bayarind is active in production.
Tech Stack
- Backend â Python/FastAPI
- Database â PostgreSQL
- Message Queue â Kafka, RabbitMQ
- Inter-service Communication â Webhook, Kafka
Key Capabilities
- Multi-provider Integration â Abstract gateway layer supporting Bayarind, Xendit, and iPaymu; provider-agnostic design enables rapid switching as compliance requirements change
- Webhook Processing â Inbound 3rd party callback handling with structured event emission to core backend via Kafka
- Payment Status Lifecycle â End-to-end status tracking from payment initiation through provider confirmation
Security
- IP Whitelist â Restricted webhook callback endpoints to trusted provider IPs
- Signature Verification â Request signature validation on all inbound provider callbacks
- SSL/TLS â Enforced encrypted communication with all 3rd party providers
Design Principles
- Idempotency â Idempotent payment processing ensuring no duplicate charges across distributed callbacks
- Extensibility â Provider-agnostic gateway abstraction enabling rapid payment partner changes driven by regulatory constraints
- Scalability â Event-driven architecture via Kafka for reliable high-throughput payment processing
