Design and Architecture of a Payment Operations Platform

1. Role of the Payment Operations Platform

The payment operations platform is an internal tool for payment company staff to query transaction, merchant, and rate information, serving developers, testers, product managers, settlement staff, finance, and customer service, enabling rapid data access, monitoring, and issue resolution.

1.1 Platform Overview

It provides a unified interface for various internal roles to handle on‑call problems, data queries, and adjustments, making it indispensable despite not being on the main payment flow.

1.2 Development History

Initially, a monolithic system handled all payment functions; the operations platform was a simple Spring MVC admin page directly accessing the database. As transaction volume grew, the system was split into specialized subsystems (acquisition, settlement, accounting, merchant management), leading to data source fragmentation and new challenges for the operations platform regarding cross‑database operations and security compliance.

2. Business Logic

2.1 User Group Analysis

Understanding the diverse internal user groups—developers, testers, product, settlement, finance, and customer service—is essential to define their specific platform requirements.

2.2 Business Architecture

The platform must aggregate and modify data across multiple subsystems, providing comprehensive support for all internal user groups.

3. Platform Design

3.1 Design Principles

Usability: Simple, low‑cost operations for internal staff.

Learnability: Minimal training required, intuitive interfaces.

Security: Protect sensitive merchant and transaction data with strict access controls.

Efficiency: Fast query and modification responses to improve service speed.

3.2 System Architecture

3.2.1 Interaction Design

The platform follows a front‑end/back‑end separation; the back end acts as a routing layer, invoking appropriate business system APIs to fetch or modify data.

3.2.2 Permission Model Design

A dedicated RBAC‑based permission system is recommended, providing SDKs for internal services to integrate and enforce fine‑grained access control.

3.3.3 Technical Architecture

The platform records all operations, integrates with a security center, applies watermarks to pages, and implements unified approval workflows, forming a robust technical stack for secure and auditable internal operations.