Real-Time Financial Loss Prevention System Design for Payment Platforms
YouZan built a side‑car, real‑time loss‑prevention system that monitors business events and database binlogs, validates information flow and fund balance, enforces idempotency and manual‑change checks, and uses refund‑settlement‑cash‑out circuit‑breakers to automatically detect and stop financial loss, achieving successful fault prevention after six months.
As YouZan's payment volume grows, the asset management department faces increasing responsibility for fund management and risk control. The fundamental principle is to protect every user's cent from financial loss. Before building this system, YouZan's online monitoring for fund-related issues was a blind spot, lacking self-discovery capabilities.
The article categorizes financial loss scenarios into five types: correct input with wrong output (e.g., inconsistent amount units between systems), data inconsistency between upstream and downstream systems, idempotency control failure causing multiple charges or credits, internal logic errors without external output, and manual fixes creating losses.
The real-time prevention system is designed with five key principles: real-time problem detection to reduce impact, information flow consistency verification and fund flow balance checks, comprehensive monitoring covering business triggers and manual changes, detection accuracy without false positives, and decoupling from payment链路 to avoid affecting main processes.
The system architecture uses two trigger points: business event messages and database binlog changes. It processes three types of information: business event-based rule execution, binlog-based manual operation detection with check points, and pre-processing historical data quality checks. The system runs in a sidecar mode without invading business logic.
The fund circuit breaker mechanism provides three埋点 points: refund, settlement, and cash-out. These are chosen because: payment环节 is not considered to avoid affecting user experience, faults in payment链路 can be intercepted at refund/settlement stages when funds are still in the intermediate account, and settlement issues can be caught at the final checkpoint before cash-out to UnionPay.
After six months of implementation, the system successfully prevented multiple issues during offline testing and online operations, with regular fault drills to validate platform capabilities.
Youzan Coder
Official Youzan tech channel, delivering technical insights and occasional daily updates from the Youzan tech team.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.