Modernize payment processes with an event-driven architecture
This Guidance demonstrates how payment operators can deploy an event-driven architecture to receive, consume, and release ISO 20022 payment messages. Customers can benefit from a multi-Region architecture, tunable consistency, and with the decision-making process managed by API consumers. This allows for the acceptance, rejection, cancellation, and redrive of data processing workflows, with failover across AWS Regions. Payment operators can deploy this Guidance as a proxy in front of their existing payment infrastructure, on-premises, in the cloud, or use it as the foundational building block to modernize payment processes.
Please note: [Disclaimer]
Architecture Diagram
[text]
Step 1
API client calls regional AUTH endpoint associated with the Region-specific Amazon Cognito client ID and client secret. It receives OAuth 2.0 access token (to be used with all subsequent API requests).
Step 2
The API client calls the Regional API endpoint associated with the Transaction Microservice Architecture (MSA), and receives HTTP 200 with response payload. It includes a transaction ID (to be used with all subsequent API requests).
Step 3
Transaction MSA generates universally unique identifier version 4 (UUID4). It verifies if it's unique within the current partition in Amazon DynamoDB (transaction table). It records in DynamoDB (status = ACCP); otherwise, it retries up to 3 times.
Step 4
API client calls Regional API endpoint associated with Incoming Queue. It passes transaction ID as HTTP header, and ISO 20022 incoming message as HTTP body (this step starts internal event-driven workflow).
Step 5
Incoming MSA consumes ISO 20022 message from Incoming Queue, and stores it into an Amazon Simple Storage Service (Amazon S3) bucket (incoming path). It records the step in DynamoDB (status = ACTC), and pushes the incoming message to the Processing Queue.
Step 6
Processing MSA consumes ISO 20022 message from Processing Queue. It runs technical and
business validations, including sync calls to other MSA.
Some examples are: Federal Information Processing Standards (FIPS-104-2), Know Your Customer (KYC), Anti-Money Laundering (AML), Fraud, and liquidity records. These sync in DynamoDB (status = ACSP or RJCT) and push an ISO 20022 confirmation or rejection message to the Releasing Queue.
Step 7
Releasing MSA consumes ISO 20022 message from Releasing Queue, stores it into an Amazon S3 bucket (outgoing path), records step in DynamoDB (status = ACSC or RJCT), and pushes notification to Amazon Simple Notification Service (Amazon SNS).
Step 8
API client calls Regional API endpoint associated with Outgoing MSA, and receives HTTP 200 with ISO 20022 outgoing message as response payload.
Step 9
Timeout MSA invokes every 15 seconds to retrieve any transaction that exceeds service level agreement (SLA). It generates rejection ISO 20022 message, stores it in Amazon S3 (outgoing path), and records new step in DynamoDB (status = RJCT).
Step 10
OPTIONALLY, for on-premises downstream systems leverage existing messaging capabilities (for example IBM MQ, or Kafka), deploy the same tool in the AWS Cloud and use the native replication between on-premises and the Cloud.
Step 11
Amazon MQ Reader MSA consumes messages from cloud-based Amazon MQ and submits them to Incoming API (see steps 1 through 5 from above).
Step 12
Amazon MQ Writer MSA consumes messages from Outgoing API, and pushes them to Cloud based MQ (as detailed in Steps 1, 2, and 9).
Step 1
API consumer calls the regional AUTH endpoint associated with a Region-specific Amazon Cognito client ID and client secret. It receives OAuth 2.0 access token (to be used with all subsequent API requests).
Step 2
API consumer calls the Regional API endpoint associated with the Transaction Microservice Architecture (MSA), and receives HTTP 200 with response payload. It includes a transaction ID (to be used with all subsequent API requests).
Step 3
Transaction MSA generates universally unique identifier version 4 (UUID4). It verifies if it's unique within the current partition in Amazon DynamoDB (transaction table). It records in DynamoDB (status = ACCP); otherwise, it retries up to 3 times.
Step 4
API consumer calls Regional API endpoint associated with Incoming Queue. It passes transaction ID as HTTP header, and ISO 20022 incoming message as HTTP body (this step starts internal event-driven workflow).
Step 5
Incoming MSA consumes ISO 20022 message from Incoming Queue, and stores it into an Amazon Simple Storage Service (Amazon S3) bucket (incoming path). It records the step in DynamoDB (status = ACTC), and pushes the incoming message to the Processing Queue.
Step 6
Processing MSA consumes ISO 20022 message from Processing Queue. It runs technical and
business validations, including sync calls to other MSAs.
Some examples are: Federal Information Processing Standards (FIPS-104-2), Know Your Customer (KYC), Anti-Money Laundering (AML), fraud, and liquidity records. It records the step in DynamoDB (status = ACSP or RJCT) and pushes an ISO 20022 confirmation or rejection message to the Releasing Queue.
Step 7
Releasing MSA consumes ISO 20022 message from Releasing Queue, stores it into an Amazon S3 bucket (outgoing path), records step in DynamoDB (status = ACSC or RJCT), and pushes notification to Amazon Simple Notification Service (Amazon SNS).
Step 8
API consumer calls the Regional API endpoint associated with Outgoing MSA, and receives HTTP 200 with ISO 20022 outgoing message as response payload.
Step 9
Timeout MSA invokes every 15 seconds to retrieve any transaction that exceeds service level agreement (SLA). It generates rejection ISO 20022 message, stores it in Amazon S3 (outgoing path), and records new step in DynamoDB (status = RJCT).
Step 10
Optionally, for on-premises downstream systems leveraging existing messaging capabilities (for example IBM MQ, or Kafka), deploy the same tool in the AWS Cloud and use the native replication between on-premises and the Cloud.
Step 11
Messaging Queue (MQ) Reader MSA consumes messages from cloud-based MQ and submits them to Incoming API (according to previous Steps 1 through 5).
Step 12
MQ Writer MSA consumes messages from Outgoing API, and pushes them to Cloud based MQ (as detailed in Steps 1, 2, and 9).
Well-Architected Pillars
The AWS Well-Architected Framework helps you understand the pros and cons of the decisions you make when building systems in the cloud. The six pillars of the Framework allow you to learn architectural best practices for designing and operating reliable, secure, efficient, cost-effective, and sustainable systems. Using the AWS Well-Architected Tool, available at no charge in the AWS Management Console, you can review your workloads against these best practices by answering a set of questions for each pillar.
The architecture diagram above is an example of a Solution created with Well-Architected best practices in mind. To be fully Well-Architected, you should follow as many Well-Architected best practices as possible.
-
Operational ExcellenceRead the Operational Excellence whitepaper
This Guidance uses ready to deploy capabilities to monitor and observe your application's state and its business outcomes, it can be integrated through APIs, and deployed through infrastructure as code (IaC) of your choice. Amazon Elastic Container Registry (Amazon ECR) can store app-level code, and AWS Lambda can be deployed using continuous integration and continuous delivery (CI/CD) pipelines of your choice.
-
SecurityRead the Security whitepaper
This Guidance requires encryption in transit and at rest. API and AUTH endpoints have SSL/TSL enabled, and data stores such as Amazon S3, DynamoDB, Amazon Simple Queue Service (Amazon SQS), and Amazon SNS support encryption at rest using AWS Key Management Service (AWS KMS). AWS resources are protected through AWS Identity and Access Management (IAM), while Amazon API Gateway resources are protected through Cognito and 0Autho 2.0. Sensitive information, such as IDs, is stored using AWS Secrets Manager.
-
ReliabilityRead the Reliability whitepaper
This Guidance supports reliability testing and implements Amazon S3 as a default backup and restore mechanism. Additionally, the transaction API verifies that each transaction ID is unique, First-In-First-Out (FIFO) queues verify that messages are processed in order and only once, and the Recovering API checks for Region failures and provides self-healing capabilities. AWS CloudWatch and AWS CloudTrail provide ready to deploy logs and default metrics, and you can choose an active-passive or an active-active architecture, depending on your requirements.
-
Performance EfficiencyRead the Performance Efficiency whitepaper
This Guidance uses serverless services, such as Lambda, Amazon Elastic Kubernetes Service (Amazon EKS), DynamoDB, and Amazon SQS, making it easier to scale and to monitor traffic and data access patterns. Additionally, you can submit ISO 20022 messages through APIs, observe experiment results through AWS monitoring and observability capabilities, and use the data in the AWS data services to further optimize your systems.
-
Cost OptimizationRead the Cost Optimization whitepaper
This Guidance was built following Event-Driven Architecture (EDA) guidelines and best practices and uses serverless services that scale automatically with demand, so you only pay for the resources you actively use. You can also choose single-region or multi-region rates, depending on your requirements.
-
SustainabilityRead the Sustainability whitepaper
With serverless services, this Guidance makes it easier for you to scale and to maintain consistent high usage of deployed resources, minimizing the need for hardware and verifying that you will use only the minimum resources required. This Guidance also supports data access and storage patterns with services such as Amazon DynamoDB, Amazon SQS, Amazon SNS, and Amazon S3.
Implementation Resources
The sample code is a starting point. It is industry validated, prescriptive but not definitive, and a peek under the hood to help you begin.
Disclaimer
The sample code; software libraries; command line tools; proofs of concept; templates; or other related technology (including any of the foregoing that are provided by our personnel) is provided to you as AWS Content under the AWS Customer Agreement, or the relevant written agreement between you and AWS (whichever applies). You should not use this AWS Content in your production accounts, or on production or other critical data. You are responsible for testing, securing, and optimizing the AWS Content, such as sample code, as appropriate for production grade use based on your specific quality control practices and standards. Deploying AWS Content may incur AWS charges for creating or using AWS chargeable resources, such as running Amazon EC2 instances or using Amazon S3 storage.
References to third-party services or organizations in this Guidance do not imply an endorsement, sponsorship, or affiliation between Amazon or AWS and the third party. Guidance from AWS is a technical starting point, and you can customize your integration with third-party services when you deploy the architecture.