Payment Processing
Payment acceptance, fraud prevention, and forms of payment management. Built on a Zero-Trust Vault Architecture where our servers never touch raw credit card numbers.
Scope
Payment Methods
- Credit/Debit Cards: Visa, Mastercard, Amex
- UATP: Universal Air Travel Plan
- Alternative Payments: PayPal, Apple Pay, Google Pay
- Bank Transfers: SEPA, wire transfers
- Vouchers: Airline vouchers, gift cards
- Loyalty Points: Miles redemption
- Buy Now Pay Later: Affirm, Klarna
Fraud Prevention
- 3D Secure (3DS2)
- Address Verification (AVS)
- CVV verification
- Velocity checks
- Machine learning fraud scoring
- Manual review queues
Payment Operations
- Authorization and capture
- Refund processing
- Chargeback management
- Currency conversion
- Tax calculation
OMS Payment Vault
Zero-Trust Architecture
Our servers NEVER touch raw credit card numbers. All sensitive card data is handled by the payment gateway. We only store tokens.
┌─────────────────────────────────────────────────────────────────┐
│ Zero-Trust Payment Flow │
│ │
│ ┌──────────┐ │
│ │ Customer │ │
│ └────┬─────┘ │
│ │ │
│ │ Credit Card Data │
│ ▼ │
│ ┌──────────────────┐ │
│ │ Payment Gateway │◄── Hosted payment page │
│ │ (API) │ PCI-compliant capture │
│ │ │ │
│ │ ┌────────────┐ │ │
│ │ │ Processing │ │ │
│ │ │ Platform │ │ │
│ │ └────────────┘ │ │
│ └────────┬─────────┘ │
│ │ │
│ │ Payment Token (Safe) │
│ ▼ │
│ ┌──────────────────┐ ┌────────────────┐ │
│ │ OMS Vault │────────►│ Domestic Tax │ │
│ │ │ │ Engine │ │
│ │ ┌────────────┐ │ │ │ │
│ │ │ Order ID │ │ │ Applies GST/VAT│ │
│ │ │ Token Ref │ │ │ based on O&D │ │
│ │ │ Last Four │ │ └────────────────┘ │
│ │ │ Amount │ │ │
│ │ └────────────┘ │ │
│ └──────────────────┘ │
│ │
│ What we store: What we DON'T store: │
│ ✓ Payment token ✗ Full card number │
│ ✓ Last 4 digits ✗ CVV/CVC │
│ ✓ Expiry (month/year) ✗ Full PAN │
│ ✓ Order ID ✗ Track data │
│ │
└─────────────────────────────────────────────────────────────────┘
Payment Vault Data Model
model PaymentVault {
id String @id @default(uuid()) @db.Uuid
orderId String @unique @db.Uuid
order Order @relation(fields: [orderId], references: [id])
// Token from payment gateway - NEVER raw card data
tokenRef String // Gateway-specific token
gatewayId String // Which gateway issued the token
// Display only - for customer reference
lastFour String? @db.VarChar(4)
expiryMonth Int?
expiryYear Int?
cardBrand String? // Visa, Mastercard, etc.
// Transaction details
amount Decimal @db.Decimal(10, 2)
currency String @db.VarChar(3)
status PaymentStatus @default(PENDING)
// Authorization
authCode String?
authTimestamp DateTime?
authExpiry DateTime?
// Capture
capturedAt DateTime?
capturedAmount Decimal? @db.Decimal(10, 2)
// Audit
createdAt DateTime @default(now())
updatedAt DateTime @updatedAt
// NO fields for: cardNumber, cvv, fullPan, trackData
@@index([orderId])
@@index([status])
}
enum PaymentStatus {
PENDING
AUTHORIZED
CAPTURED
REFUNDED
FAILED
CANCELLED
}
Benefits of Zero-Trust
| Benefit | Description |
|---|
| PCI Scope | SAQ A (minimal) - card data never enters our systems |
| Security | Zero card data = zero card data breaches |
| Compliance | Simplified audit, reduced liability |
| Operations | No secure card data handling processes needed |
Research Topics
Architecture Considerations
Payment Flow
Customer Checkout
↓
┌──────────────────┐
│ Payment Gateway │ ◄── PCI-compliant token capture
└────────┬─────────┘
│
┌────┴────┐
│ │
┌───▼───┐ ┌───▼───┐
│ 3DS │ │ Fraud │
│ Auth │ │ Check │
└───┬───┘ └───┬───┘
│ │
└────┬────┘
│
┌────────▼────────┐
│ Authorize │
└────────┬────────┘
│
(Booking confirmed)
│
┌────────▼────────┐
│ Capture │ ◄── At ticketing or check-in
└─────────────────┘
Payment Data Model
Payment
├── PaymentID
├── OrderReference
├── Method
│ ├── Type (Card, UATP, Wallet, etc.)
│ ├── Token (PCI tokenized)
│ └── Details (masked)
├── Amount
│ ├── Currency
│ ├── Value
│ └── ExchangeRate
├── Authorization
│ ├── Code
│ ├── Timestamp
│ └── ExpiryDate
├── Status (Pending, Authorized, Captured, Refunded)
└── FraudScore
Authorization Strategies
| Strategy | Use Case |
|---|
| Auth + Capture | Immediate ticketing |
| Auth only | Deferred ticketing |
| Pre-auth + Incremental | Ancillary add-ons |
| Zero-auth | Card validation |
Integration Points
| System | Direction | Data |
|---|
| Booking Engine | Inbound | Payment requests |
| Payment Gateway | Bidirectional | Auth/capture |
| Fraud System | Bidirectional | Risk scores |
| Ticketing | Outbound | Payment confirmation |
| Refunds | Bidirectional | Refund processing |
| Finance | Outbound | Settlement data |
Gateway Selection
Key Providers
| Provider | Strengths |
|---|
| Adyen | Global, airline experience |
| Worldpay | High volume, fraud tools |
| Cybersource | Enterprise, analytics |
| Stripe | Developer experience |
| Checkout.com | Modern API, competitive rates |
Selection Criteria
- Geographic coverage
- Payment method support
- Fraud tools
- Pricing model
- PCI scope reduction
- Airline industry experience
PCI-DSS Compliance
Scope Reduction
- Use hosted payment pages
- Tokenization for storage
- Point-to-point encryption (P2PE)
- No card data in logs
Compliance Levels
| Level | Transactions/Year | Requirement |
|---|
| 1 | >6M | Annual audit |
| 2 | 1-6M | SAQ + quarterly scan |
| 3 | 20K-1M | SAQ |
| 4 | <20K | SAQ |
Fraud Management
Risk Signals
- IP geolocation
- Device fingerprint
- Booking velocity
- One-way/cash tickets
- High-risk routes
- Last-minute bookings
Response Actions
| Risk Level | Action |
|---|
| Low | Auto-approve |
| Medium | 3DS challenge |
| High | Manual review |
| Critical | Auto-decline |