Process Flow

Online Payment Flow

End-to-end sequence from checkout initiation through settlement — covering happy path, 3DS challenge, and failure handling.

Payment Sequence

Each node shows the responsible actor and the decision or action taken at that step.

1

Checkout Initiated

User submits payment form. Client-side validation runs. Card data is tokenized by the payment SDK before leaving the browser — raw PAN never touches the application server.

BrowserPayment SDK
2

Payment Intent Created

Backend creates a PaymentIntent with amount, currency, and idempotency key. Returns client secret to the frontend for confirmation.

Application ServerPSP API
3

3DS Authentication Check

PSP evaluates risk signals. For most transactions, authentication is frictionless. High-risk or card-issuer-required flows trigger a 3DS challenge popup.

Frictionless
Skip to Step 4 — issuer approves silently
Challenge required
User completes OTP or biometric step
PSPCard Issuer
4

Authorization

PSP forwards authorization request to the card network. Issuer checks available credit and fraud signals. Response is returned within 2–5 seconds.

Authorized
Funds held — proceed to capture
Declined
Return decline code — notify user
PSPCard NetworkIssuing Bank
5

Capture & Webhook

Funds are captured (immediately or delayed, depending on configuration). PSP fires a payment.succeeded webhook. Application server updates order status and triggers fulfillment.

PSPApplication ServerOrder Service
6

Settlement

PSP batches captures and settles to the merchant bank account on T+1 or T+2 depending on the payout schedule. Reconciliation report is available via the PSP dashboard and API.

PSPAcquiring Bank