Backend March 2023

CTBC Payment Integration

Direct integration with CTBC Bank payment gateway, providing API for third-party payment services. Implementing secure payment processing and transaction management, ensuring stability and security of payment processes

CTBC Payment Integration

Project Overview

This project focuses on direct integration with CTBC Bank's payment gateway system, providing stable and reliable third-party payment services. Through deep integration with CTBC Bank's payment gateway, we implemented a complete online payment solution supporting multiple payment methods and transaction types.

The system design emphasizes security, stability, and scalability, ensuring all payment transactions comply with bank-level security standards while providing flexible API interfaces for third-party system integration.

Project Type: Payment Integration System

Development Time: March 2023

Partner Bank: CTBC Bank

Security Standard: PCI DSS

API Type: RESTful API

Core Features

Complete Payment Gateway Integration

Direct integration with CTBC Bank's payment gateway system to implement complete online payment functionality. Supporting credit cards, debit cards, e-payment, and convenience store payments, providing users with convenient payment options.

The system is designed as a Composer Package for easy reuse across different projects. In response to CTBC Bank's PHP version limitation (only supporting up to 7.3), Docker containerization is adopted for deployment, ensuring environment consistency and stability.

CTBC Payment Integration System

Main interface for CTBC Bank payment gateway integration

🏦

Bank-Level Security

Compliant with financial industry security standards, using multiple encryption and verification mechanisms

Real-time Processing

Millisecond-level transaction processing speed, ensuring excellent user payment experience

🔄

Automated Reconciliation

Automated end-of-day reconciliation system ensuring accurate transaction data

📊

Transaction Monitoring

Real-time transaction monitoring and anomaly detection, preventing fraud and risks

Supported Payment Methods

💳 Credit Card Payment

  • VISA / MasterCard / JCB
  • Domestic and International Cards
  • Installment Payment
  • Reward Points Redemption

🏧 Debit Card Payment

  • ATM Transfer
  • Internet Banking
  • WebATM
  • Counter Transfer

📱 E-Payment

  • Apple Pay
  • Google Pay
  • Samsung Pay
  • Line Pay

🏪 Convenience Store Payment

  • 7-11 ibon
  • FamilyMart FamiPort
  • Hi-Life
  • OK Mart

Security Protection Mechanisms

🛡️ 3D Verification

Supporting 3D Secure verification, providing additional identity confirmation protection

🔍 Risk Detection

Real-time transaction risk assessment, automatically identifying suspicious transaction behavior

🚫 Duplicate Charge Prevention

Intelligent deduplication mechanism, avoiding duplicate transactions and erroneous charges

📝 Complete Logging

Detailed transaction log records, supporting audit and tracking requirements

Backend Technical Details

Payment Gateway Integration Architecture

This project mainly integrates with CTBC payment gateway and provides API for private payment use, designed as a Composer Package for convenient reuse across multiple projects.

Deployment Environment

Since CTBC Bank's PHP version only supports up to 7.3, Docker is adopted for deployment to ensure consistency between development and production environments, while facilitating future version upgrades and maintenance.

API Encryption Design

The API design includes complete encryption and decryption mechanisms to ensure data transmission security:

  • SSL/TLS Encryption - All communications using HTTPS protocol
  • Digital Signature - Using RSA or ECDSA for transaction verification
  • Field Encryption - Sensitive data processed with AES encryption
  • Hash Verification - SHA-256 ensuring data integrity
API Encryption/Decryption Mechanism

API encryption and decryption flow diagram

Payment Flow Design

Implementing complete payment lifecycle management:

  • Order Creation - Generate secure transaction IDs and verification codes
  • Payment Authorization - Real-time authorization verification with CTBC Bank
  • Transaction Processing - Execute actual fund transfer operations
  • Result Notification - Real-time transaction result and status feedback
  • Reconciliation - Automated end-of-day reconciliation procedures

API Interface Design

Providing RESTful API for third-party system integration, including:

  • Payment Request API - Initiate payment transactions
  • Status Query API - Query transaction status
  • Refund Processing API - Handle refund requests
  • Notification Callback API - Receive payment result notifications
  • Reconciliation Query API - Retrieve transaction details

Quality Assurance

The project includes complete unit testing to ensure the correctness and stability of all functions. Through automated testing processes, system functions can be quickly verified with each code change.

Technologies Used

Backend Development

  • Laravel Framework
  • PHP 7.3
  • Composer Package
  • RESTful API

Security Mechanisms

  • SSL/TLS Encryption
  • RSA / ECDSA Digital Signature
  • AES Field Encryption
  • SHA-256 Hash Verification
  • 3D Secure

Deployment Environment

  • Docker Containerization
  • Linode Cloud Hosting

Testing Tools

  • PHPUnit - Unit Testing
  • Postman - API Testing