Designing and Implementing a Payment Fund Account System

This article explores the design and implementation of a payment fund account system, using the author's practical experience as a case study. The system is built in a cloud-native environment on Tencent Cloud for a third-party payment business that only needs to handle merchant accounts, not user accounts.

The article begins by defining what an account is - a data carrier that records the balance and transaction details of a specific type of funds for a particular entity. It then explains the three key components of an account system: account balance (the amount of funds), account transaction records (detailed records of all balance changes), and transaction vouchers (records of transaction information).

The author discusses the purpose and structure of fund account systems, explaining that they are virtual accounts used by payment platforms to ensure accuracy and traceability of each customer's funds. The system is compared to a bank's account core but is simpler in design.

The implementation section covers several critical aspects:

1. Fund Flow Design : The author describes the account types and fund flow design, including the decision to eliminate the settlement B account due to real-time settlement rules. The design includes various account types such as income accounts, expense accounts, and a virtual bank account to ensure proper accounting principles are followed.

2. Storage Selection : The system uses Tencent's TDSQL (a distributed database) as the underlying storage due to its high performance, strong consistency, transparent sharding, elastic scalability, cross-region disaster recovery, and distributed transaction support.

3. Architecture Design : The system consists of fund service and account service as core services, with two databases and several daemon programs. This separation isolates the frequently changing fund domain from the stable account domain.

4. Security Measures : The article details comprehensive security measures including STRIDE model analysis for threat identification, permission control through ticket validation and module authentication, anti-tampering measures using MAC values, key management using KMS (Key Management Service), and rate limiting.

5. Consistency and Transactions : The system uses database transactions to ensure consistency between account balances and transaction records. For distributed transactions, it employs TDSQL's native distributed transaction support using the two-phase commit algorithm.

6. Auditing and Reconciliation : The system implements comprehensive auditing and reconciliation processes including consistency checks, correctness verification, total-subtotal reconciliation, and timeliness monitoring. It also establishes an accounting system with bank deposit balance adjustment tables and system reconciliation tables.

7. Availability Measures : The article discusses availability from multiple angles including program availability through Tencent Cloud's TKE (Tencent Kubernetes Engine), service availability through rate limiting and hot key solutions, and storage availability through TDSQL's features.

The author emphasizes that while the core concepts of fund account systems are straightforward, implementing them requires careful attention to security, consistency, and availability requirements. The system is designed to be both practical and compliant with industry best practices while avoiding over-engineering.

The article concludes by noting that building a fund account system involves ongoing challenges, particularly with high-concurrency scenarios, and invites further discussion on the topic.