20 Software Properties to Check for Your Next Payments Project
An In-Depth Checklist to Elevate Your Payments Project
Welcome to The Engineer Banker, a weekly newsletter dedicated to organizing and delivering insightful technical content on the payments domain, making it easy for you to follow and learn at your own pace
Welcome to another installment of our Payments Bites series. In today's article, we're providing you with an exhaustive checklist of key properties that you should evaluate and discuss during the discovery and final delivery phase of your upcoming payments initiative. Whether you are a Product Manager, Engineer, or another stakeholder involved in payments, this comprehensive checklist is designed to ensure you cover all essential aspects and conversations necessary for the successful rollout of your project. It's a tool to help you identify potential challenges, align objectives, and build a strong foundation for your payments endeavor.
You can utilize this checklist as a structured guide for facilitating a trade-offs discussion session with your team and key stakeholders. In this session, you can collaboratively explore and decide which components of the system need optimization and what essential features should be included in your Minimum Viable Product (MVP). For example, you might discuss whether to prioritize speed over security in certain workflows or perhaps evaluate the trade-offs between developing an in-house solution versus leveraging third-party services. This conversation allows everyone involved to align their expectations and make informed decisions about the project's direction.
Reconciliation: Are your systems capable of matching and reconciling transactions consistently? What level of reconciliation do you consider for the project? all messages? only financial movements? nostro account entries? How often will you reconcile? Who is responsible of this business process?
Rollout Strategy: Friends and Family? Silent rollout? Which markets we will launch first? What is in scope for MVP? post MVP? How many rollouts to release the functionality in full?
Technical Readiness: Do we possess all the necessary skills within the team to successfully complete the project? Is the operations team trained to support this new feature? Is there any external system to the project that can not support the use-case?
Data privacy: Should some data be encrypted? at rest? in transit? Can staging have copies of production data? Do we need anonymization tools? What is the protocol for engineers to obtain privileged access to customer data for troubleshooting issues?
Performance: Peak number of users? peak time of the year? SLAs? What is the estimated transactions-per-second throughput? Which are the response times defined by the business? Is there a need for parallel or asynchronous processing?
Leverageability and reuse: Can we reuse existing platform components? Is the new functionality going to be reused across multiple products?
Resilence and fault tolerance: Can the system auto-heal from a failure? Is it possible to implement a service degradation strategy allowing us to continue offering service with reduced functionality? Is the system designed with high availability and redundancy in mind? Is it feasible to deactivate the problematic feature through the use of a feature flag? What rollback strategies do we consider for the project?
Failure Modes: In which way can the functionality fail? Can failures leave the system in an inconsistent state? Are those failures recoverable? Is a manual intervention required to restore the service after a certain failure?
Testability: What types of tests will be required in the project? manual or automated? unit, integration, component, end to end, performance, security, smoke, pixel tests?
Legal Compliance: Regulations regarding how the application is developed or deployed? Do data protection standards apply? What legislative constraints does the system operate in? Engage the legal team during the discovery phase to ensure compliance and mitigate risks
Reliability: What is the cost to the business of inaccuracy? Can be solved manually for the MVP? Is this system designed for real-time 24/7 operations, or is it based on scheduled batch processing? Is it feasible to schedule downtimes and maintenance periods during batch idle times without adversely affecting operations?
Usability and User Experience: Are there company UX guidelines to follow? How quickly do we need to iterate on UX changes? How important is usability and UX in this project?
Monitoring: What new monitors we need to create? which is the most important KPI to monitor and set alerts on?What types of alert and notifications should be introduced to support this project? Monitoring infrastructure is in place?
Supportability: What levels of support customer/tech are in place? other engineering and operations teams will need to maintain the system post launch? Do we need training and documentation for tech support? Will any tasks omitted from the MVP lead to an increase in the Business As Usual workload for the Operations team? How will the new functionality affect the team's level of firefighting? Any on-call impact?
Configurability: Is a special a Administrator role needed to configure? Can users or administrator configure feature behaviours? Do we need a central configuration? local config files? Is the configuration read-only upon boot-up, or does it need to be dynamically adjusted during runtime?
Extensibility: How easy it is to extent the system with new functionalities or iterate on the existing ones?
Data integrity and Consistency: Tolerance for loss and corruption of data? checksum, journaling, consistency across nodes, data recovery mechanisms?
Scalability: Horizontal? Vertical? Which resources are likely to become bottlenecks?
Authentication: Do you needs users to be identified? How are users identified? Are there Single Sign On standards? Which are the existing authentication systems?
Authorization: To which level of depth and granularity do we limit access? Who maintains this access information? Do we need to maintain groups and roles?