Paytomat: How it Works

Architecture, technical benefits and aspects you need to know about your future payment system.

Have you ever wondered how Ferrari or Lamborghini, for example, became icons of the auto industry, or why the DeLorean has remained an expensive toy for eccentric auto collectors? It’s really all about the technology. As with cars, a blockchain based project is more than just a beautiful cover, expensive marketing or even a breakthrough idea. They need a technical foundation — a unique combination of solutions that forms something bigger when combined together.

The heart of our project is our architecture and technical tools that make Paytomat what it is. That’s why this publication, and this section in our white paper, is titled “Under the hood”. Today we will take a detailed look at our project and explain its technical structure. And we’ll start from the Core.

The Core Infrastructure is the main element of our technology. It’s our logic, our management and our data. As you can see on the visual, the Core has four structural elements — the database, the APIs, the Web Control Panels and Job Processing Servers. So let’s unpack what’s what.

The Database stores data about transactions, merchants and cryptos available within our system. To provide additional operational resilience, we use sharding and replication in our server infrastructure.

The APIs help to resolve any business task for our partners and their customers. They’re responsible for payment processing, crypto exchange, and points of user interaction such as POSes and Wallets.

Web Control Panels allow our customers and partners to access their transactional data within Paytomat, analyze usage statistics, configure their preferences and fine tune technical integration aspects. The crucial element of our web control panel is our customer dashboards, which provide a quick and concise overview of the customer’s story within our system.

The Processing Server is fetching, processing and storing business data in our database, and provides the link between our gateways’ network and the Core.

Now let’s take a look at the section on the right of the visual.

These are Gateways. Although they do not belong to the Core system, they play a crucial role in connecting the Paytomat Core to other blockchains and fiat. In detail these processes look like this:

Each Paytomat partner, fiat or cryptocurrency, requires a separate gateway. Each Gateway has to allow to (1) create a new address for receiving transactions, (2) check the balance of this address, (3) check the wallet balance to see all the funds accumulated on various addresses of this wallet, (4) send funds to other addresses and process refunds.

Each gateway is always managed by various instances of the Processing Server. When a customer initiates a new transaction, it goes to our Database via the Merchant API, then the Processing Server assigns it to the relevant Blockchain node which confirms the transaction with the other nodes on the blockchain. In theory, the whole process isn’t that difficult!

It’s clear how the processes are running, but you might ask who is responsible for the protection of connections. In a nutshell, all our external interactions use TLS/SSL protocol. We rely on data redundancy and load balancing to protect our system from DDoS attacks and data corruption.

Our Core is encapsulated within a highly protected private network. The only public interface exposed to the outside are HTTPs ports, which make sure only customers and applications using these ports are granted permission to get inside.

To protect any sensitive connections and data we’re using a multi-level holistic security system. Each protection level is designed to provide maximum security at every step of the product’s interaction, be it with a consumer or partner. They start from multi-factor authorization in the user’s browser and end with building SSH tunnels that protect communication between the Core and gateways. However, the topic of security is too broad and multifaceted to describe in full in this material. In order to get a clear idea about each security level, we recommend reading our white paper.

If you have any questions about the technical side of the product, feel free to ask our CTO @dread_deimos or any of his team members via one of our official channels.