◀ Payment Orchestration

Payment Orchestration Maturity Scorecard

Evidence-based maturity assessment — what IS

66.6%

Overall Score 66.6%

Overview Phases Roadmap

0 = Missing

1 = Planned

2 = Partial

3 = Production

4 = Hardened

5 = Institutional

100%

Payment rail enum, RailResult value object, PaymentContext, PaymentRoute, interfaces, registry

7 capabilities Target: 100%

72.5%

CardPspRail wrapping existing gateways, BankTransfer, OpenBanking, Wallet, ManualSettlement skeletons

6 capabilities Target: 100%

93.7%

Idempotency enforcement, outbox guarantee, reconciliation worker, webhook handler, observability

7 capabilities Target: 100%

Connect real payment providers: HyperPay live, bank API + reconciliation, Lean Technologies, wallet reserve/debit

5 capabilities Target: 100%

Capability	Score	Weight	Status	Evidence Hint
PaymentRail Enum 5 rail types: card_psp, bank_transfer, open_banking_pis, wallet, manual_settlement	0 1 2 3 4 5	10	Institutional	8 unit tests passing — PaymentRailEnumTest
RailResult Value Object Normalized tri-state result: success/pending/failed with safe provider response	0 1 2 3 4 5	15	Institutional	12 unit tests — RailResultTest
PaymentContext Value Object Execution context: tenant, amount, currency, paymentOptionKey, idempotencyKey	0 1 2 3 4 5	10	Institutional
PaymentRoute + Capability Metadata Resolved route: rail, provider, mode + supportsAsync, supportsRefund, settlementMode	0 1 2 3 4 5	10	Institutional
PaymentRailInterface + RouteResolverInterface Rail execution + status check + route resolution contracts	0 1 2 3 4 5	15	Institutional
PaymentRailRegistry Lookup by PaymentRail enum — 5 rails registered	0 1 2 3 4 5	10	Institutional	5 unit tests — PaymentRailRegistryTest
Failure Classification Taxonomy 16 failure codes across 4 categories: transient, permanent, configuration, internal	0 1 2 3 4 5	10	Institutional

Capability	Score	Weight	Status	Evidence Hint
CardPspRail (wraps existing gateways) Multi-provider card rail: stub, hyperpay, paypal — no gateway code changes	0 1 2 3 4 5	20	Institutional	8+3 tests — CardPspRailTest + CardPspRailMultiProviderTest
BankTransferRail (skeleton) Returns pending with reference — awaiting bank API integration	0 1 2 3 4 5	15	Production
OpenBankingPaymentRail (skeleton) Lean Technologies PIS integration — skeleton returns pending	0 1 2 3 4 5	10	Partial
WalletRail (skeleton) Returns configuration_error — awaiting WalletRepository connection	0 1 2 3 4 5	10	Partial
ManualSettlementRail (skeleton) Admin confirm — returns pending with reference	0 1 2 3 4 5	10	Production
ConfigDrivenRouteResolver 3-level resolution: exact match → defaultMethodKeys → default route	0 1 2 3 4 5	15	Institutional	6 tests — ConfigDrivenRouteResolverTest

Capability	Score	Weight	Status	Evidence Hint
Idempotency Enforcement (all rails) Triple-layer: app check + DB ON CONFLICT + WHERE status guard. Pending included in duplicate detection.	0 1 2 3 4 5	20	Institutional
Outbox Delivery Guarantee Transactional outbox with payment_rail, payment_provider, idempotency_key in all events	0 1 2 3 4 5	15	Institutional
Reconciliation Worker Polls pending executions, calls checkStatus(), transitions pending→completed or pending→failed	0 1 2 3 4 5	15	Hardened	bin/billing/billing-reconciliation-worker.php — idempotent, timeout-based, dry-run support
Webhook Handler Generic /api/v1/billing/webhook/{provider} — idempotent, signature-ready, confirmation/rejection dispatch	0 1 2 3 4 5	15	Hardened
DB Immutability Enforcement Trigger v2: terminal row protection, valid transitions only, processing→pending allowed for async	0 1 2 3 4 5	10	Institutional
Structured Observability billing.execution.result + billing.rail.execution events with duration_ms, rail, provider, correlation_id	0 1 2 3 4 5	10	Institutional
Failure Classification Discipline All failures map to PaymentFailureCode enum — no raw strings, no exception leaks	0 1 2 3 4 5	10	Institutional

Capability	Score	Weight	Status	Evidence Hint
HyperPay Live Connection Connect HyperPayGateway to actual API — MADA, VISA, Mastercard	0 1 2 3 4 5	25	Missing	PCI-DSS certificate, HyperPay sandbox tests, live credentials from AWS Secrets Manager
Bank Transfer API + Reconciliation Connect bank transfer rail to bank API + webhook/batch reconciliation	0 1 2 3 4 5	20	Missing
Open Banking PIS (Lean Technologies) Connect Open Banking rail to Lean Technologies PIS API	0 1 2 3 4 5	15	Missing
Wallet Reserve/Debit Connect WalletRail to WalletRepository for reserve → debit flow	0 1 2 3 4 5	20	Missing
CTC-backed Route Resolver Replace ConfigDrivenRouteResolver with CTC-backed resolver reading from contract_term_attrs	0 1 2 3 4 5	20	Missing