00:00:14.560
Please welcome Sebastian Sogamoso from Coma, Colombia. He is a software developer at Ride.
00:00:19.750
Hello, everyone. Thank you, Sherman. Okay, so hello everyone! I know it's late and this is the last stop before the lightning talk, so all of us are tired. We've been going out all night, and I know many of you might be feeling sleepy.
00:00:30.119
So, I want to try to do something different. Please, everyone, stand up for a second. Okay, everyone, great! Now let’s stretch a little bit. Put your arms up; it feels good. Let’s move to the left and to the right.
00:00:46.930
I should have recorded this! Awesome! You can see it now. Thanks, I feel better now; I hope you do too. As you once said, my name is Sebastian, and that's my Twitter handle. I tweet good stuff once a year, and I post good stuff more often, so you can check it out. I work at a startup called Ride, which is based in New York. We built a commuting app for people who want to share a car to go anywhere, whether it's work or a trip to a concert. If you want to check us out, visit ride.com.
00:01:20.350
I love this conference; it's actually my second time here, and one of the things I like the most is that I always meet really interesting people. So if you haven’t made new friends yet, don’t leave without making at least one new friend. This is, like, the farthest I have ever traveled to come to a conference. As I mentioned, I live in Colombia, and I really hope this is not the only thing you know about Colombia. If it is, please come and talk to me after the talk, and I can tell you a lot about how it really is.
00:01:56.590
One of the cool things I can tell you about Colombia is that this is the second year we are organizing a Ruby conference there. It's going to be in September. So if anyone is interested in attending or even speaking, please reach out to me. The website isn’t live yet for this year’s conference, but you can check out last year’s website to see the amazing speakers we had, and I hope we will have even better speakers this year.
00:03:14.409
I felt really welcome here in Poland, and one reason is that the Polish language feels familiar to me. I know it’s weird because my native language is Spanish, but there are some similar words that you pronounce the same. Some of them are even written the same. So, does anyone here speak Spanish? Raise your hand! Okay, cool, a couple of you. That's good! You can confirm that what I'm saying is true. So I'll just mention a few of those funny words. One, in Spanish, I would say 'aceite' and I think you pronounce it like 'olej' in Polish. Okay, cool, so what does it mean? In Polish, it means 'oil', right? In Spanish, it means something totally different: 'to oil clothes'. That’s really weird!
00:04:20.769
They have no connection; they're not related. The words are the same, but they have totally different meanings. Another example is 'sena'. Do you pronounce it like that? It’s similar to Spanish, where it refers to dinner, the last meal of the day. The next one is a bit more interesting. In Polish, 'ser' means cheese, while in Spanish it's a verb: 'ser', which means 'to be'. So it’s like Hamlet saying 'to be or not to be', and in Spanish, it would sound like 'ser o no ser'. Now, let’s dive into some relevant stuff.
00:06:15.250
So, this story is titled 'Dealing with Payments.' It all starts with a guy named Juan, who is 67 years old. Ten years ago, he noticed that companies stopped buying computers for their employees and started renting them to optimize their spending. Juan decided to go to the bank, get a loan, and start a computer rental company. After eight years of hard work, his company grew, and he was in a good financial situation with really loyal clients. However, he faced a challenge. His clients were growing faster than he could keep up with, and he didn’t have the capital to inject into his business to grow as fast as the market was demanding.
00:07:06.850
Another challenge was that his competitors had the money to grow faster, buy new computers, and provide what the growing companies needed. After eight years in business, Juan's company was struggling because clients preferred to rent all their computers from one provider for better rates and service. Juan was worried but was fortunate to have a supportive family. They discussed options, including selling their company to a larger player in the market, but ultimately decided to fully invest their time into the business.
00:07:54.860
Juan's younger daughter, Maria, came up with a plan that would allow them to grow significantly without needing a lot of money. The plan was to allow random individuals like you or me to rent their computers through the company. This way, they wouldn’t need to buy new computers; they would essentially become a broker for computer rentals. Users would sign up, specify how many computers they wanted to rent and provide descriptions. The company would facilitate the rental process, paying the computer owners and keeping a fee for their service.
00:10:22.230
Now, this is where the story gets interesting, as it's called 'Dealing with Payments.' Some of you might think that Juan ends up loaded with money, but perhaps that’s not the case. The second part of the title—when making money becomes a headache—highlights why. Juan and Maria had a lot of work ahead of them. They knew what they wanted to do but needed to get software development help, as none of them were software developers.
00:10:53.919
So they decided to hire a young developer named Miley, who came highly recommended. They explained the requirements, which were quite simple: they wanted to create software that allowed people to sign up, list the computers they had for rent, and receive notifications when their computer was rented, as well as processes for payments. The first thing Miley noticed was the need to integrate with a payment gateway. She asked Juan and Maria which payment gateway they wanted to use. Maria, still unfamiliar with the concept, suggested connecting directly to the bank.
00:11:55.020
Miley was patient and started explaining the need for a payment gateway, likening it to a circle representing their application that needs a third party to process payments. Maria found it difficult to understand. Miley continued explaining that to process payments, they needed a merchant account, which is essential for receiving money online and allows the payment gateway to connect to payment processors. Even then, Maria was puzzled. Miley described how the payment processor communicates with card brands like Visa and Mastercard, as well as the bank that issues the credit card and the bank where Maria has her account.
00:14:46.180
Finally, Maria began to understand that for money to transfer successfully, they had to use a payment gateway. Before modern gateways, sellers had to sign contracts with two different companies—a bank and a payment gateway. Now, integrating with a modern gateway simplifies things; one only needs to connect their application without worrying about those implementation details unless something fails.
00:15:33.420
After some investigation, Maria selected a payment gateway recommended by Miley. Then, she expressed her concerns about something called PCI compliance. Miley explained that PCI stands for 'Payment Card Industry,' a set of security standards established to ensure that businesses that handle credit card information maintain a secure environment. The good news was that using a full stack payment gateway would allow them to delegate this responsibility to the gateway provider.
00:18:39.620
They would not have to worry about storing sensitive credit card information on their servers; instead, they could send the card data straight to the payment gateway and store the resulting data received from the gateway. All communications with the payment gateway had to be executed over HTTPS for security. After Miley integrated with the selected payment gateway and added other features, they were ready to launch the product.
00:21:04.730
They launched after weeks of testing, and everything seemed to be going well at first. More and more people began using the site to add computers for rental. However, as occurs with any software, issues began to surface with the increased traffic. One client noticed that the website was slow during payment processing, and others were experiencing problems, such as receiving 504 timeout errors.
00:22:36.510
Miley, the developer, investigated the complaints and found that they were performing multiple operations against the payment gateway while users waited, which caused these timeouts. She decided to implement background workers to handle these operations asynchronously. Instead of making users wait for a response, the application would schedule jobs to be handled in the background, which would allow them to respond to the client immediately.
00:25:27.370
This approach not only improved user experience but also allowed them to deal with failures more efficiently. Once deployed, all clients were happy again, but the relief was short-lived. They soon discovered that they were paying computer owners even when the payments from the renting companies failed to go through, which was a significant financial issue.
00:27:04.310
Miley stepped in to address the problem and discussed implementing atomic operations, which ensure that all parts of a transaction must complete successfully or none at all. This concept, commonly seen in Active Record transactions, ensures that if any part of the transaction fails, it can be rolled back. In contrast, handling this with payment gateways required additional logic since Active Record automatically managed database transactions.
00:29:37.000
With the new logic in place, the company could effectively revert any failures in transactions, whether it was regarding charges or payments. However, they faced another challenge: Juan wanted to expand into another country and needed to integrate a new payment gateway. Miley knew their existing code's technical debt would mean an impactful shift would be required for a successful transition.
00:31:12.920
Miley recommended using an Adapter pattern to decouple their business logic from specific payment gateway implementations. This way, they could modularize their payment processing logic and swap out payment gateways as needed without having to modify their business logic. This adjustment allowed for easier future integrations.
00:32:49.410
Finally, after all that work, the clients started to complain again about not receiving payments for the computers they rented. Although Miley saw successful 200 responses for each payment request sent to the payment gateway, she didn’t understand that payment processing is asynchronous and could take time, dependent on bank processes.
00:35:31.460
Miley didn't realize that they needed to handle this by waiting for success notifications from the payment gateway via webhooks, which most modern gateways utilize. This allows them to automatically process the data for transactions and understand payment statuses. Miley took charge to correct the oversight by ensuring they processed incoming webhook events for proper transaction management.
00:37:51.180
She also learned three important lessons regarding webhooks: first, never to process webhook events directly without verifying the event data against the payment gateway; second, to ensure that all event handling code was idempotent to avoid issues from receiving duplicate events; and finally, to establish safeguards so they would not miss crucial notifications about chargebacks from clients.
00:40:11.600
After they implemented these changes, everything began to stabilize. However, concerns about their bank account balance emerged when additional funds appeared in their account. Investigation revealed that numerous payment rejections had gone unnoticed, resulting in negative balances for client accounts in the system that made no sense. This led Miley to realize that they needed better tracking and monitoring for payment statuses.
00:42:14.390
Juan was ultimately pleased with the company's growth after a few more years. Eventually, he was able to retire comfortably, leaving the profitable operation in the capable hands of Maria, who could now focus on broader challenges without the constant worry about payments. The system that once caused so many headaches became a stable, functioning application.
00:42:55.790
The core takeaway from this story is the valuable lessons learned through experience, especially for those involved with payments. I hope you can learn from these mistakes without having to go through them.
00:43:09.900
Thank you all for listening! Does anyone have a comment or question?