Payment Flow Engine
What Is a Payment Flow Engine?
A payment flow engine is a configurable, rules-based execution system that sequences the steps of a payment transaction—from the initial authorisation request through fraud evaluation, 3DS authentication, PSP routing, retry logic, and settlement webhook processing—based on declarative conditions rather than hardcoded application logic. Instead of writing bespoke code for every routing rule or compliance step, payment teams define flows through configuration, and the engine executes them against live transaction data at runtime.
The central value of a flow engine is separation of concerns: business logic (which PSP to use, when to challenge with 3DS2, how many retries to attempt) is decoupled from integration code. Business rules can be changed without touching the payment integration, enabling non-engineers to optimise payment performance operationally.
How Payment Flow Engines Work
Event-Driven Directed Graphs
A flow engine processes payment events—"authorisation requested", "fraud score returned 82", "provider returned soft decline code 51"—and routes them through a directed graph of conditions and actions. Each node is a step: call this API endpoint, evaluate this rule, wait for this asynchronous webhook response. This graph structure makes the entire payment logic inspectable, version-controlled, and auditable—critical for PCI DSS and DORA compliance environments.
Rule Types and Priority Layers
Production flow engines support multiple rule categories evaluated in priority order. Availability rules check whether the target PSP is online and within capacity. Compliance rules apply regulatory constraints: if jurisdiction equals EEA and card is consumer credit, require 3DS2 challenge. Commercial rules optimise cost: if currency is USD, route to the acquirer with the lowest blended rate. Performance rules apply historical data: if this card BIN has a 12% decline rate at provider A, prefer provider B.
No-Code and API-Driven Configuration
Modern flow engines offer both a visual no-code interface—enabling payment operations teams to build and modify rules without engineering involvement—and a configuration API that enables the same changes programmatically as part of a CI/CD pipeline. Flows are version-controlled, with staging environments for testing changes against historical transaction data before promoting to production.
Hellgate Hub: The cpa Flow Engine
Hub, Hellgate's composable orchestration engine, is built on a production flow engine architecture. Payment managers configure routing strategies, fraud integrations, 3DS2 orchestration, and retry cascades through Hub's visual interface or the Hub API. Specter (fraud decisioning), Link (PSP connectivity), and Guardian (tokenisation) function as composable components injected into Hub flows—enabling enterprise-grade payment logic to be assembled and deployed in days rather than months.
Flows configured in Hub are version-controlled, testable in staging, and fully auditable, meeting the change management requirements of PCI-compliant and DORA-regulated environments. Every flow execution generates a structured event log surfaced in Pulse, providing full visibility into which rules fired and why.