Design Payment Processor

Design a payment processor that can handle millions of transactions per day for merchants worldwide. The system must support the full payment lifecycle: authorization (verify that a customer has sufficient funds), capture (actually debit the funds), settlement (move the money to the merchant’s bank), refunds, and chargebacks. It must be highly available (99.99 % uptime), exactly-once in processing to avoid double-charges or lost money, and horizontally scalable. You must expose RESTful APIs to merchants and integrate downstream with card networks (Visa, Mastercard, AmEx) and alternative payment methods (ACH, PayPal, Apple Pay). The design should include PCI-DSS-compliant tokenization of card data, idempotency keys to ensure safe retries, a double-entry ledger for financial consistency, real-time risk / fraud scoring using ML models, and comprehensive audit trails. Discuss the high-level architecture, data models, consistency guarantees, failure-handling patterns, and how you would roll out new features without downtime.