Razorpay
Top Razorpay Backend Engineer Interview Questions 2026
Prep tips for Razorpay backend
- Strong fintech domain knowledge expected — understand payment flows end-to-end
- Idempotency is critical for payment APIs — always design for retries
- Know PCI-DSS basics: tokenization, no raw card storage, audit logs
- High availability design: 99.99% uptime means less than 52 minutes downtime per year
- Merchant API → Razorpay → acquiring bank → card network (Visa/Mastercard/Rupay) → issuing bank → response back. Use idempotency keys on every request to safely retry. Async notification via webhooks to merchants (with retry + signature). Two-phase: authorize (reserve funds) then capture (collect). Audit log immutable. Circuit breakers around bank APIs. Failover to alternate acquirer when one is degraded.
- Client sends an Idempotency-Key header (UUID). Server hashes the (key, request body) and stores it in Redis with the response. On duplicate request, return the cached response. Concurrent requests with the same key: acquire a distributed lock; the second waits and reads the cached response. TTL of 24h is typical. Return 422 if the body differs but the key is reused.
- Event published to Kafka. Delivery worker pulls events and POSTs to merchant URL with HMAC signature. Exponential backoff retry (1m, 5m, 30m, 2h, 24h up to N attempts). Dead-letter queue for permanently-failed events. Merchant dashboard exposes retry/replay. Per-merchant concurrency cap to prevent one slow merchant blocking others. Signature header for verification on merchant side.
- Authorization reserves funds on the customer's card (a hold) without moving money. Capture later collects the held funds, moving them to the merchant. Used for hotels/car rentals (auth at booking, capture at checkout), and for fraud-review windows. Partial capture (capture less than auth) is supported by most processors. Void releases an unused authorization; a refund returns captured funds.
- Real-time scoring at transaction time. Features: velocity (txn count/value per card, per IP, per device), device fingerprint, IP reputation, billing/shipping mismatch, behavioral anomalies (e.g., new device + high amount), historical merchant patterns. ML model (gradient boosted trees) trained on labeled fraud data. Score thresholds: auto-approve, auto-reject, send to manual review queue. Feedback loop from chargebacks back into training.
- Redis SET key value NX EX seconds — atomic acquire with TTL. Always set TTL to avoid dead locks. The value should be unique per holder (a request ID); release script checks ownership before deleting (Lua: GET then DEL atomic). For multi-node correctness use Redlock across N Redis nodes (acquire majority). Handle lock expiry mid-execution: limit work to less than half the TTL, or use a fencing token + DB versioning.
- Compare internal ledger vs bank settlement files (received daily). Match by UTR / RRN / merchant reference. Auto-resolve exact matches. Flag discrepancies (amount mismatch, missing entry, duplicate) for human review. Stale unmatched entries age into alerts. Run reconciliation jobs incrementally — only diff new entries. Audit every reconciliation outcome for compliance.
- A sequence of local transactions where each one has a compensating transaction in case downstream steps fail. Two styles: choreography (services emit events and react) and orchestration (a central coordinator drives the steps). Use for distributed transactions you can't 2PC across — typical Razorpay flow: reserve inventory → authorize payment → notify merchant. If notify fails, compensate by reversing the auth.
- Per-merchant tier-based limits (starter, growth, enterprise). Token bucket in Redis with atomic INCR. Burst allowance via separate burst bucket that refills more slowly. Sliding window log for accuracy at low limits. Return 429 with Retry-After. Separate buckets for test mode vs production. Bypass for partner integrations via API key tier. Global circuit breaker if all merchants overload an upstream bank.
- PCI-DSS is a set of 12 requirements published by the PCI Security Standards Council to protect cardholder data. Highlights: build secure networks (firewalls, default-password change), protect cardholder data (encryption at rest, no raw PAN storage), maintain a vulnerability program (patching, AV), restrict access (least-privilege, MFA), monitor (logs, IDS), and maintain an information security policy. Razorpay uses tokenization so merchants never touch raw card numbers.
- transactions table: id (UUID PK), merchant_id (FK), amount_minor (BIGINT, store in paise), currency (CHAR(3)), status (ENUM: created/authorized/captured/failed/refunded), idempotency_key (UNIQUE), gateway_ref, created_at, updated_at. Indexes on (merchant_id, created_at) for dashboards, (status) for ops queries, unique on idempotency_key. Partition by month for archival. Separate refunds and disputes tables with FK to transactions.
- T+1 or T+2 settlement window per merchant. Daily aggregation job sums captures, subtracts fees (commission, GST, refunds, chargebacks). Generate settlement file with line items. Batch initiates NEFT/IMPS to merchant bank account. Reconciliation against bank ack file. Merchant dashboard exposes settlement report and downloadable invoice. Failure handling: retry transfer, hold for KYC issues, alert merchant.
- Use the order's idempotency_key or order_id as a uniqueness constraint at the DB layer. Optimistic locking with a version column on the order row — first writer wins, second gets a version-mismatch error and returns the existing payment status. Idempotency key short-circuits before DB. Return 409 Conflict on duplicate. Never let two captures succeed for the same order.
- NEFT: deferred net settlement in half-hourly batches, runs 24/7 (post 2019), no upper limit, slowest. IMPS: real-time interbank transfer, 24/7, up to ₹5 lakh per txn, available via mobile/IFSC. UPI: real-time, VPA-addressed (no IFSC needed), built on IMPS rails, mobile-native, limits ₹1 lakh (₹5 lakh for some use cases). UPI dominates P2P and small-merchant transactions in India because of its UX and zero MDR.
- Store amounts in minor units (paise/cents) to avoid float errors. Capture currency code (ISO 4217) per transaction. FX conversion at authorization time with a rate snapshot stored on the transaction (audit trail). Settlement in merchant's base currency, performed after conversion at end-of-day rate. Hedging strategy for FX exposure if Razorpay holds funds across settlement. Locale-aware formatting in the API response.
Practice these questions with Cogniv
Get real-time AI answers during live mock interviews. Free to start.
Start practicing →