Platform
Built for secure, scalable payment operations.
One processing platform connecting banks, wallets, merchants and FinTechs to card schemes and core systems — through APIs, ISO 8583, batch, SFTP and host-to-host integrations.
Reference architecture — clients on the left, the Coshine processor in the middle, schemes and core systems on the right.
Platform capabilities
Scheme connectivity
Visa, Mastercard, UnionPay, JCB, Discover, Amex and selected local networks — subject to project scope and certification.
Cloud-ready deployment
Private cloud, public cloud and hybrid deployment models — chosen to match client and regulatory requirements.
Operational reliability
High-availability architecture, disaster recovery design, monitoring and incident response — for batch and online processing.
Integration friendly
APIs, batch files, SFTP, message queues and host-to-host — integrating with core banking, card management, wallet, fraud, CRM and finance systems.
What sits on the platform
- Issuing processing — authorization, clearing, billing, settlement, dispute
- Acquiring processing — merchant onboarding, routing, settlement, reconciliation
- 3D Secure / ACS — risk-based authentication, frictionless and challenge flows
- Payment Gateway — unified API for online, POS, QR and mobile acceptance
- Merchant Portal — operations, transactions, settlement, dispute support
- Risk & monitoring — rule engine, velocity controls, anomaly detection
- Clearing & settlement — scheme files, fee calculation, net settlement
- Reconciliation — multi-source matching, exception workflow
Integration matrix
| External system | Primary protocol | Direction | Cadence |
|---|---|---|---|
| Card schemes (Visa/MC/UPI/JCB/Amex) | ISO 8583 over scheme link | Bi-directional | Real-time + daily batch |
| Core banking | Host-to-host (H2H), MQ, REST | Bi-directional | Real-time + daily batch |
| Fraud system | REST API, async webhook | Query + callback | Real-time |
| CRM | REST API, SFTP | Push from platform | Hourly / daily |
| Finance / GL | SFTP file | Push from platform | Daily (T+1) |
| Data warehouse | SFTP, CDC, streaming | Push from platform | Hourly / continuous |
| Regulatory reporting | SFTP, regulator API | Push from platform | Daily / monthly |
Service level objectives
| Metric | Target | Measured how |
|---|---|---|
| Platform availability | 99.995% monthly | Successful authorizations / total scheme attempts, rolling 30 days |
| Authorization latency (p95) | < 200 ms | Internal processing time, excluding scheme network round-trip |
| Authorization latency (p99) | < 400 ms | Same scope as p95 |
| Sustained throughput | 3,000 tps | Validated under load; bursts higher with prior coordination |
| RTO (recovery time objective) | < 4 hours | Per disaster recovery design, exercised annually |
| RPO (recovery point objective) | < 15 minutes | Per disaster recovery design |
| P1 incident response | < 15 minutes | From paging to engineer acknowledgement, 24×7 |
Deployment topology
Private cloud
Coshine-operated environment dedicated to a single tenant or bank group. Data residency is contractual; certification scope is per-deployment. Typical for banks with strict in-country requirements.
Public cloud
Multi-tenant environment on major hyperscalers (region-scoped). Lowest setup overhead, fastest path to production for FinTech card programs. PCI DSS scope managed by Coshine.
Hybrid
Sensitive components (CDE, HSM, regulator-facing) on-premises or in private cloud; non-CDE services (portal, reporting, fraud telemetry) on public cloud. Most common for banks expanding into card-not-present without rebuilding the back office.
