I’ve always found it amusing how simple software feels on the surface. Like this Substack post you’re reading right now. You clicked a link, and here you are. Technologiaaaa 🕺🏾

But just by clicking that link, a surprisingly complex sequence of events took place in the background, like dozens of systems talking to one another to ensure you saw these words of wisdom.

Now, here’s the thing…

It’s easy to overlook the complexity and effort behind what we don’t understand. So, to help you understand, let me walk you through what happens when you make a simple card payment, as an example.

The Hidden Chain Behind a Simple Card Payment

Let’s say you’re on a website about to buy cigarettes (ignoring the fact that smokers die young, but that’s a topic for another day).

You type in your card details and click “Pay”; it looks straightforward. But under the hood, here’s what actually happens:

1. Merchant system (the website you’re paying on)

• You press “Pay”.

• The merchant’s website collects your card details (number, expiry, CVV).

• For security reasons, those details are expected to be sent straight to a payment gateway (like Stripe or PayPal) instead of touching the merchant’s servers.

  🔒 Note: If the merchant’s website decides to play superhero and lets your card details touch their server, or worse, stores it (without proper standards like PCI DSS compliance), you can expect a random debit from a gas station in Belarus sometime in the future.

  

2. Payment gateway (e.g Stripe, Paystack…)

The gateway is like the bouncer at the club. It checks if your card is even worthy of getting in.

• It captures and encrypts your card info.

• Runs quick checks: Is the card number valid? Format correct? Not expired?

• If it passes, the gateway wraps it all up in a neat little transaction request and sends it off to the payment processor for the real action.

3. Payment processor (e.g Stripe again, or not)

The processor is like the logistics guy who knows the roads, a.k.a where to go from here.

• It takes the encrypted card details from the gateway.

• It figures out which card network (Visa, Mastercard, Verve, etc.) to process this request through, depending on your card.

• Then it sends the transaction on its way, like a dispatch rider.

  💡 Bonus info: Most times, the gateway and the processor are the same e.g Stripe, Paystack... But at times, the gateway has to tag-team with another processor.

4. Card network (e.g Mastercard, Visa)

• Once the request gets to the card network, they also sniff around for anything suspicious: wrong format? shady merchant?

• If your card is enrolled in 3D Secure (3DS), the network pauses everything and says, “Wait, let’s make sure it’s really you”.

• That’s when you get that OTP or push notification to prove you’re not a random skinny dude in a basement trying your luck with another person’s card. Not sure why I added ‘skinny’ there but it just made the sentence sound better.

• Once verified, the network forwards the request to your issuing bank (the bank that gave you the card).

  At this point, we’ve traveled across four systems and still haven’t touched your money. While you’re just right there staring at your phone waiting for the loading animation to wrap it up.

  

5. Issuing bank (e.g, Standard Chartered Bank)

Your bank finally gets the request from the card network like: “Hey…. This person is trying to pay $50 to Cigaretometer store. What do we do?”

• Then your bank goes into FBI mode: “Do you have money? Is this transaction legit? Are you in London but buying from Sweden at 2 a.m.? Have you hit your spending limit? or life limit?”

• If everything looks okay, the bank approves the transaction. If not, it declines.

6. Response travels back

The answer (approved or declined) now travels all the way back:

Bank → Card Network → Processor → Gateway → Merchant site → Your screen.

At this point, your screen updates with “Payment successful” or “Declined”.

All of this happens within seconds. But the point is…

Every software system looks seemingly innocent to a regular user, but behind the scenes is a lot of handshakes, a lot of duct tape and 50 million different things that could possibly go wrong.

So next time you make a payment (or click anything really), just know: it’s never that simple.

And hopefully, now... you’ll see it differently.

📝 Note:

This is a simplified flow. In reality, things can get even more tangled, especially if you’re using digital wallets (like Apple Pay), or virtual cards.

But hey, this is a Substack post, not a technical documentation. Let’s not kill the vibe.