During this Christmas time no one can deny you right to believe in Santa Claus. Anyway from adult point of view one should be able to realistically look at Internet payments service availability numbers, especially if someone claims 99,99% availability, even during such shopping peeks.

Internet consists of many networks and no one owns it. Although this is great for freedom of information, from business point of view it means that no single company can guarantee quality of payment transaction services over Internet infrastructure. There are lot of factors that influence Internet availability and performance like congestions, DDoS attacks, inefficient infrastructure, human errors, even sunspots activity, just to mention few. Unfortunately Internet availability is not 99,99%, especially when mobile networks are also included. Any Internet payment service is affected by this fact. Most of time when 99,99% availability of payment service is mentioned this is related to internal payment gateway reliability (or calculated internal availability of central payment infrastructure). This is not what merchants feel in their daily transactions. In some extreme cases the whole merchant payment service may be down but remote payment gateway may be totally unaware of this situation happily reporting 100% availability.

The real transaction payment service availability should be continuously monitored from external, MERCHANT POINT OF VIEW, as ratio between successful and failed transactions per each merchant, shop, POS terminal or even per telecom operator and region. This is quite straight when one payment transaction correspond to one IP/TCP/SSL session and when SSL client certificate is unique per each client like it is in most IP POS terminal transactions. Due to nature of two way TCP transaction traffic this essential key performance indicator (KPI) could be constantly monitored both at merchant site and at payment gateway site. It could be even measured in any place between these two sites without opening SSL encrypted traffic and looking into sensitive confidential payment information.

ITIL Version 3 for Service Operation wisely says: “The distinction between Internal and External Monitoring is an important one. If Service Operation focuses only on Internal Monitoring, it will have very well managed infrastructure, but no way of understanding or influencing the quality of services.”

Permanent Internet payment transaction monitoring from external, merchant point of view, should be part of each service level agreement (SLA) between merchant, payment service provider, telecom operator and other parties in payment transaction chain.

If you are interested in more information or even challenge such statements in person you are welcome to participate at specialized workshop “Merchant Payments Challenges in Internet and Mobile Networks” at MPE2015 in Berlin.