Q: How do you prevent double-charging on payment retries?

Use idempotency keys when calling the payment processor. The idempotency key is a unique string that identifies this specific payment attempt: key = "{invoice_id}-{attempt_count}". If the HTTP call to the payment processor times out and you retry the API call, pass the same idempotency key — the processor returns the result of the original attempt (succeeded or failed) without creating a second charge. Store the processor's payment intent ID (e.g., Stripe's pi_xxx) in your Payment record before initiating the charge. On retry: check if a Payment record with this invoice_id and attempt_count already exists (idempotency in your DB). If the payment intent exists but the status is pending, poll for the result rather than creating a new charge. Never create a new payment intent for a retry without incrementing attempt_count and generating a new idempotency key.

Q: How do you calculate and apply taxes in an invoice system?

Tax calculation is complex: rates depend on customer jurisdiction (country, state, county, city), product type (software, physical goods, services differ), and customer type (B2B may be exempt). Use a tax API rather than maintaining rate tables: TaxJar and Avalara handle jurisdiction lookups, rate updates, and provide a calculation audit trail. Call the tax API at invoice finalization: pass customer billing address and line items. Cache the calculated rate for (country, state, product_type) for 24 hours — rates rarely change. Store the tax as a separate InvoiceLineItem (type=TAX) for auditability and reporting. For EU VAT: validate the customer's VAT ID via the VIES service; if valid, apply reverse charge (zero-rate the invoice for B2B EU cross-border transactions). For US sales tax: determine nexus (physical presence or economic threshold) before collecting — consult a tax service for nexus tracking across states.

Question 1

How do you generate invoices for subscription billing at scale?

Accepted Answer

Invoice generation is triggered by a scheduled job at billing cycle boundaries (e.g., monthly on the anniversary date). Steps: (1) Query all subscriptions with current_period_end = today (or use a job queue — enqueue a generate_invoice job when the subscription is created, scheduled for end_time). (2) Collect line items: subscription fee for the next period, usage charges for the completed period, any pending proration adjustments. (3) Apply discounts and calculate tax via a tax API. (4) Create Invoice record with status=DRAFT and InvoiceLineItems. (5) Finalize to OPEN: lock line items, send invoice email. (6) Attempt payment. At 10M invoices/month (~4 per minute on average), this is manageable with a job queue. Peak days (1st of month for monthly subs): batch all 1st-day subscriptions across 24 hours using invoice time randomization to flatten the spike.

Question 2

How does proration work when a customer changes plans mid-billing cycle?

Accepted Answer

Proration ensures customers only pay for what they use. When upgrading on day 15 of a 30-day cycle: credit the unused 15 days of the old plan, charge 15 days of the new plan. Formula: credit = old_price * (days_remaining / days_in_period); charge = new_price * (days_remaining / days_in_period); net_proration = charge - credit. These are added as InvoiceLineItems with type=PRORATION on the customer's next invoice. For same-day changes, include the proration in the immediately generated invoice. For downgrades: some billing systems apply the proration credit to the next invoice rather than refunding (simpler). For annual subscriptions: proration amounts can be large — always show the breakdown clearly to the customer before confirming the plan change.

Question 3

How does dunning (retry logic for failed payments) work?

Accepted Answer

Dunning is the process of retrying failed payments and notifying customers with escalating urgency. Standard retry schedule: immediate attempt → retry after 3 days → retry after 5 days → final retry after 7 days (4 total attempts over 15 days). Implementation: on payment failure, set Invoice.next_retry_at = NOW() + retry_interval and increment attempt_count. A scheduled job runs every hour: SELECT invoices WHERE status=OPEN AND attempt_count < 4 AND next_retry_at <= NOW(). For each, attempt payment. If succeeded: status=PAID. If failed and attempt_count < 4: schedule next retry. If attempt_count = 4: status=UNCOLLECTIBLE, subscription=PAST_DUE, send final cancellation notice. Email notifications at each stage: "Payment failed — we will retry in 3 days", "Second attempt failed — update your payment method", "Final notice — service will be suspended." SMS for final notice increases recovery rate.

Question 4

How do you prevent double-charging on payment retries?

Accepted Answer

Use idempotency keys when calling the payment processor. The idempotency key is a unique string that identifies this specific payment attempt: key = "{invoice_id}-{attempt_count}". If the HTTP call to the payment processor times out and you retry the API call, pass the same idempotency key — the processor returns the result of the original attempt (succeeded or failed) without creating a second charge. Store the processor's payment intent ID (e.g., Stripe's pi_xxx) in your Payment record before initiating the charge. On retry: check if a Payment record with this invoice_id and attempt_count already exists (idempotency in your DB). If the payment intent exists but the status is pending, poll for the result rather than creating a new charge. Never create a new payment intent for a retry without incrementing attempt_count and generating a new idempotency key.

Question 5

How do you calculate and apply taxes in an invoice system?

Accepted Answer

Tax calculation is complex: rates depend on customer jurisdiction (country, state, county, city), product type (software, physical goods, services differ), and customer type (B2B may be exempt). Use a tax API rather than maintaining rate tables: TaxJar and Avalara handle jurisdiction lookups, rate updates, and provide a calculation audit trail. Call the tax API at invoice finalization: pass customer billing address and line items. Cache the calculated rate for (country, state, product_type) for 24 hours — rates rarely change. Store the tax as a separate InvoiceLineItem (type=TAX) for auditability and reporting. For EU VAT: validate the customer's VAT ID via the VIES service; if valid, apply reverse charge (zero-rate the invoice for B2B EU cross-border transactions). For US sales tax: determine nexus (physical presence or economic threshold) before collecting — consult a tax service for nexus tracking across states.

Invoice and Billing System Low-Level Design

Requirements

Data Model

Invoice Generation

Proration

Payment Collection and Retry (Dunning)

Idempotency for Payment Processing

Tax Calculation

Key Design Decisions