Skip to main content
This page describes how we approach reliability — for shop owners who want to know their orders are safe, and for technical evaluators who care about correctness under retries, duplicates, and partial failures.

Payment safety

The problem — Networks fail and customers sometimes tap “Pay” twice. Without care, that could create duplicate charges. How we handle it — Every payment request is designed so that retries and duplicates don’t result in a second charge. The backend also checks order state before creating any payment — if an order is already paid, no new charge is attempted. These two layers of protection work together so a customer is never billed twice for a single order. Payment always flows through Square. Layout never holds card data or settles funds.

Square connection reliability

Square OAuth tokens are automatically refreshed by the backend before they expire. Your Square connection stays active indefinitely — you never need to manually reconnect or worry about token expiry interrupting your store.

Keeping data in sync

  • Event-driven — When things change in Square (catalog, inventory, locations, loyalty), Square sends event notifications and Layout updates your data promptly.
  • Daily scheduled sync — A scheduled job runs every 24 hours as a backstop. Even if an event was delayed or missed, data converges overnight without any action needed from you.
  • Inventory — Sold-out states update in near real-time so the app reflects what’s actually available to customers.
  • All sync is per-merchant — One merchant’s data never affects another’s.

Loyalty and notifications

Loyalty balance updates sync both on a schedule and immediately after checkout. When a customer earns points, a push notification is queued and delivered asynchronously — so notification delivery never holds up the checkout flow.

Webhook integrity

All incoming Square event notifications are cryptographically verified before Layout acts on them. Events that don’t pass verification are rejected. This ensures only legitimate Square signals change your data.

What we don’t guarantee here

We don’t publish SLAs, uptime numbers, or incident response times in this doc. For formal service commitments, refer to your merchant agreement or Layout’s status page.

Summary

AreaHow we handle it
PaymentsDuplicate-charge protection at two layers; order state checked before every payment.
Square connectionTokens auto-refreshed; no manual reconnect needed.
Catalog & locationsEvent-driven updates plus daily scheduled sync as a backstop.
InventoryNear-real-time sold-out sync from Square.
Loyalty & pushSync on schedule and post-checkout; push delivery queued independently of checkout.
Event integrityCryptographic verification on all incoming Square notifications.
For how we protect data and access, see Security. For how orders and payments flow end-to-end, see Integration flow.