One and two have been done by multiple partners of Mendix. Be aware though that multi tenancy is no easy feat and mistakes can easily be made. Three I do not know, there are so much payment providers these days. Four: the access restrictions can be done but the first part of the question is largely dependent of the payment provider.
Regards,
Ronald
1.Yes, you can extend account object with custom attributes like types etc. Think hereby to design your own domain model instead of a module or so.
2. Yes, REST, SOAP (web) services
3. Seems to me as an integration with your payment processor
4. Seems to me as a multiple integration whereby in Mendix some logic validates the results of them,
To me it seems pretty normal usecases with creating accounts and implementing integrations, we do that all the time, and with Mendix that is really doable.