Home

Our Work

Payments Fraud Modernization

Success Story

Modernization of Payment and Fraud Management Systems

The new systems helped to boost the performance, scalability, efficiency, and security of the solutions.

Modernized systems

improved performance, scalability, efficiency, and overall security.

Redesigned infrastructure

provides a stable foundation for future feature expansion.

Technologies

AWS

AWS CloudFormation

GitLab CI/CD

SQS

Kafka

AWS Lambda

AWS Batch

REST API

Integration with 3rd-party APIs

IaC

Microservices

Expertise

Microservices

Legacy modernization

Cloud

Event-driven architecture

Payments

Have a Similar Problem?

Let’s modernize your software and solve legacy bottlenecks.

Contact Sales

Payment system instability

The payment system frequently failed during critical sales seasons, causing substantial revenue losses. The issue stemmed from a poorly designed and complex graph database used for storing payment data.

Outdated file-processing infrastructure

The process of parsing financial transaction files received from WorldPay was outdated and required a complete overhaul.

API abuse prevention required

API abuse prevention: To prevent API abuse and credit card testing, a rate-limiting mechanism was necessary to block malicious users from overusing specific endpoints.

Disjointed fraud detection

The fraud detection processes were disjointed, requiring a more streamlined approach. Communications with the fraud-check vendor, Forter, were scattered and needed to be consolidated under a dedicated team.

Additional fraud checks needed

There was a need to integrate a new machine learning-based fraud detection system to handle specific fraud types not supported by Forter.

Have a Similar Problem?

Let’s modernize your software and solve legacy bottlenecks.

Contact Sales

Modernization and architecture leadership

Zoolatech is recognized for transforming legacy platforms into scalable, cloud-native architectures with strong reliability, security, and performance fundamentals.

Enterprise delivery excellence

Our teams bring deep expertise in microservices, Infrastructure as Code, API design, and large-scale system integrations—ensuring predictable execution and high-quality engineering outcomes.

Zoolatech is a senior-heavy engineering firm with Silicon Valley roots and a Miami HQ, specializing in legacy modernization, system re-architecture, and AI deployment to drive long-term, compounding value.

2017

Year Founded

600+

Employees

96%

Client Satisfaction

Phase 1

Payment system overhaul

The team rebuilt the legacy payment system from scratch using modern engineering practices, replacing the graph database, rewriting complex legacy code, and implementing a new microservice to handle payment APIs. The solution included Infrastructure as Code with AWS CloudFormation, GitLab CI/CD pipelines, integration with Discover, and a new internal gift-card interaction library.

Phase 2

Fraud detection modernization

A unified fraud decisioning service was introduced, consolidating all communication with Forter under the Fraud team. Zoolatech delivered a microservice for order-level fraud checks, asynchronous processing via SQS, and later scaled the architecture using Kafka. As traffic grew, the system evolved into seven dedicated microservices, each supporting a distinct business flow.

Phase 3

WorldPay file processing rebuild

The daily WorldPay transaction-file pipeline was redesigned, reducing the Lambda footprint, enabling Kafka-based event generation, and implementing CloudFormation-driven deployments. When seasonal volume exceeded Lambda limits, the entire process was re-engineered on AWS Batch to ensure reliable high-volume processing.

Phase 4

API abuse prevention and rate limiting

A protective proxy service was created between Checkout and Payments to enforce rate-limiting and validate all incoming requests. The service evaluated business rules, filtered malicious activity such as credit-card testing, and blocked violators through internal APIs.

Phase 5

Handling funds return requests (NPR processing)

A new service was built to read and aggregate NPR events from Kafka and send them to the ML team for automated fraud decisions. Over time, the ML communication pipeline was migrated to SQS and AWS Lambda for direct database writes. A dedicated API and UI—integrated with Okta/ServiceNow—was also delivered for fraud agents performing manual NPR reviews.

By modernizing payment and fraud systems, we improved performance, strengthened security, and enabled long-term scalability.

New enterprise payment processing system

We designed and built a new solution from scratch. Our team developed a microservice responsible for handling API calls related to payments. We employed Infrastructure as Code (IaC) using AWS CloudFormation Templates (CFT) and custom pipelines in GitLab CI/CD. We also integrated the service with a third-party API (Discover) and created a library for interacting with the internal API responsible for managing gift cards.

Fraud detection and management modernization

We built a microservice to handle API calls with order information. The team used Infrastructure as Code (IaC) with AWS CloudFormation and custom pipelines in GitLab CI/CD. We also integrated the service with Forter’s API. Additionally, we developed a separate service that utilized SQS for asynchronous API calls, ensuring no data loss. As the project grew, we transitioned to Kafka events to handle the majority of the traffic. Eventually, the service was redesigned and decomposed from one SQS/Kafka microservice into seven distinct microservices, each managing a separate business flow.

WorldPay file processing rebuild

We redesigned the process to use two AWS Lambdas instead of three and later updated it to produce Kafka events with financial details. The solution was deployed using custom CI/CD pipelines and AWS CloudFormation. When the transaction volume became too high—particularly during anniversary sales—the AWS Lambda solution could no longer process the file within the 15-minute execution window. To address this, we completely redesigned the project, transitioning from AWS Lambda to AWS Batch.

API abuse prevention and rate limiting system

We designed a service that acted as a proxy between the Checkout and Payments systems. This service was responsible for validating requests against all business rules and call rates. It either passed the request through to the Payments system or blocked the customer by calling another internal API.

Funds return request (NPR) handling with ML integration

We designed a service that read NPR requests from Kafka, aggregated them based on specific fields, and sent them to the ML team for decision-making via Kafka. Later, we replaced the ML communication with SQS and AWS Lambda, which wrote data directly to the database. Additionally, we built a separate API service for manual NPR reviews by agents, along with a UI that integrated with Okta/ServiceNow for user authorization.

The new architecture enables faster change, simpler enhancements, and continuous evolution—allowing teams to deliver new capabilities with confidence while keeping critical systems stable.

System overhaul

We completely rebuilt the payment system using advanced engineering principles and a redesigned infrastructure. This resolved the critical failures during peak sales seasons and prevented further revenue losses.

High availability

The new payment processing service now handles high loads with zero downtime, eliminating financial losses and ensuring continuous operation during critical periods.

Future-ready

The redesigned infrastructure serves as a strong foundation for future updates, including new features and integrations with technologies like Kafka.

Performance optimization

Memory and CPU utilization are optimized, with all Service Level Agreements (SLAs) being consistently met, ensuring a reliable and efficient system.

Streamlined operations

We streamlined the fraud detection processes by consolidating all communications with the fraud-check vendor, Forter, under a dedicated Fraud team. This team took on critical decision-making responsibilities, ensuring more efficient and accurate fraud detection.

Legacy modernization

The modernization of legacy systems enhanced identity protection, payment optimization, and fraud prevention. This led to a significant reduction in the average transaction processing time, from 12 minutes to just 5 minutes.

Scalability and flexibility

The updated solution is highly scalable and flexible, with no limits on the number of transactions or runtime. This boosts cost efficiency and ensures the system can adapt to future demands.

Stability and security

The stability of the updated services is exceptional. The solution effectively reduced Card-Free Shopping fraud by targeting identified fraudulent accounts and preventing the addition of new cards to the wallet. Existing fraudulent cards were also purged. Metrics confirmed a reduction in chargeback dollar losses, the number of chargebacks, and good customer insult rates.

Customer protection and brand safeguarding

Our partnership focused on protecting customers, safeguarding brand reputation, and minimizing financial loss through the development of advanced solutions.