Our client is a leading American retailer and a Fortune 500 FashionTech company.
The client experienced significant business challenges, particularly in payment systems, fraud detection, and infrastructure modernization.
Our client had a legacy payment system that failed during a peak sales season, resulting in millions of dollars in lost revenue. The system required a complete overhaul, both in terms of rewriting the code with best engineering practices and redesigning the infrastructure. The primary issue lay in the graph database (GDB) used to persist payment data. Additionally, the existing system contained a significant amount of complex and poorly written code that needed to be updated.
We designed and built a new solution from scratch. Our team developed a microservice responsible for handling API calls related to payments. We employed Infrastructure as Code (IaC) using AWS CloudFormation Templates (CFT) and custom pipelines in GitLab CI/CD. We also integrated the service with a third-party API (Discover) and created a library for interacting with the internal API responsible for managing gift cards.
Our client partnered with a third-party vendor (Forter) for fraud checks. Although multiple teams had their integrations with Forter, the client decided that the Fraud team should oversee all communications with the vendor. Our task was to implement the most critical aspect of fraud checks—making decisions on customer orders.
We built a microservice to handle API calls with order information. The team used Infrastructure as Code (IaC) with AWS CloudFormation and custom pipelines in GitLab CI/CD. We also integrated the service with Forter’s API. Additionally, we developed a separate service that utilized SQS for asynchronous API calls, ensuring no data loss. As the project grew, we transitioned to Kafka events to handle the majority of the traffic. Eventually, the service was redesigned and decomposed from one SQS/Kafka microservice into seven distinct microservices, each managing a separate business flow.
Once a day, our client receives a file containing all financial transactions from a third-party vendor (WorldPay). The Fraud team was responsible for parsing this file, which initially involved three AWS Lambdas. However, the process used outdated infrastructure and was not fully aligned with modern engineering practices, necessitating a rewrite.
We redesigned the process to use two AWS Lambdas instead of three and later updated it to produce Kafka events with financial details. The solution was deployed using custom CI/CD pipelines and AWS CloudFormation. When the transaction volume became too high—particularly during anniversary sales—the AWS Lambda solution could no longer process the file within the 15-minute execution window. To address this, we completely redesigned the project, transitioning from AWS Lambda to AWS Batch.
One of our client’s APIs was being abused, with users attempting to test credit card information, particularly CVV numbers. As a result, the client needed a way to block certain customers from accessing this endpoint if they violated internal rules, effectively implementing rate-limiting logic.
We designed a service that acted as a proxy between the Checkout and Payments systems. This service was responsible for validating requests against all business rules and call rates. It either passed the request through to the Payments system or blocked the customer by calling another internal API.
Our client’s third-party vendor (Forter) did not support fraud checks for fund return requests. As a result, the client created a separate Machine Learning (ML) team to develop a solution. The Fraud team was chosen to act as a bridge between the ML team and the client’s other systems, treating ML as a secondary fraud vendor. Our task was to send data on Non-Payment Returns (NPRs) to the ML team, receive their decision, and respond to the requests. We also needed to build a user interface for fraud agents to manually review requests that could not be decided by the ML team.
We designed a service that read NPR requests from Kafka, aggregated them based on specific fields, and sent them to the ML team for decision-making via Kafka. Later, we replaced the ML communication with SQS and AWS Lambda, which wrote data directly to the database. Additionally, we built a separate API service for manual NPR reviews by agents, along with a UI that integrated with Okta/ServiceNow for user authorization.
Our partnership focused on protecting customers, safeguarding brand reputation, and minimizing financial loss through the development of advanced solutions.