CompletedFintech / Payments

FinPay — Fintech Payment Gateway

$2M+ monthly volume with 99.99% success rate and real-time fraud detection

A PCI DSS Level 1 compliant payment processing platform built for PayStream, a fintech startup serving small and mid-size e-commerce merchants. The platform handles multi-currency payment processing across 15 currencies, real-time transaction monitoring with custom fraud scoring, automated daily reconciliation, and a merchant self-service onboarding portal. Currently processing $2M+ monthly transaction volume with a 99.99% success rate and 98.5% fraud detection accuracy.

Role: Senior Backend Developer & Security Architect

Client: PayStream

Team: 3-person team (1 senior backend dev, 1 frontend developer, 1 QA engineer)

Started: January 2024

Completed: July 2024

$2M+

Monthly Volume

Processing transactions for 200+ active merchants across 15 currencies

99.99%

Success Rate

Up from 95% — automatic retry logic recovered 4.8% of previously-lost transactions

98.5%

Fraud Detection

Accuracy with only 2.1% false positive rate (down from 12% with Stripe Radar alone)

<20 min

Onboarding Time

Down from 3-day email chain — 60% of merchants complete onboarding in one session

The Challenge

PayStream had cobbled together a payment integration using a basic Stripe API wrapper built by a freelancer 18 months prior. The system had four critical issues that were actively costing the business money and reputation. First, failed transactions had no retry logic — if a payment failed due to a transient network error or card issuer timeout, it was simply marked as failed, and the merchant had to manually ask the customer to retry. This was happening for 3-5% of transactions, costing merchants an estimated $40K/month in lost sales. Second, reconciliation was entirely manual — PayStream's operations team spent 15 hours per week downloading CSV exports from Stripe, matching them against their database, and investigating discrepancies. Third, the existing fraud detection relied solely on Stripe Radar's default rules, which were producing a 12% false positive rate (blocking legitimate transactions) while missing sophisticated fraud patterns that cost merchants $8K/month in chargebacks. Fourth, the merchant onboarding process was a 3-day email chain involving 14 manual steps — from KYC document collection to Stripe Connect account creation to webhook configuration. PayStream was losing 40% of prospective merchants who abandoned the onboarding process before completing it.

The Approach

I designed the platform as three interconnected services: a payment processing engine, a fraud detection system, and a merchant management portal. The payment engine is built on Stripe Connect with a custom orchestration layer that handles multi-currency routing (selecting the optimal Stripe account per currency to minimize conversion fees), automatic retry logic with exponential backoff for transient failures, and idempotent payment creation to prevent duplicate charges. Every transaction is recorded in an event-sourced ledger using PostgreSQL with append-only tables — this gives us an immutable, audit-grade record of every state change for every transaction, which is both a PCI requirement and the foundation of our automated reconciliation. The reconciliation service runs daily at 2 AM UTC, pulling settlement reports from Stripe and matching them against our ledger using a three-pass algorithm: exact match on transaction ID, fuzzy match on amount + timestamp for split transactions, and anomaly flagging for unmatched records. The fraud detection system scores every transaction using a combination of velocity checks (how many transactions from this card/IP/device in the last hour), behavioral analysis (purchase amount vs. merchant average, geographic anomalies), and a custom risk model trained on 6 months of historical chargeback data. Transactions scoring above the configurable threshold are held for manual review, and merchants can tune sensitivity per their risk tolerance. The merchant portal features a self-service onboarding wizard that handles KYC document upload, Stripe Connect account creation (Standard or Express), webhook configuration, and API key generation — reducing onboarding from 3 days to under 20 minutes.

Key Features

Multi-currency payment processing across 15 currencies with optimal routing

Real-time transaction monitoring dashboard with live feed and alerting

Custom fraud scoring engine with velocity checks, behavioral analysis, and ML model

Automated daily reconciliation with three-pass matching algorithm

Event-sourced transaction ledger for immutable audit trail (PCI requirement)

Merchant self-service onboarding wizard (KYC, Stripe Connect, webhooks, API keys)

Webhook management dashboard with delivery logs, replay, and health monitoring

Configurable fraud sensitivity per merchant with manual review queue

Automated retry logic with exponential backoff for transient payment failures

PCI DSS Level 1 compliance with tokenized card data and network isolation

Scope:16 pages (merchant portal + admin dashboard), payment processing engine, fraud detection system, event-sourced reconciliation pipeline, merchant onboarding wizard, webhook management system, automated test suite with PCI compliance validation

Built With

ReactTypeScriptNestJSPostgreSQLStripe ConnectRedisDockerAWS

Challenges & Solutions

Challenge

Cross-currency transactions accumulated rounding errors that created small but growing discrepancies in the ledger. After 3 months of testing, the cumulative error for EUR↔USD conversions alone was $847 — unacceptable for a financial platform that needs penny-perfect accuracy

Solution

Replaced all floating-point arithmetic with Decimal.js for arbitrary-precision calculation (34 significant digits). Implemented a double-entry bookkeeping system where every transaction creates paired debit/credit entries that must sum to zero. The reconciliation service validates the zero-sum invariant daily and flags any balance that deviates by more than $0.01. Added a rounding allocation algorithm that distributes sub-cent remainders deterministically so the same split always produces the same result

Challenge

PCI DSS Level 1 compliance required complete network isolation for any component that touches raw card data, but the main application needed to display masked card numbers and process refunds — creating a tension between security isolation and operational functionality

Solution

Designed a tokenization microservice running in an isolated VPC with no internet egress except to Stripe's API. The microservice receives card data directly from the client-side (Stripe.js), creates a payment intent, and returns only a token to the main application. The main database never stores any card data — only Stripe tokens, last-4 digits, and expiry month/year. Refunds are processed by sending the token back to the tokenization service. All communication between VPCs uses AWS PrivateLink with TLS 1.3. The architecture was validated by a third-party PCI QSA (Qualified Security Assessor) in a 2-week audit

Challenge

The fraud scoring model needed to balance between blocking fraudulent transactions (false negatives cost merchants money via chargebacks) and not blocking legitimate transactions (false positives cost merchants sales and customer trust) — and different merchants had very different risk tolerances

Solution

Built a configurable three-tier fraud response system: transactions scoring 0-40 (low risk) are auto-approved, 40-75 (medium risk) are approved but flagged for post-transaction review, and 75+ (high risk) are held for manual approval. Each merchant can adjust these thresholds via a slider in their dashboard. The model retrains weekly on new chargeback data, and merchants can mark false positives/negatives to improve their personalized model. Added a "shadow mode" where new model versions score transactions in parallel without affecting real decisions, allowing A/B comparison before deployment

Gallery

Real-time transaction monitoring dashboard with fraud alerts

Merchant onboarding wizard with KYC verification

Multi-currency payment analytics and reconciliation report

Project Timeline

Architecture & PCI Compliance

Designed isolated VPC architecture for PCI DSS Level 1. Built tokenization microservice, event-sourced ledger schema, and Stripe Connect integration.

Due: Feb 28, 2024Completed: Feb 25, 2024

Payment Engine & Multi-Currency

Implemented payment orchestration with multi-currency routing, automatic retry logic, idempotent processing, and Decimal.js-based precision arithmetic.

Due: Apr 10, 2024Completed: Apr 7, 2024

Fraud Detection & Reconciliation

Built custom fraud scoring engine with velocity checks and behavioral analysis. Created three-pass automated reconciliation service with anomaly flagging.

Due: May 25, 2024Completed: May 22, 2024

Merchant Portal & PCI Audit

Built self-service onboarding wizard (KYC, Stripe Connect, webhooks). Created monitoring dashboard. Passed third-party PCI QSA audit with zero findings.

Due: Jul 20, 2024Completed: Jul 15, 2024

TypeScriptTestedSecureCI/CDDockerHigh Performance

Explore This Project

View Live Demo →View Source Code

Related Projects

Completed

DevCollab — Real-Time Code Review Platform

A real-time code review and pair programming platform built for distributed engineering teams. DevCollab combines Google Docs-style collaborative editing with GitHub PR workflows, live cursors, inline threaded comments, peer-to-peer video chat via WebRTC, and session recording for async review. The platform reduced code review turnaround from an average of 48 hours to under 2 hours for CodeBridge's 40+ person engineering team, and now serves 120+ active teams with 8,000+ review sessions monthly.

Code review turnaround from 48 hours to under 2 hours — for teams that ship fast

Next.jsTypeScriptSocket.IOWebRTC+4

Details Demo Code

In Progress

SaaS Analytics Platform

A multi-tenant product analytics platform built as an affordable alternative to Amplitude and Mixpanel for mid-market SaaS companies. The platform ingests 50M+ events daily from 500+ business tenants, provides sub-second query responses via ClickHouse, and offers a drag-and-drop dashboard builder with funnel analysis, cohort tracking, and automated reporting. Currently in active development with the event pipeline and core analytics engine complete, and the dashboard builder in its final phase.

Enterprise-grade product analytics at 1/10th the cost — processing 50M+ events daily

ReactTypeScriptNestJSClickHouse+4

Details

Completed

HealthTrack Dashboard

A real-time health monitoring dashboard for VitalSync, a fitness technology startup. The platform aggregates data from 12+ wearable device brands (Fitbit, Apple Watch, Garmin, Whoop, Oura, Samsung Galaxy Watch, and more) into a unified dashboard with interactive D3.js visualizations, personalized health insights powered by a lightweight ML model, and automated weekly health reports. Currently serving 8,000+ users with 2M+ daily data points.

Unified health insights from 12+ wearable brands — real-time, personalized, actionable

Next.jsD3.jsNestJSPostgreSQL+4

Details Demo Code

←Back to All Projects