Enhancing Access and Identity Management for a Trusted Credit Assessment Company
A secure, centralized access system ensures users get only available information — fast and risk-free, no matter how many platforms are in play.
Quick Info
Client
A worldwide leader in credit rating and financial analysis, enabling businesses, investors, and governments to make better decisions. Their expertise drives market confidence, shaping how industries assess risk and investment opportunities worldwide.
Need
The client needed a secure and scalable access management system to consolidate authentication across several platforms. They wanted to have multiple types of login supported while still having centralize control of permissions, aiming to maximize performance and efficiency.
Solution
Specializing in ecommerce web development services for the fintech domain, Expert Soft’s team stepped in to build the centralized management system. We analyzed all client platforms in terms of authentication requirements, such as SSO, password logins, IP login, with different sets of access rules for each.
With multiple platforms in place and users that may have access to only one or several, the next step was to develop “Launchpad” — a system that detects the login method and identifies the specific platform being accessed. For users with access to multiple platforms, the SSO feature ensures they log in once and gain seamless entry to all available platforms automatically.
Migrating from an outdated previous authentication service to Amazon Cognito provided a fully managed authentication solution with built-in MFA, adaptive authentication, and federated identity management, reducing security risks and maintenance overhead while improving both reliability and compliance.
Optimizing infrastructure for cost and performance
As the fintech platform grew, scalability and cost efficiency became pressing concerns. The custom Kubernetes setup required constant manual upkeep, making deployments cumbersome, while DocumentDB’s high maintenance costs made it an unsustainable choice for the company. To future-proof the system and improve performance, we performed two key migrations.
Migrating from DocumentDB to AtlasDB
DocumentDB’s high expense and inefficiencies prompted a migration to the less expensive and more scalable AtlasDB. However, the transition wasn’t without challenges: bottlenecks in performance resulted from differences in how AtlasDB handled data retrieval.
We found that certain requests were pulling more data than needed, which not only slowed down the response time but also put an unnecessary load on the system. To rectify this, our team revised these requests to be more specific, fetching only the data that was necessary for the given operation.
The effect was profound: quicker access control, better performance, and $500,000 yearly cost savings via AtlasDB’s pay-as-you-go pricing model.
Shifting from Custom Kubernetes to Amazon EKS
The original custom Kubernetes infrastructure required constant maintenance and manual resource management, which was unnecessary overhead. We moved the platform to Amazon Kubernetes (EKS), which eliminated the need for manual scaling, simplified deployments, and reduced operational costs.
The migration improved system reliability, making it easier to scale and with less downtime, freeing up engineering resources to focus on innovation rather than infrastructure management.
Challenges
Optimizing user access estimation
The legacy system lagged when processing user access rights, which meant frustrating delays in granting access to essential financial information. For example, users who had just purchased a service often had to wait before they could use it.
As part of the solution, we moved the access estimation service to Kafka to provide real-time updates. Now, when a user purchases an item, instant access is granted to them, with no wait time necessary to reduce the experience.
Managing feature toggles for regional compliance
The client needed a way to comply with regional content regulations, especially in China, where certain news articles couldn’t be shown to users due to government restrictions. Manually filtering content wasn’t scalable, and hardcoding rules for different regions would have made updates slow and inefficient.
We implemented feature toggles, allowing content visibility to be controlled dynamically based on a user’s location. Instead of redeploying code every time regulations changed, admins could now toggle content on or off in real time. This made it easy to ensure compliance without disrupting the user experience or requiring engineering effort for every update.
Reducing manual user data updates
Keeping user data up to date used to be a time-consuming, manual process for administrators, slowing down workflows and leaving room for errors. Every update required individual data entries, making even simple changes a hassle.
To solve this, we built the Bulk Update tool, where administrators can upload a CSV file and automatically make changes. What used to take hours is now done in seconds, saving time, minimizing errors, and making user management effortless.
Results
Technologies
Java, Spring, Kafka, JUnit, Mockito, Docker, Kubernetes
