Case study for a banking system with multicurrency accounts and exchange features
The primary requirement was to provide clients with useful features, such as easy increasing of the account balance, exchange of conventional (fiat) currencies or making transactions via a simplified banking app. For the first part of the project, our goal was to let clients transfer funds (using conventional currencies) without high bank charges. Later on, these features were supposed to be extended to cryptocurrencies as well.
In order to run smoothly, the app also required extensive back-office enabling the review of all documents submitted by users. Upon registration, users would be asked to upload documents, which would then be reviewed by the back-office personnel. Another useful feature of the system was supposed to be the chat for flexible communication with customers. Depositing funds and performing transactions was to be enabled only after successful identity verification. The last important requirement was availability in multiple language versions.
Account overview screen
Challenge for our developers
Just as with all other banking apps, it was necessary to focus primarily on the security functions. That involved confirmation and recording of all actions and transactions. Unlike the early stages (where manual features were predominant), the subsequent phases of the development process called for increased automation. This made it possible to display current exchange rates, account balances, transaction history and available funds, and to facilitate verification.
How we approached the project
To ensure the first level of the system security, we used two-factor authentication (via email, text message, or using both methods). Following that we added the reCaptcha feature and verification via Google Authenticator. The subsequent security layer was implemented through a series of automated and penetration tests conducted in regular intervals by a third party. User documents were uploaded to the Amazon S3 bucket with the possibility of single viewing.
Several areas necessitated automation. For regular downloads of current exchange rates, we used the API Interactive Brokers service. Loading of account balances after counting in incoming payments on the collection accounts is done separately based on the variable symbols. Outgoing payments are issued automatically by the system in the form of bank orders using specified accounts of the respective recipients. Admins see current balances on all accounts and can, if necessary, disable any payments or exchange rates for a limited period of time. In the final stage, we implemented automation using Amazon Rekognition API.
- Multi-level login security
- Required identity verification after signing-up
- Secure features allow for exchange and transfers in foreign currencies
- Users can see all transactions and other actions made on their account
- Email notifications for all user actions
- The app is suitable for the B2B sector where users have to serve multiple companies
- Available in 4 language versions
- Back-office personnel can review documents submitted by users and request additional documents through a message to which the user can attach files in response
- Back-office personnel can use a wide range of options for settings and system management
- All user actions are recorded and made accessible to admins
Technologies used for development
The system core was programmed in Python and its Django Rest Framework. Asynchronous actions use the Celery scheduler and the Redis queue. The system was connected to Google Authenticator and API Interactive Brokers and also to the Fio Bank multicurrency accounts. While programming the user web app including back-office, we used the React.js. framework.
Another case studies