Executive Summary
Our Customer
SavvyMoney offers a Smarter Credit Score Solution for online and mobile banking platforms. The company provides comprehensive credit score analysis, monitoring, full credit report, and personalized offers — all in one dashboard.
With SavvyMoney credit score solutions consumers have convenient unlimited access to their credit score anytime and anywhere. Company’s main objectives are to empower customers’ control over financial health, to help understand how financial decisions might impact scores, and to provide users with the best savings options.
The Obstacles They Faced
SavvyMoney’s application works with sensitive data of real users, therefore, the company needed to ensure strict separation of the application’s codebase from its configurations.
How We Helped
Romexsoft’s dedicated development team investigated SavvyMondey’s requirements for sensitive data protection and enabled development without access to sensitive data.
We ensured that the same application with the same codebase could be launched in different environments: Staging, QA, and Production.
The Challenge
SavvyMoney’s primary challenge was to ensure secure storage and limited access, only by the authorized personnel, to all passwords for database access, API tokens, and other sensitive configuration parameters for Production instances.
The Solution
Amazon Web Services
SavvyMoney decided to choose AWS as their main hosting platform due to its scalability, reliability, constant innovations, low latency, and a huge variety of services. Romexsoft has successfully utilized a range of AWS tools during the development of the SavvyMoney’s app, ensuring the app’s high performance, global availability, and security.
AWS Services Utilized
EC2, Autoscaling, ALB, RDS MsSQL, ElastiCache Redis, SQS, Amazon MQ, S3, CloudFront, CloudWatch, CloudFormation, AWS CodeCommit.
Solution Delivered by Romexsoft
Romexsoft used AWS Systems Manager Parameter Store to provide secure and hierarchical storage for configuration data management and CodeCommit to make the collaboration on code easier.
SavvyMoney’s microservice architecture is built in Java Spring Boot framework. Each microservice is a separate REST API that performs the required business logic and is running on EC2 instances in the Autoscaling Group. Launch Configuration has an attached IAM role with read-only access to the parameter store. Therefore, any sensitive parameter is only known for the application on startup and there is no possibility to see it.
All sensitive configuration parameters from classic *.properties files are moved into the AWS Parameter Store and all *.property files with other parameters are moved into the CodeCommit. Spring Cloud Config service reads properties from CodeCommit, and REST API application calls Spring Cloud Config for required properties on startup or on-demand refresh. The access to Parameters store and CodeCommit have only the authorized employees.
Secure and Effective Development for Online Banking AWS Architecture Diagram
AWS Services Utilized
Name | Description |
CodeCommit AWS repository. It contains all properties of the application, except for sensitive data such as DB passwords, etc. | |
AWS System Manager Parameter Store. It contains sensitive data such as DB passwords. | |
AWS IAM role attached to EC2 instance with permission to Read parameters from Parameter Store. | |
AWS IAM User that has permissions to edit records in the Parameter Store. The development team has these permissions for Sandbox/Beta env. Only account administrator has these permissions for PreProduction/Production. |
|
Restful API, Spring Boot 2 application launched an EC2 instance within the Autoscaling group. The startup app performs two actions:
|
Technologies Used
What We Achieved Together
Romexsoft helped SavvyMoney to scale up faster. The improvements we implemented enabled SavvyMoney to increase the number of users by 250 times and to keep it growing.
We ensured that the development team had no access to sensitive data either in Parameter Store or being logged on the EC2 instance. Our team made the separation of parameters storage on Parameter Store and Code Commit which provides better security, handling, and maintenance.
We enabled the possibility to reload parameters from Parameter Store without application rebuild and ensured rigid separation of the application’s codebase from its configurations.
Feedback
“Romexsoft has built a skilled and proactive team for SavvyMoney, eager to propose new solutions and hire expertise when needed. It’s a pleasure to work with Romexsoft, and I would highly recommend them.”They have very good developers…. We haven’t had the same problem with them as with other vendors.”
Verified by AWS
This case study is validated by AWS. Experts and professional auditors from AWS reviewed this case study and verified that we, Romexsoft, have built a functional infrastructure and efficient cloud solution.
It showcases the value that Romexsoft, being a certified AWS Consulting Partner, delivers cloud solutions according to AWS standards and best practices.
Check out Romexsoft’s profile at AWS Partner Network.
Related Success Stories
Software Development Services for FinTech Company | Customer Case Study | FinTech
Verified by AWS
IT Staff Augmentation Services | Customer Case Study | AdTech
Managed Team | Customer Case Study | HealthCare
Why Romexsoft
Romexsoft has been a Trusted Software Vendor and Managed Service Provider since 2004.
- We are an AWS Certified Consulting Partner, focused on customer satisfaction and long-term partnership.
- We provide customers with the effective and market competitive solutions that absolutely separate them from the competition, help clients minimize their Total Cost of Ownership (TCO) and maximize Return on Investment (ROI).
- Having a number of AWS Certified Engineers, Cloud Architects, Java Developers, SysOps and DevOps Engineers in the team, Romexsoft offers rapid start and stable performance which 90% of its clients are willing to recommend.