CoreStep Microfinance Bank is a financial institution driving financial inclusion through technology, innovation, and strategic product offerings. Transitioning from a conventional microfinance setup to a fully digital bank, CoreStep launched its fintech platform, Corebank.
Corebank acts as a one-stop digital marketplace for services like deposits, transfers, loans, investments, and MSME advisory.
Industry Vertical
Microfinance & Digital Banking
Microfinance & Digital Banking
The Challenges
1. Moving to a More Efficient Infrastructure:
CoreStep relied on traditional, in-house on-premises systems to run its business services
like B2B operations and Point-of-Sale (POS) devices. However, this setup couldn't keep up with
the company’s growth. To handle more customers efficiently and ensure services ran smoothly
without hiccups, CoreStep needed to shift these systems to AWS, a cloud platform known for
reliability and scalability.
2. Making Loan Services Work Better Together:
CoreStep's loan application system was hosted on a separate cloud provider, Azure. This
setup created a divide between their systems, making it harder to streamline operations. By
planning to move the loan services to AWS in the future, CoreStep aimed to unify its
platforms and make everything work more seamlessly.
3. Building a Smarter POS System:
With their POS network expanding rapidly, CoreStep decided to build a new Terminal Management
System (TMS) to better support its operations. This system needed to handle:
- Instant Notifications: Sending alerts or updates directly to the devices.
- Secure Communication: Ensuring sensitive data exchanges between devices were
safe.
- Better Insights: Providing detailed analytics to improve decision-making.
To make this possible, they required:
❖ A serverless design, so the system could grow and manage workloads automatically.
❖ A setup that allowed updates to happen without stopping services.
❖ A strong and reliable backend using AWS tools like Elastic Load Balancing to share the
workload evenly, Amazon RDS to manage their databases efficiently, and NAT Gateways for
secure internet access.
4. Modernizing the Banking Data Platform:
As CoreStep's digital banking operations grew and their POS transaction volumes exceeded 10,000 daily transactions, they required a managed, highly available database platform with enterprise-grade security. The bank needed comprehensive monitoring, encryption at rest and in transit, automated backups, and disaster recovery capabilities to meet financial regulatory requirements while maintaining sub-second transaction authorization times.
1. Moving to a More Efficient Infrastructure:
CoreStep relied on traditional, in-house on-premises systems to run its business services like B2B operations and Point-of-Sale (POS) devices. However, this setup couldn't keep up with the company’s growth. To handle more customers efficiently and ensure services ran smoothly without hiccups, CoreStep needed to shift these systems to AWS, a cloud platform known for reliability and scalability.
2. Making Loan Services Work Better Together:
CoreStep's loan application system was hosted on a separate cloud provider, Azure. This setup created a divide between their systems, making it harder to streamline operations. By planning to move the loan services to AWS in the future, CoreStep aimed to unify its platforms and make everything work more seamlessly.
3. Building a Smarter POS System:
With their POS network expanding rapidly, CoreStep decided to build a new Terminal Management System (TMS) to better support its operations. This system needed to handle:
- Instant Notifications: Sending alerts or updates directly to the devices.
- Secure Communication: Ensuring sensitive data exchanges between devices were safe.
- Better Insights: Providing detailed analytics to improve decision-making.
To make this possible, they required:
❖ A serverless design, so the system could grow and manage workloads automatically.
❖ A setup that allowed updates to happen without stopping services.
❖ A strong and reliable backend using AWS tools like Elastic Load Balancing to share the workload evenly, Amazon RDS to manage their databases efficiently, and NAT Gateways for secure internet access.
4. Modernizing the Banking Data Platform:
As CoreStep's digital banking operations grew and their POS transaction volumes exceeded 10,000 daily transactions, they required a managed, highly available database platform with enterprise-grade security. The bank needed comprehensive monitoring, encryption at rest and in transit, automated backups, and disaster recovery capabilities to meet financial regulatory requirements while maintaining sub-second transaction authorization times.
Solution
Phase 1: Migration of B2B and POS Services
SoftGEM successfully migrated CoreStep’s on-premises B2B and POS services to AWS, leveraging
Amazon EC2 instances for computing power.
- Stability: The migration enhanced operational reliability.
- Cost Savings: AWS's scalable infrastructure reduced operational overhead.
- Future-Ready: The groundwork for migrating the Azure-based loan service
application to AWS was completed, streamlining CoreStep’s infrastructure for future
expansion.
Phase 2: Terminal Management System (TMS) Development
SoftGEM designed a serverless architecture using AWS Fargate, enabling CoreStep to efficiently
manage containerized workloads.
- Database Resilience: Amazon RDS for MSSQL with Multi-AZ replication ensured high
availability and faster data recovery.
- Traffic Distribution: Elastic Load Balancing (ELB) was implemented to
efficiently distribute traffic, optimizing system performance.
- Service Continuity: A NAT Gateway provided secure outbound internet access
while ensuring zero downtime during system updates.
Phase 3: Finlake CIB Deployment & Platform Enhancement
Building on the established AWS infrastructure, SoftGEM deployed Finlake CIB (Corporate & Institutional Banking) into CoreStep's AWS environment. Finlake CIB is a comprehensive banking tooling product that manages and optimizes the RDS database layer, enhancing CoreStep's existing TMS with enterprise-grade data management capabilities.
Key components of this phase include:
- Amazon RDS for MSSQL (Multi-AZ): Enhanced the existing RDS MSSQL deployment with Multi-AZ configuration for automated failover, ensuring continuous operation for CoreStep's POS transaction processing and TMS backend. Automated backups with 7-day retention and point-in-time recovery were configured.
- AWS Fargate Containers: Finlake CIB application services deployed on Fargate with optimized connection pooling to RDS, auto-scaling based on CPU utilization targets, and efficient handling of 10,000+ daily POS transactions with sub-second authorization times.
- Security & Encryption: Customer-managed AWS KMS keys for encryption at rest across RDS and EBS volumes. TLS 1.2+ enforced for all data in transit. AWS Secrets Manager for secure credential storage and automated rotation, eliminating hardcoded credentials from all application components.
- VPC Architecture: Multi-tier VPC design with private database subnets isolated from public-facing resources. Security groups restrict database access to the application tier only, with NAT Gateways for secure outbound connectivity and no direct internet access to database subnets.
- Monitoring & Operations: Amazon CloudWatch with Enhanced Monitoring for real-time database health metrics including CPU utilization, memory usage, and I/O performance. Custom dashboards tracking daily transaction volumes, success/failure rates, and peak hour performance analysis. Defined operational runbooks for incident response and troubleshooting.
- Backup & Disaster Recovery: Automated daily backups with 7-day retention, point-in-time recovery capability, and a documented disaster recovery plan with a Recovery Time Objective (RTO) of 4 hours and Recovery Point Objective (RPO) of 15 minutes.
- Identity & Access Management: AWS Identity Center for centralized user access management, IAM roles following the principle of least privilege, MFA enforcement for all users, and CloudTrail enabled across all regions for comprehensive audit logging.
Phase 1: Migration of B2B and POS Services
SoftGEM successfully migrated CoreStep’s on-premises B2B and POS services to AWS, leveraging Amazon EC2 instances for computing power.
- Stability: The migration enhanced operational reliability.
- Cost Savings: AWS's scalable infrastructure reduced operational overhead.
- Future-Ready: The groundwork for migrating the Azure-based loan service application to AWS was completed, streamlining CoreStep’s infrastructure for future expansion.
Phase 2: Terminal Management System (TMS) Development
SoftGEM designed a serverless architecture using AWS Fargate, enabling CoreStep to efficiently manage containerized workloads.
- Database Resilience: Amazon RDS for MSSQL with Multi-AZ replication ensured high availability and faster data recovery.
- Traffic Distribution: Elastic Load Balancing (ELB) was implemented to efficiently distribute traffic, optimizing system performance.
- Service Continuity: A NAT Gateway provided secure outbound internet access while ensuring zero downtime during system updates.
Phase 3: Finlake CIB Deployment & Platform Enhancement
Building on the established AWS infrastructure, SoftGEM deployed Finlake CIB (Corporate & Institutional Banking) into CoreStep's AWS environment. Finlake CIB is a comprehensive banking tooling product that manages and optimizes the RDS database layer, enhancing CoreStep's existing TMS with enterprise-grade data management capabilities.
Key components of this phase include:
- Amazon RDS for MSSQL (Multi-AZ): Enhanced the existing RDS MSSQL deployment with Multi-AZ configuration for automated failover, ensuring continuous operation for CoreStep's POS transaction processing and TMS backend. Automated backups with 7-day retention and point-in-time recovery were configured.
- AWS Fargate Containers: Finlake CIB application services deployed on Fargate with optimized connection pooling to RDS, auto-scaling based on CPU utilization targets, and efficient handling of 10,000+ daily POS transactions with sub-second authorization times.
- Security & Encryption: Customer-managed AWS KMS keys for encryption at rest across RDS and EBS volumes. TLS 1.2+ enforced for all data in transit. AWS Secrets Manager for secure credential storage and automated rotation, eliminating hardcoded credentials from all application components.
- VPC Architecture: Multi-tier VPC design with private database subnets isolated from public-facing resources. Security groups restrict database access to the application tier only, with NAT Gateways for secure outbound connectivity and no direct internet access to database subnets.
- Monitoring & Operations: Amazon CloudWatch with Enhanced Monitoring for real-time database health metrics including CPU utilization, memory usage, and I/O performance. Custom dashboards tracking daily transaction volumes, success/failure rates, and peak hour performance analysis. Defined operational runbooks for incident response and troubleshooting.
- Backup & Disaster Recovery: Automated daily backups with 7-day retention, point-in-time recovery capability, and a documented disaster recovery plan with a Recovery Time Objective (RTO) of 4 hours and Recovery Point Objective (RPO) of 15 minutes.
- Identity & Access Management: AWS Identity Center for centralized user access management, IAM roles following the principle of least privilege, MFA enforcement for all users, and CloudTrail enabled across all regions for comprehensive audit logging.
Results
- Seamless Migration with Minimal Downtime : Migrated B2B and POS services to
AWS with less than 2 hours of downtime, ensuring uninterrupted service delivery.
- Enhanced Scalability and Cost Efficiency: AWS Fargate’s serverless
architecture enabled CoreStep to handle peak workloads with a 28% scalability improvement,
with significant savings in infrastructure costs.
- Expanded Customer Base : Corebank’s active user base grew from 5,000 to over
150,000 within 12 months, driven by innovative features like reward incentives and zero
transaction fees.
-
Increased Customer Engagement : The implementation of the TMS introduced
features like device push notifications and advanced analytics, resulting in a 40% increase in active user sessions, a 25%
growth in transaction volumes, and a 30% improvement in user retention over three months.
-
Sub-Second Transaction Processing: Finlake CIB on RDS MSSQL delivers 1-second authorization times for POS transactions, with the Multi-AZ configuration providing 99.9%+ database availability for CoreStep's growing terminal network.
-
Enterprise-Grade Security & Compliance: Full encryption at rest and in transit, automated credential rotation via Secrets Manager, and comprehensive audit trails via CloudTrail meeting financial regulatory compliance requirements.
-
Operational Excellence: Real-time monitoring dashboards, defined KPI thresholds with automated alerting, and documented runbooks ensure rapid incident detection and resolution with defined RTO/RPO targets.
- Seamless Migration with Minimal Downtime : Migrated B2B and POS services to AWS with less than 2 hours of downtime, ensuring uninterrupted service delivery.
- Enhanced Scalability and Cost Efficiency: AWS Fargate’s serverless architecture enabled CoreStep to handle peak workloads with a 28% scalability improvement, with significant savings in infrastructure costs.
- Expanded Customer Base : Corebank’s active user base grew from 5,000 to over 150,000 within 12 months, driven by innovative features like reward incentives and zero transaction fees.
- Increased Customer Engagement : The implementation of the TMS introduced features like device push notifications and advanced analytics, resulting in a 40% increase in active user sessions, a 25% growth in transaction volumes, and a 30% improvement in user retention over three months.
- Sub-Second Transaction Processing: Finlake CIB on RDS MSSQL delivers 1-second authorization times for POS transactions, with the Multi-AZ configuration providing 99.9%+ database availability for CoreStep's growing terminal network.
- Enterprise-Grade Security & Compliance: Full encryption at rest and in transit, automated credential rotation via Secrets Manager, and comprehensive audit trails via CloudTrail meeting financial regulatory compliance requirements.
- Operational Excellence: Real-time monitoring dashboards, defined KPI thresholds with automated alerting, and documented runbooks ensure rapid incident detection and resolution with defined RTO/RPO targets.