Intelligent Payments Group is one of Europe’s largest payment gateways serving a range of merchants in Europe and North America. IPG is a subsidiary of EVO Payments, which acquired the firm in 2016. For over two years, Espeo Software has worked alongside IPG to launch a flexible recurring payments module that went live in October 2019. Additionally, Espeo maintains platform security, ensuring it complies with the Payment Card Industry Data Security Standard, or PCI DSS.
In our cooperation, we’ve honed our fintech skills and have gained invaluable experience in the payments field. We’d like to share with you our client’s success story and shed some light on one of our most exciting projects to date. Find out more about our IPG project below and in our portfolio entry here.
Rollout of a flexible payment gateway
IPG came to us with ambitious plans to expand its payments network and needed a robust nearshore team to help them achieve it quickly. The main goal of the project was to implement recurring payments so that IPG could offer a flexible payment gateway to its clients. Merchants of all sizes can use IPG and scale up or down easily. We’re also currently maintaining platform security and continue to keep it PCI DSS compliant. Since the firm undergoes routine security audits, we help to keep it up to date with all the latest regulations. Part of this was developing ways to store credit card details securely.
Getting fully acquainted with these regulations was challenging at first, but we achieved this and continue to keep the platform secure. Following IPG’s acquisition by EVO Payments, IPG’s reach extended to markets outside of Europe and the company also offers its services to e-commerce merchants in the US and Mexico.
One of the key features of the portal is its customer management function which offers merchants detailed reports on user behavior. This, in turn, allows merchants to optimize their sales process and automate online payments. Smaller merchants can use a dedicated management module available as a website, while bigger merchants prefer integrating with the payment API to schedule payments and receive results. Additionally, merchants can set up a flexible plan and IPG handles the payments automatically. These insights and flexibility enable merchants to customize services to their specific target customers.
Recurring payments module
A team of eight espeo developers and testers worked for over a year to develop and deliver a recurring payments module. One of the main technological challenges we faced was the sheer complexity of the system. Adjusting the app to different markets and jurisdictions was another. In Mexico, you have one system and in the U.S., it’s totally different. We worked closely with business analysts, testers, and their in-house developers on the project. Communication had to be open and consistent. Gaining a full grasp of the project allowed us to find the best solutions and offer ways to best solve the business challenges we faced. Our team coordinated with teams in Gibraltar, Hungary, the U.S., China, and Poland.
We ran programming jobs in Java and PHP to develop new payment channels and support integration with platforms such as Blik, PayPal, Alior Bank, eService, and others.
Piotr Horzycki and Grzegorz Wojciechowski, two developers on the project find this work particularly rewarding. Right now they’re working on applying strong customer authentication, related to the recent Revised Payment Services Directive, or PSD2.
“We’re implementing a newer version of 3-D Secure. Right now it’s just 1.0 we’re implementing 2.0. This will take a lot of work for all the payment methods because the payment methods will change their API integrations. I’m working on the first integration with a company from Spain called Redsys. They have a new API and I’m working on an integration with a new method,” said Horzycki.
IPG uses JBoss Fuse to manage payment method integrations. Piotr explained that every integration needs a separate piece of software called an OSGi bundle which integrates the payment gateway with a payment method.
One of the main goals of the project is to manage software complexity. “We’re doing this by creating interchangeable and versioned modules,” said Horzycki. “This way, payment method integrations can be easily added, updated, deployed, tested, debugged and removed. The design is clear, so we can avoid bugs. Fixing one integration does not break other integrations, so the whole payment gateway is more fail-proof. After all the payment industry is very serious. There can be huge gains, but also huge losses. Especially since IPG has many clients in sports betting and online casinos, so it’s very important that everything works. If something is not working for an hour, then these companies have huge losses. That’s the main concern.”
Openshift Container Platform is another tool to divide complex software into smaller parts and then build and deploy every part individually. OCP is used by IPG to handle customer-facing applications for testing and production environments.
By using OCP, we can significantly reduce time-to-market due to automation. We can also increase system scalability in case of higher loads. IPG can easily handle traffic from new markets by creating more containers within OCP.
Meanwhile, Grzegorz is also working with a security analysis tool called Veracode that scans and defends applications against attacks using an on-demand solution that conducts deeper binary analysis.
“We’re analyzing all vulnerabilities, drawing conclusions and preparing solutions based on acquired knowledge,” said Wojciechowski. “We can use the Veracode online platform for running tests, scanning code, and preparing mitigations. We’re able to solve problems in accordance with the rules contained in the category system for software weaknesses and vulnerabilities.”
Part of how we work — and what sets us apart — is that we don’t just follow orders, but also offer technical consulting. As mentioned above, one of our main tasks was to design a flexible solution for both small and big merchants IPG’s initial proposal was to use Secure File Transfer Protocol, or SFTP for large clients. However, when we started digging into details, we noticed that it was not optimal and would complicate the end-user experience. So we proposed they use their own application programming interface via HTTPS. This ended up being a far more straightforward solution that ended up saving IPG countless hours of development time and creates a better UX overall. Our team’s ability to look critically at a project and anticipate the outcome passes savings on to our clients, providing considerable value.
In the coming months, we plan to introduce a pay-per-use model to extend even more flexibility and cost savings to IPG’s clients. Our expertise in the fintech sector — and especially in integrating recurring payments features with payments providers.
If you’re looking for a team of experts to guide you in your fintech project, or need to extend your own team, drop us a line!
- Our tips for effective cooperation on outsourcing software development
- Our product design workshops – how to guarantee the most effective application development process
- Client’s engagement in an application development project. What involvement is needed for successful delivery?
- How to build a secure and customer-friendly online payment solution