PayCloud builds DSS compliant payment service from the ground up

Industry

Technology

Introduction

NashTech built a payment service from the ground up providing added security features, greater efficiency for billing and collections and multiple payment options for consumers, achieving 100% PCI DSS compliance.

PayCloud services is a payment processing company specialising in handling complex payment methods in the insurance domain. Insurance companies or insurance payment carriers can easily use PayCloud’s payment processors to settle payments from the customers. Payments through credit card, debit card, Electronic Fund Transfer(ACH), etc. can be carried out in a highly secure way with the consumer by choosing PayCloud’s mobile app, IVR on the phone, PayCloud’s web portal, or by implementing PayCloud’s API.

Challenges

The insurance domain is a complex domain when it comes to settling payments from the customer. There are multiple ways to settle payments received from the customer, for example, through cash, check, credit cards, electronic drafts, etc. The method of transferring the payment to the insurer is important, too, as the payments can be made in person, through a POS (point of sale), by mail, and by electronic or online methods.

PayCloud’s requirement was to build a 100% PCI DSS compliant, safe, and the secure operating environment through which payments could be processed. They needed a common interface that could be used both by the insurers and their customers for receiving and making payments, respectively.

Another requirement was to gather intelligence from the payments submitted through various mediums and identify areas of improvement such as customer experience and quicker and faster payments.

Solution

To overcome the challenge, NashTech spent time understanding the domain for defining a robust, secure, and performant architecture and for providing analytics for business improvement.

NashTech helped in building the payment service for insurance from the ground up. NashTech took a Domain Driven Design approach to divide the problem into sub-domains and build an orchestration layer to enable communication between the sub-domains. Each sub-domain was developed as a Microservice with a service-specific database, and an orchestration layer was built to enable communication between services by passing messages through message queues.

Our approach helped make the solution more modular, offering multiple payment options to the consumers with 100% PCI DSS compliance and added security features.