PIN Reset System Migration

Aug 2025 - Sep 2025

Backend Developer

Project Link Access to this project is restricted because it runs in an internal environment.
PIN Reset System Migration thumbnail
Tech Stack

Chapter 1. Setting the Stage

Migrated an internal PIN reset system from a legacy PHP implementation into a more maintainable Python-based backend. The system supports a secure multi-step flow for identity verification, follow-up access, and PIN reset processing.

This work was delivered in collaboration with API Provider Team and UI/UX Team.

Chapter 2. Carrying the Work

Responsibilities in this project included Backend Development, Database Design, System Integration, and Verification Flow Handling.

Chapter 3. What Changed

The migration improved maintainability and structure of a security-critical backend system, making it easier to manage and extend while preserving the required user flow and business behavior.

Chapter 4. The Problem and the Response

Problem

The existing PIN reset system supported a sensitive verification flow, but the backend structure came from a legacy PHP implementation that was harder to maintain and extend. Because the system handled identity checks, reset continuation, and audit-related activity, any change had to preserve the trust and stability of the original process.

Solution

The solution was to migrate the core logic into a cleaner Python-based backend while keeping the reset journey familiar and dependable for users. My contribution focused on helping build the backend side of that migration so the system became easier to manage, easier to evolve, and more structured without changing the essential business behavior.

Chapter 5. How It Was Built

This project centered on the backend side of a security-sensitive internal flow, covering verification handling, reset processing, supporting integrations, and the operational structure needed to keep the system dependable in production.

Implementation Flow: Incoming verification requests are validated first so only trusted reset attempts can move into the next stage. The backend coordinates reset logic, email delivery, audit-related activity, and internal integration points inside one controlled process. Validation rules, response handling, and production-facing safeguards are refined so the migrated service remains stable and maintainable.

Implementation details included Built backend service using Python, Designed database for transaction and activity logging, Integrated with internal security-related services, Implemented reset and verification flows on the backend side, Supported deployment to Google Cloud with assistance from the research team, and Handled validation scenarios, error cases, and audit logging.

Some implementation details have been intentionally generalized because this was an internal system.

Chapter 6. Application Flow

Primary Flow: Users provide identity details for initial verification. Once validated, the system sends a follow-up link to the user's personal email. Users complete one more verification step before creating a new PIN securely.

Secondary Flow: Users provide identity details for verification. Once validated, the system sends authenticator setup details directly to the user's personal email.

Explore More Projects

A few more top picks that show adjacent product, platform, and operations work across the portfolio.

View All Work