Chapter 1. Setting the Stage
Migrated an internal PIN reset system from a legacy PHP implementation into a more maintainable Python-based backend. The system supports a secure multi-step flow for identity verification, follow-up access, and PIN reset processing.
This work was delivered in collaboration with API Provider Team and UI/UX Team.
Chapter 2. Carrying the Work
Responsibilities in this project included Backend Development, Database Design, System Integration, and Verification Flow Handling.
Chapter 3. What Changed
The migration improved maintainability and structure of a security-critical backend system, making it easier to manage and extend while preserving the required user flow and business behavior.
Chapter 4. The Problem and the Response
Problem
The existing PIN reset system supported a sensitive verification flow, but the backend structure came from a legacy PHP implementation that was harder to maintain and extend. Because the system handled identity checks, reset continuation, and audit-related activity, any change had to preserve the trust and stability of the original process.
Solution
The solution was to migrate the core logic into a cleaner Python-based backend while keeping the reset journey familiar and dependable for users. My contribution focused on helping build the backend side of that migration so the system became easier to manage, easier to evolve, and more structured without changing the essential business behavior.
Chapter 5. How It Was Built
This project centered on the backend side of a security-sensitive internal flow, covering verification handling, reset processing, supporting integrations, and the operational structure needed to keep the system dependable in production.
Implementation Flow: Incoming verification requests are validated first so only trusted reset attempts can move into the next stage. The backend coordinates reset logic, email delivery, audit-related activity, and internal integration points inside one controlled process. Validation rules, response handling, and production-facing safeguards are refined so the migrated service remains stable and maintainable.
Implementation details included Built backend service using Python, Designed database for transaction and activity logging, Integrated with internal security-related services, Implemented reset and verification flows on the backend side, Supported deployment to Google Cloud with assistance from the research team, and Handled validation scenarios, error cases, and audit logging.
Some implementation details have been intentionally generalized because this was an internal system.
Chapter 6. Application Flow
Primary Flow: Users provide identity details for initial verification. Once validated, the system sends a follow-up link to the user's personal email. Users complete one more verification step before creating a new PIN securely.
Secondary Flow: Users provide identity details for verification. Once validated, the system sends authenticator setup details directly to the user's personal email.