IT Services

Creating next level deployment environment with fast and secure AWS infrastructure

Signature Cloud

IT Services

Creating next level deployment environment with fast and secure AWS infrastructure

Signature Cloud

About Signature Systems

Signature Systems is an IT consulting and services company based in London, UK.

A provider of professional IT services, including custom application development, testing, and system integration, the company provides automation solutions that enhance business processes. Whether it is Business Process Re-engineering (BPR) or high-end consulting, the company uses standard modelling and analysis practices to understand organization needs.

The Signature Systems Automation Solution is led by a team of experts with extensive experience in delivering automation solutions.

Business Challenge

Signature Systems had two critical projects. One is Jibli, which is a mobile shopping application and the other is DinarPay, which is a currency transfer payment platform.

It was planned to launch DinarPay as soon as possible as a fintech application. The production and testing environments of DinarPay were expected to be deployed to AWS securely. The requirements are stated as follows:

  • The deployment of DinarPay web application, backend application and database servers to AWS
  • Web application, backend application and database servers should be highly available (clustered)
  • The deployment should handle the following projected transaction details.
SL Description Total Hits Per Minute Average Per Day
01 Mobile APP 1000 15000
02 B2B 500 5000
03 Web Access 100 1000
Total 1600 21000

Following is the list of software’s and API’s used for the Core PGS System development – which is responsible for Mobile API Web services and Web System.

SL Specification Details
01 Java JDK 1.8.241
02 Hibernate 5.2.17
03 Jasper Reports 6.3.0
04 Spring Boot 2.0.5
05 Spring Core Framework 5.0.9
06 Spring JPA 2.0.10
07 Spring Security 5.0.8
08 Spring UI 5.5.0
09 MySQL 8.0.x
10 Apache Tomcat Application Server 9.0.x
11 Web Server Yet to be decided

The DinarPay Payment Gateway and Core Engine will process all requests and responses through the hardware architecture below. The below representation is for the production setup environment.

Signature Systems


A solution with the following AWS Services is proposed and implemented:

Type AWS Services
Compute EC2, Elastic Beanstalk, Elastic Load Balancing
Database RDS for MySQL
Storage S3, EBS
Management & Governance CloudWatch, CloudTrail
Security IAM, Shield, WAF, Inspector

DinarPay application is deployed with Elastic Beanstalk. The web and backend applications are running on EC2 on two private subnets behind an Elastic Load Balancer. For scalability, EC2 runs in auto-scaling groups. The RDS service with read replica, is also hosted on the same private subnet.

Route 53 service is used for DNS. WAF and Shield services are used for security.

The VPCs of DinarPay and Jibli workloads on AWS are securely connected to each other with VPC peering. The developers access a bastion host that is secured with OpenVPN.

For PCI DSS compliance, Inspector, Amazon CloudWatch, CloudTrail and AWS Config are used to monitor and audit all services. Also, for the Intrusion Detection/Intrusion Prevention System (IDS/IPS) and File Integrity Monitoring (FIM) requirements, Trend Micro Cloud One Workload Security is preferred. Cloud One is a SaaS product managed by Trend Micro, and it has many security features including IDS/IPS, FIM, Anti-Malware, Web Reputation and Application Control.

Use of Third-Party applications

TrendMicro is used for cloud security in addition to AWS security services. And OpenVPN is used for the Client VPN Solution.

AWS Services Used as Part of the Solution

The following AWS Services are used in the solution: EC2, Elastic Beanstalk, VPC, Elastic Load Balancing, RDS MySQL, S3, EBS, CloudWatch, CloudTrail, IAM, Shield, WAF, IAM, Route53, AWS WAF, Inspector, ACM.

Architecture Diagram of the Specific Customer Deployment

Signature - DinarPay - DCX - Architecture Diagram

Outcomes and Benefits

The designed architecture is deployed to AWS and PCI DSS compliance is audited by a third party company.

In a secure, scalable, and highly available environment, DinarPay runs on AWS in the eu-central-1 (Frankfurt) region across multiple availability zones. An independent third-party audits and approves its PSI DSS compliance.

Continually providing proactive and reactive support for the DinarPay production workload, Commencis continues to provide managed services to DinarPay.

Let’s start your cloud journey
Get in Touch