CURRYS
5M users, 99.99% delivery, PCI DSS, zero breaches
Built the e-commerce microservices backend behind 5M+ monthly users, PCI DSS compliant, zero breaches.
Problem
A high-traffic retail platform needed a backend that could carry 5M+ monthly active users, deliver notifications reliably at that volume, and handle PII and payment data to a standard that would survive audit, all without breaches.
Approach
I built and maintained the microservices backend on PHP 8, Symfony, and RabbitMQ, and designed a dedicated Notification Center on the same messaging backbone. I led the security work for PII and payment data toward full PCI DSS compliance, and applied domain-driven design to keep complexity down as the surface area grew.
Result
The platform reliably served 5M+ monthly active users with 99.99% notification delivery, achieved full PCI DSS compliance, and recorded zero security breaches across the contract. DDD kept feature velocity high and post-release bugs low.
Reliability at retail scale is a security story as much as a throughput story. The Notification Center had to guarantee delivery while the platform handled payment data to audit standard. 99.99% and zero breaches is the kind of pair that only holds when the architecture is deliberate about both.