Digital Wallet and App Ecosystem for Coinstar – a $2.2B Global Fintech Firm

Functionality Overview

The solution includes web, mobile, and kiosk-embedded applications with consistent functionality across platforms. These are supported by a cloud-based backend API server and a separate administrative web interface.

The client-facing applications allow users to register and complete KYC (Know Your Customer) verification to create an account. Once registered, users can access their crypto wallet and perform core operations such as:

• Creating and managing multiple wallets

• Buying and selling cryptocurrencies and digital assets

• Viewing account balances and transaction history

• Linking traditional bank accounts via Plaid

• Depositing and withdrawing both cryptocurrency and fiat
  

• Locating nearby kiosks through an integrated kiosk locator

KYC verification is handled through ZeroHash, which requires users to submit identity documents and a selfie. The system performs biometric matching and checks against regulatory databases including OFAC and FinCEN.

Admin Subsystem

The administrative web interface is used by support and compliance teams to monitor and manage user accounts, wallets, and verification workflows.

Key features include:

• Viewing user profiles and account details

• Tracking user status and activity

• Monitoring KYC status and reviewing rejection reasons

• Searching and filtering users by multiple criteria (status, date, country, verification level)

• Accessing transaction history and wallet balances

• Locking or suspending accounts in case of compliance issues

• Manually overriding or resubmitting KYC and account operations

• Viewing audit logs and support actions

• Managing permissions with role-based access controls

Project Challenges

Cryptocurrency platform (ZeroHash) integration – The integration was carried out while ZeroHash was actively updating its systems in parallel, based on Coinstar-specific requirements. Itexus worked with evolving APIs and incomplete documentation, which introduced temporary blockers and extended the MVP timeline from three to four months. These issues were addressed through extensive communication and collaboration between the Itexus and ZeroHash teams, along with task reprioritization to avoid idle time once blockers were identified.

Cloud infrastructure and DevOps alignment – The project required significant updates to Coinstar’s cloud infrastructure to support new components and meet strict security requirements for online payments and crypto operations. Itexus provided technical consulting and support to the client’s DevOps team, helping design and validate a new secure cloud environment. Due to the sensitivity of the infrastructure and internal approval procedures, the setup process required extensive coordination and communication.

Aggressive deadline – The initial version of the system had to go live within four months to meet business priorities. To achieve this, Itexus quickly assembled a large team and applied creative planning to parallelize work as much as possible without compromising quality.

Security and compliance requirements – Given the platform’s handling of financial transactions and PII, strict security controls were essential. The architecture implemented by Itexus followed best practices, including PCI DSS compliance, data encryption at rest and in transit, separation of PII in the database, and token-based authentication via Auth0. Infrastructure was deployed within an Azure Virtual Network with private subnets, access controls via NSGs and Azure Firewall, and encryption key management through Azure Key Vault. Security was validated through third-party penetration testing, confirming the integrity of both infrastructure and application layers.

Third-party Integrations

The system integrates with several external services to support core functionality and regulatory compliance:

• Iterable – Sends transactional emails and push notifications related to account activity and system events.

• ZeroHash – Handles KYC/AML verification, crypto custody, and transaction processing.

• Plaid – Enables linking user bank accounts for fiat deposits and withdrawals.

• Auth0 – Provides authentication, authorization, multi-factor authentication, and role-based access control.

• Twilio – Sends SMS messages for account verification and two-factor authentication.

• Google Maps API – Powers kiosk locator and provides directions to nearby kiosks.

Architecture Overview

The system consists of native mobile applications (iOS and Android), a web client, an admin panel, and a cloud-based backend API server hosted on Microsoft Azure.

The mobile apps are built with native technologies — Swift for iOS and Kotlin for Android — and communicate with the backend through secure REST APIs.

The web client and admin panel are implemented as React-based single-page applications (SPAs), both using a shared API layer to access backend services.

The backend follows a microservices architecture built with .NET 8, deployed on a private Azure Kubernetes Service (AKS) cluster.

The system uses Azure SQL for data storage, with encryption at rest and in transit, and is configured for high availability via geo-replication and automated failover.

Security is ensured through PCI DSS-compliant practices, including role-based access control (RBAC), identity management via Azure AD B2C, encrypted communication, and integrations with ZeroHash (for KYC and compliance) and Auth0 (for authentication).

Scalability is supported by infrastructure-level autoscaling (e.g., AKS and Event API services) and a modular service design.

High performance is achieved through asynchronous task processing using Hangfire, database indexing and connection pooling, message batching for outbound data, and distributed workloads across independently deployed microservices.

Development Process (or Project Approach)

The system was developed using an Agile Scrum process with two-week sprints, each followed by live demos, feedback sessions, and retrospectives. A defining characteristic of the project was that each development phase operated under a fixed budget and strict timeline.

The Itexus team of business analysts and solution architects worked closely with Coinstar’s product managers to break down high-level requirements into actionable sprint scopes—ensuring that each iteration stayed on track while delivering a feature-rich product for end users.

Throughout the process, Itexus maintained full transparency, reporting estimates, working hours, and identified risks, while actively advising on prioritization, scope adjustments, and cost-saving opportunities to help accelerate delivery and stay within the project’s strict budget and timeline.

Results & future plans

The first version of the system was delivered and launched within four months of the project start. Just two months after launch, over 6,500 users had downloaded the mobile app and used it to purchase cryptocurrency and make payments.

Itexus continues to develop and expand the platform, delivering regular updates in line with Coinstar’s product roadmap.