1. Home
  2. Case Studies
  3. Krti
Payments  • Loyalty  • AI/ML  • Security

Enterprise Loyalty & Rewards — Built as a Secure, AI-Driven Super App

KRTI is a Middle Eastern payments company that wanted to unify loyalty, rewards, and B2B checkout into one scalable platform. Theecode delivered an enterprise-grade Super App with bank-level security, merchant aggregation, and AI-led engagement.

Loyalty LMS
Merchant Aggregation
AI Campaigns
PCI & WAF
See Measurable Impact Start a Conversation
Loyalty Ops Dashboard
Customer Snapshot
Lifetime Points
128,450
Churn Risk
Low
• Prefers fuel & grocery partners
• Likely to redeem in 7–10 days
• Next best offer: 3× points @ partner A
TRIGGER CAMPAIGN
VIEW JOURNEY
Merchant Console
Partner
FuelCo #19
Offer CTR
12.4%
Redemptions
8,132
Fraud Flags
0.3%
Recommended Actions
  • Boost fuel-weekend multiplier to ×4
  • Add QR redemption at POS
  • Enable PoP tokens for high-value claims
Partner Offers
Low Fraud
PoP Tokens
Theecode Contribution
Super App build (Flutter + Web), loyalty LMS, merchant APIs, PCI security, AI campaigns.
Challenge

Unify loyalty, payments & merchant aggregation — without sacrificing security

KRTI needed a central LMS for earning & redemption, B2B checkout across banks & POS, and AI-led campaigns — all while meeting PCI DSS and hardening the stack with WAF, tokenization, and strong auth.
  • Unified loyalty across multi-brand partners with real-time balances.
  • Wrapper APIs for banks, PSPs, and POS networks to become a B2B checkout layer.
  • AI/ML segmentation, next-best-offer, and automated campaigns.
  • Security by default: 2FA, PoP tokens, encryption in transit & at rest, AWS WAF.

Before Theecode

• Fragmented rewards
• Limited partner integrations
• Manual campaigns
• Security gaps & slow ops

After Theecode

• Unified LMS
• Bank/POS wrapper APIs
• AI-led personalization
• PCI-grade security & WAF
What We Delivered

From scattered programs to one secure, AI-first loyalty platform

Super App + Back Office
Flutter mobile with native modules; ReactJS + NodeJS ops portals for merchants and admins.
Flutter
Swift/Kotlin
React + Node
Secure Cloud & Compliance
AWS CloudFront/S3, auto-scaling, multi-region DR; encryption; PCI-ready tokenization & WAF.
AWS Infra
Encryption
WAF + DR
Auth & Identity
2FA, PoP tokens, Okta/AWS Cognito integration for customers, merchants, and providers.
2FA
PoP Tokens
Okta/Cognito
AI/ML Engagement
Spend analysis, next-best-offer, automated campaigns, chatbots & virtual assistants.
Segmentation
NBO
Chatbots
Platform Snapshot

How the KRTI loyalty & payments engine runs

Ticketech platform architecture diagram: iOS POS, scanner / printer SDK, microservices (Identity, Payments, Analytics, Bulk Close, Revenue & Ticket Dashboard), and Unified Back Office.
Partners integrate via wrapper APIs. Transactions land in a secure pipeline, are tokenized, scored for fraud & campaign eligibility, and surfaced to users and merchants in real time.
  • Bank/PSP/POS → API gateway → tokenization → rules/ML → LMS balances.
  • Real-time offer decisioning & anti-fraud checks (WAF, PoP, device trust).
  • Merchant & admin portals control partners, offers, redemptions, and DR playbooks.
Screens & Flows (Illustrative)

Enroll. Earn & Redeem. Engage — at enterprise scale.

Theecode built the Super App and the back office flows so customers, partners, and ops teams can move from enrollment to redemption to campaigns without friction.
Secure Enrollment & KYC
2FA + device trust, KYC checks, and wallet activation. Users land ready to earn and redeem.
Ticketech iOS POS session mock: open ticket, tip, close, print receipt
Earn & Redeem Across Partners
Wrapper APIs connect banks, PSPs and POS. Balances & offers update in real time.
Unified back office dashboard mock: revenue book, per-location revenue, tickets and touchpoints
AI Campaigns & Next-Best-Offer
Segmentation, NBO, and automated journeys — with WAF-guarded endpoints & PoP tokens for sensitive ops.
Fraud & Bulk Close dashboard mock: risk alerts, stale overrides, bulk close status
Impact

Higher retention, trusted partners, and resilient uptime

With AI-personalized rewards and a hardened cloud footprint, KRTI can scale loyalty without risking fraud or downtime — and show measurable lift to banks and merchants.
+30%
Retention uplift via AI campaigns
99.99%
Uptime with auto-scaling & DR
Millions
Transactions handled without downtime
PCI
Tokenization + WAF + PoP for sensitive ops
Tech Stack & Approach

Secure-by-default Super App with AI decisioning

The platform blends robust identity, compliant cloud, and practical AI — so marketing teams can move quickly without compromising security or scale.
  • Flutter + Native (Swift/Kotlin) mobile, ReactJS portals, NestJS/Node APIs
  • AWS CloudFront/S3, auto-scaling, multi-region DR, WAF hardening
  • 2FA, PoP tokens, Okta/Cognito identity & access control
  • PostgreSQL + MongoDB with Redis caching for performance
  • AI: segmentation, next-best-offer, automated journeys, chatbots
Sample Ops Snapshot
illustrative only
Active Users
1.2M
across partners
Avg Latency
<120ms
API gateway
Fraud Rate
0.25%
post-WAF/PoP
Campaign Lift
+40%
target cohorts
  • Loyalty LMS
  • Merchant APIs
  • AI Campaigns

Build your loyalty & payments platform

Start with a Dev+AI pod. Go live in days, not months.

  • Loyalty & wallet APIs
  • Merchant portals & dashboards
  • PCI‑aware cloud architecture
Book a Working Session View More Case Studies