8 minutes

First published: August 31, 2015

The Need

Card Not Present Merchants utilizing automated recurring billing (ARB) platforms are currently suffering from payment decline rates ranging from 10–20% of their subscription base because of a variety of factors. Many merchants have begun to use their own internal “re-try” logic when an attempted authorization fails. But CentreBack’s clients stressed the need for a more repeatable, quantifiable and strategic approach to managing payment recovery, which is a key component in managing the entire lifecycle of a customer.

The Solution

Platform Analysis

The solution was to develop an automated Payment Recovery Platform called Revenue Patrol. Revenue Patrol is designed to increase a merchant’s authorization success rate by 25%. Time and resources were tight as CentreBack was a start-up that the two founders were trying to get off the ground, after years of experience in the industry. Softjourn reviewed and determined the best architecture for the new solution. Even evaluating saleforce’s platform. In the end, the decision was made to develop a new technology-enabled service in Java, which would make it much more portable across platforms and give CentreBack greater flexibility with the application.

PCI Compliance  

One of the key requirements of CentreBack’s new platform was that Softjourn develop the code in accordance with PCI Data Security Standards for payment applications. The code would need to be evaluated, as part of the PCI certification process, for any security vulnerabilities. As well, penetration testing needed to be conducted if any vulnerabilities were found. As a result, a tight code review process was implemented by the development team. Additional a number of security features were implemented in the system including encryption configuration for credit card fields, gateway configurations, and the removal of private data from completed or hard-failed transactions.

Bread and butter 

The main part of Revenue Patrol was the sophisticated rules engine to support the complex business processes associated with exception management for payments. Based on what rules was the Revenue Patrol system going to determine when recurring payments could be resubmitted, when they would be most likely to be accepted. The rules engine had to be very flexible enabling administrators to set different rules for each merchant, for each bank that was being used for authorization and so on. 


  • System: Unix/Linux PostgreSQL Apache Tomcat Sun Java DK
  • Frameworks: Spring Framework Spring WebMVC Spring Security (formerly Acegi Security) Hibernate ORM Jasypt + Bouncy Castle security provider
  • Libraries: jFreeChart + ceWolf Java Mail Jasper

The Benefits

  • The key goal was to improve the merchant authorization success rate by 25%.
  • Scalable solution.
  • A start-up is launched with a unique solution. One day, two guys in a room, the next day a new start-up is born.
  • Key technical support during the PCI DSS certification process.

I felt like Softjourn offered a much more professional approach, distance never became an issue, and the team really understood the goals of our project. There was a lot more collaboration rather than a one-way push saying this is what you need to do.  Mike Bradley, Co-founder & CEO at CyberSource