Billin is a SaaS invoicing and accounting platform used by tens of thousands of freelancers and small businesses across Spain. When your business depends on issuing invoices on time, reconciling quarterly taxes, and keeping books up to date, the infrastructure supporting that service cannot fail. Not for a single second.
That was the context when Billin approached NERVICO. Their platform worked, but the infrastructure underneath was showing signs of strain. Response times were climbing, maintenance windows were frustrating users, and the architecture made it difficult to reach the security standards the fintech sector demands.
The Challenge
A Platform That Could Not Stop
Billin is not a productivity app you can restart on a Sunday night. It is the tool thousands of businesses use to generate invoices, calculate taxes, and file accounting reports. Every minute of downtime has a direct impact on their users’ daily operations.
The original infrastructure had been built with reasonable decisions for the time, but growth in the user base was exposing limitations:
- Increasing response times: As data volume grew, API queries slowed down. Operations that once took 200ms were starting to exceed 500ms during peak hours.
- Mandatory maintenance windows: Every significant update required scheduling a downtime period, usually in the early hours of the morning. While planned, this created uncertainty and frustration among users.
- Adequate but insufficient security for fintech: The existing security covered the basics, but Billin needed to advance toward stricter standards. The financial data of thousands of businesses requires a level of protection that goes beyond conventional encryption.
- Manual and costly scaling: The infrastructure did not adapt automatically to demand spikes. During high-activity periods, such as quarterly VAT closings, the team had to intervene manually to increase capacity.
The challenge was clear: modernize the entire infrastructure without interrupting service for a single moment.
The Solution
Zero-Downtime Migration with Blue-Green Deployments
The guiding principle of the project was simple: Billin users should not notice a thing. Not a single failed request, no 503 errors, no “we are under maintenance” pages. The blue-green deployment strategy made this possible.
The blue-green approach works by maintaining two identical environments in parallel. While the “blue” environment continues serving real traffic, the “green” environment is configured and tested with the new infrastructure. Once validated, traffic switches to the new environment instantly. If anything goes wrong, rollback is equally immediate.
Containerization with ECS Fargate
We migrated the application to a container-based architecture using Amazon ECS with Fargate. This decision eliminated the need to manage servers directly and delivered several advantages:
- Automatic scaling: Containers spin up and down based on actual demand, not manual estimates.
- Fault isolation: A problem in one component does not bring down the rest of the system.
- Consistent deployments: The same container that passes tests in staging is the one that runs in production. No surprises.
Database Optimization
The database was one of the primary bottlenecks. We migrated to Amazon Aurora PostgreSQL, which offers significantly better performance than standard PostgreSQL on RDS, with dedicated read replicas for reporting queries.
This separation was key: transactional operations (creating invoices, recording payments) no longer competed for resources with analytical queries (quarterly reports, billing dashboards). The result was a dramatic reduction in response times during peak usage.
Financial-Grade Security
For financial data, security is not a layer you add at the end. It is an architectural decision that affects every component. We implemented:
- Encryption at rest with AWS KMS: All stored data, including backups, is encrypted with KMS-managed keys.
- Encryption in transit with TLS 1.3: All communications, both internal and external, use the latest version of the TLS protocol.
- WAF (Web Application Firewall): Protection against common attacks such as SQL injection, XSS, and application-level DDoS.
- Network isolation with VPC: Each component lives in its own subnet with strict access rules. The database, for example, is not accessible from the internet under any circumstances.
These controls, combined with role-based access policies (IAM) and detailed activity logging (CloudTrail), left the infrastructure ready for a SOC 2 compliance audit.
Monitoring and Disaster Recovery
We configured a comprehensive monitoring system with Amazon CloudWatch that includes:
- Custom dashboards with business metrics: response times per endpoint, error rates, CPU and memory usage per service.
- Automated alerts that notify the team before a problem impacts users.
- Backup and recovery plan: Automatic backups every hour with restoration capability in minutes, not hours.
- CI/CD pipeline enabling zero-downtime deployments on an ongoing basis, eliminating the need for future maintenance windows.
Results
The migration was completed without a single second of downtime. The numbers speak for themselves:
| Metric | Before | After |
|---|---|---|
| Downtime during migration | N/A | 0 seconds |
| Average API response time | ~500ms at peak | ~200ms at peak (-60%) |
| Monthly infrastructure costs | Baseline | -35% from baseline |
| Deployment frequency | Weekly (with downtime) | Daily (zero downtime) |
| Mean time to recovery (MTTR) | Hours | Minutes |
| SOC 2 readiness | Partial | Controls implemented |
The 35% cost savings may seem counterintuitive when upgrading infrastructure, but the explanation is straightforward: containers with auto-scaling consume only the resources needed at any given moment, compared to the permanent over-provisioning the previous architecture required.
Lessons Learned
Blue-Green Deployments Are Non-Negotiable for SaaS
Any SaaS platform handling critical business data needs the ability to deploy without downtime and roll back instantly. This is not a technical luxury. It is a basic requirement for professional operations.
Security and Performance Go Hand in Hand
There is a common perception that adding security layers penalizes performance. In this case, the opposite happened: the restructuring that security demanded (component isolation, separation of responsibilities, managed encryption) resulted in a cleaner and faster architecture.
Financial Data Requires Defense in Depth
A perimeter firewall is not enough. Financial data security requires protection at every layer: network, application, storage, and access. If an attacker bypasses one barrier, the next one must stop them. This defense-in-depth approach is what separates real security from superficial security.
If your SaaS platform faces similar challenges with scalability, security, or infrastructure modernization, we can help you evaluate options and define an action plan. Request a free audit or read our AWS architecture guide for startups to understand the key decisions involved.