ENGINEERING A FINTECH PAYMENT API WITH GOOGLE GEMINI

From Idempotency to AI-Powered Fraud Detection – A Hands-On Workshop

EVENT DESCRIPTION & OVERVIEW

Are you a backend developer or API enthusiast curious about what it really takes to

build software that moves money?

Join us for a technical, hands-on workshop where we move beyond simple CRUD

APIs and into the rigorous world of financial technology.

This session bridges the gap between theory and practice. We'll start with the

fundamentals that make fintech APIs unique—idempotency, audit trails, and

compliance—and then take it a step further by integrating Google Gemini to

simulate an AI-powered fraud detection layer.

You'll see how concepts from real-world systems directly apply to your own

projects. This isn’t just about writing code; it’s about engineering for security,

reliability, and intelligence in a high-stakes environment. We’ll dissect a live

payment API, explore its architecture, and enhance it with cutting-edge AI.

KEY TAKEAWAYS — WHAT YOU’LL LEARN

By the end of this workshop, you will be able to:

-> Differentiate between a standard web API and a fintech API, focusing on the

risk envelope.

-> Implement core fintech patterns:

• Idempotency (to prevent double charges)

• Ledger consistency

• Tamper-evident audit logs

-> Architect an API flow that gates money movement behind compliance

(KYC/AML) and fraud checks.

-> Integrate and prompt Google Gemini to analyze transaction patterns and

flag potential fraud in real time.

-> Connect the dots from a real-world use case to a teachable, hands-on project.

WORKSHOP AGENDA & FLOW

PART 1: THE FOUNDATIONS — WHY FINTECH IS DIFFERENT (30 MINS)

The Core Idea:

Why POST /orders are not the same as POST /v1/payments. We’ll frame the session

around product engineering vs. security/regulatory engineering.

Architecture Deep Dive:

Exploring the demo project’s architecture, focusing on the critical gates:

• Idempotency

• Compliance (KYC/AML)

• Ledger

• Audit

Code Walkthrough:

Tracing a payment request through the provided Node.js codebase:

from Route → Controller → Model → Validation—to see these concepts in action.

PART 2: HANDS-ON API EXPLORATION (30 MINS):

Setup

• Clone the repository

• Configure the environment

• Run the local payment API

The Idempotency Exercise

• Make payment requests with and without an Idempotency-Key

• Observe how the API guarantees exactly once execution

Observing the Audit Trail

• Inspect the in-memory store

• See how ledger entries and a hash-linked audit chain are created for every

transaction

PART 3: LEVEL UP — ADDING AI-POWERED FRAUD DETECTION WITH GOOGLE GEMINI (30

MINS)

The Concept

• Moving beyond simple rule-based fraud (like velocity checks)

• Introducing intelligent, pattern-based detection

Live Integration

• Extend the API controller to call the Google Gemini API

Prompt Engineering for Fraud

• Send transaction details (amount, customer history, location data)

• Request a risk score and reasoning

Gating the Payment

• Modify the payment flow to block or flag transactions based on Gemini’s risk

assessment before committing to the ledger

WHO SHOULD ATTEND?

• Computer Science students (Year 1–3) with a basic understanding of REST,

HTTP methods, and JSON.

• Backend developers looking to understand API design for high-reliability

systems.

• Tech enthusiasts curious about how AI integrates with modern financial

infrastructure.

PREREQUISITES:

• Basic knowledge of Node.js and API fundamentals (GET/POST)

• A laptop with:

o Node.js installed

o A code editor (e.g., Visual Studio Code)

o Git installed

• A Google Cloud project with the Gemini API enabled (or a willingness to

follow along). A template API key structure will be provided.

SPEAKER INFORMATION:

Kamran Khalid - Senior Backend Architect and Technical Leader

Kamran is a Senior Software Architect who builds backend systems for reliability,

security, and compliance across fintech and platform ecosystems. His experience

includes leading projects for the UCI Esports and Innovate UK Grant Platform, as

well as Fintech AI at Verofy. He specialises in architecting compliant, scalable APIs

and security-critical data flows using Node.js, Laravel, and event-driven systems.

https://www.linkedin.com/in/kamran-khalid-4310973a/

https://github.com/kamrankhalid786

https://medium.com/@kamrankhalid06

Workshop Materials: You will be using the Student Demo Repository during the live coding session

Workshop Link: https://www.kamrankhalid.co.uk/fintech-api-workshop.html

Snacks will be provided 🍕

RSVP & Attendance: You must RSVP to this event on the GDG community page in order to attend. This is essential for us to confirm your attendance for certification and to track your arrival at the workshop. Please contact us if you experience any issues with the RSVP process.

Certification: Participants who attend both this session and the second workshop in the series will be awarded a Certificate of Completion signed by Kamran Khalid and GDG Manchester - a fantastic addition to your LinkedIn profile and CV.

ONLY PEOPLE WHO RSVP AND ARE CHECKED IN AT THE EVENT IN PERSON WILL RECIEVE CERTIFICATES FOR THE WORKSHOP!

And yes - snacks will be provided, so come hungry and ready to build!

Location Details: Humanities Bridgeford Street Building, Room G.32

Location Link: https://www.estates.manchester.ac.uk/services/centralteachingspaces/ourservices/roomcatalogue/?building=15&room=73