MyHassad – A Secure, Bilingual Gamification Platform for KFH
MyHassad 2025 was created to deliver a fast, secure, and engaging gamified experience for Kuwait Finance House (KFH). The platform combined two interactive games—Speed Tap and MathUp—with CPR-based validation, sequential chance allocation, and anti-abuse mechanisms to ensure fairness for all participants.
The project had strict timelines, evolving requirements, and enterprise-level security expectations. Despite these challenges, we delivered a polished APK, a production-ready admin portal, and a fully containerized backend deployed on AWS.
From bilingual support to tamper-resistant audit logs, MyHassad became a complete gamification ecosystem designed for large-scale events and customer engagement campaigns.
The Problem: High Engagement Goals with Strict Security & Fairness Rules
KFH wanted a simple, replayable game experience—but with strict fairness controls tied to CPR validation and chance gating rules. Players needed to enjoy the experience without exploiting the system, and administrators needed full visibility through a secure portal.
CPR validation had to control access and enforce sequential play rules.
Winners could not replay within the same promotional event.
Games had to run in exactly 30 seconds with real-time scoring.
Bilingual UI (English & Arabic) was mandatory.
Secure audit logging and tamper-proof records were required.
Admin access needed strict RBAC for SuperAdmins and Admins.
The system needed to be fun, secure, scalable—and delivered in just one week.
Our Approach: A Dual-System Architecture Built in One Week
We architected MyHassad as two interconnected systems: a Flutter mobile application (delivered as an APK) and a Next.js admin portal hosted on AWS Amplify. Both connected to a secure, containerized NestJS backend deployed on ECS Fargate.
Rapid Requirement Mapping: We used the Figma designs and evolving client feedback to build a tight 7-day delivery plan for backend, mobile, admin, and QA phases.
Game Development (Flutter): We implemented both Speed Tap and MathUp with:
30-second timers,
controlled keypad logic,
Arabic/English localization,
gesture-disabled navigation,
smoother transitions and 1s delayed results screens.
Backend Engineering (NestJS + PostgreSQL): We implemented:
CPR validation logic,
sequential chance gating (-1 → -2→ -3),
winner lockout rules,
RBAC (SuperAdmin/Admin/Player),
audit logs via CloudWatch + DB audit tables.
Admin Portal (Next.js + Tailwind): A streamlined interface to manage players, view game stats, change configs, add admins, and update passwords.
Enterprise Deployment: ECS Fargate handled container orchestration while Amplify hosted the admin. WAF, ACM, ALB, and CloudWatch ensured security and observability.
Key Features: Built for Engagement, Fairness & Operational Control
The final MyHassad delivery included a suite of tightly integrated features built around speed, fairness, and accessibility.
Two Interactive Games: Speed Tap (≥45 points) and MathUp (3-level progression in 30s).
Bilingual Support: Complete English/Arabic UI with localized numerals using _localizeNumber().
CPR-Based Sequential Chance Logic: Players must finish -1 before -2 or -3; winners are blocked from replay.
Secure Admin Dashboard: Manage players, configs, admins, and view real-time stats.
Tamper-Proof Logging: CloudWatch logs + dedicated PostgreSQL audit tables.
APK Delivery: Mobile app shipped as a side-loadable APK—ideal for events.
Horizontal Orientation + Responsive UI: Optimized even for a 65-inch LED display (simulated during QA).
AWS Hardened Deployment: WAF, ALB, TLS, encrypted secrets, and secure API headers.
The Impact: A Production-Ready Gamified Experience Delivered in One Week
Despite aggressive timelines, evolving rules, orientation changes, and late-stage revisions, the MyHassad platform was delivered successfully and received positive UAT feedback.
High engagement with players completing hundreds of sessions.
Zero abuse incidents thanks to CPR gating and winner lockout rules.
Smooth gameplay validated during UAT across both English and Arabic modes.
Stable AWS performance with low latency across the backend and admin panel.
Secure audit trail for compliance and operational visibility.
Conclusion: A Fast, Secure & Fully Localized Gamification Ecosystem
MyHassad stands as an example of how gamification, bilingual UX, strict validation rules, and enterprise-grade cloud infrastructure can come together to deliver a seamless customer engagement experience.
In just one week, we delivered a complete platform: a Flutter APK, a Next.js admin dashboard, an AWS-secured backend, and a fully localized UI—combining speed, quality, and production-level engineering.
The result is a system ready for live events, customer engagement campaigns, and future expansion with analytics dashboards and new game modes.
