MaaS
Secure real-time messaging backend as a service (Messaging-as-a-Service) with GDPR-by-design data handling.
Problem
Product teams often need real-time messaging—chat, member communication, support channels, community features—but building it in-house adds heavy complexity. Concurrency, security, data boundaries, scaling, reliability, and ongoing maintenance create significant engineering overhead.
Many apps end up with brittle messaging implementations that become a risk once user volume grows, especially when any user data may be considered sensitive. Handling PII correctly across tenants, maintaining uptime under load, and staying compliant with regulations like GDPR requires dedicated focus that most product teams can't afford.
Solution
MaaS is a drop-in backend messaging service with a client SDK. Platforms integrate once and get real-time messaging without building or maintaining the infrastructure themselves.
Real-time messaging: Managed backend handles message delivery, presence, typing indicators, and read receipts.
Secure multi-tenant isolation: Each client's data is logically separated with strict access controls. No cross-tenant data leakage by design.
Client SDK: Handles message enrichment and keeps sensitive logic off consumer apps. Clients integrate via simple API calls.
GDPR-compliant by architecture: PII boundaries and least-privilege access patterns are built into the data model, not bolted on.
MaaS is in production use by multiple clients, including TopShape Gym (10,000+ members).
System & Architecture
Backend: Elixir with Phoenix Channels. Elixir's actor model provides natural concurrency isolation; Phoenix Channels handle WebSocket connections with minimal latency.
Database: PostgreSQL for persistent storage. Schema designed around tenant isolation with row-level constraints.
Infrastructure: AWS ECS for containerized services, Lambda for background tasks (message archival, notifications), SNS for eventing and push notification delivery.
Multi-tenant model: Logical tenant isolation at the application layer. Each tenant operates in a sandboxed context with no shared state.
Operational reliability: Structured logging, metrics dashboards, alerting on connection anomalies. Automatic retries with exponential backoff for transient failures.
Key Technical Decisions
Real-time Architecture
Phoenix Channels were chosen for their low latency, built-in presence tracking, and ability to handle thousands of concurrent connections per node. The Elixir runtime's supervision trees provide fault tolerance— if a single connection crashes, it doesn't affect others.
Multi-tenant Security & GDPR-by-Design
Data boundaries are enforced at the query layer. Every database query includes tenant context; there's no way to accidentally fetch another tenant's data. PII fields are identified in the schema and have restricted access patterns. Deletion requests propagate through all related tables automatically.
Operations & Scalability
ECS provides horizontal scaling for the real-time service. Lambda handles bursty background work without provisioning dedicated capacity. SNS decouples notification delivery from the critical message path, ensuring real-time performance isn't blocked by slow downstream systems.
Outcome & Current State
MaaS is in production with multiple clients. It powers messaging for platforms with 10,000+ active members, including TopShape Gym.
Client teams report reduced engineering burden—they focus on their product, not messaging infrastructure. Security and GDPR compliance are handled by default, not as afterthoughts.