Menu

Mika Koivisto Hands-On Solution Architect | AI-Native Lead Developer | Payments & Open Banking

Download

Professional Summary

Lead Developer and Hands-On Solution Architect with 25+ years in software development, specializing in payments and banking systems for the past 9 years. Architecting and delivering mission-critical regulatory APIs, real-time payment systems, and secure banking services in hybrid cloud environments. Proven track record from PSD2 compliance to production operations, combining deep technical expertise in Java/Vert.x, API security (OpenID Connect, OAuth 2.0, FAPI, eIDAS), and an AI-native development workflow.

Technical Skills

  • Architecture: Microservices, Event-Driven Architecture, REST, SOA, Serverless
  • Programming languages: Java, JavaScript/Node.js
  • Frameworks:Vert.x, Spring Boot, OSGi 
  • AI & Development Tool: laude Code, GitHub Copilot, Cursor, Codex, IntelliJ IDEA
  • API Security: OpenID Connect, OAuth 2.0, FAPI, JWT, SAML, mTLS, eIDAS, PKI
  • API Management: Apigee, AWS API Gateway
  • Cloud: AWS, Docker
  • Messaging:  Apache Kafka, RabbitMQ (MQTT)
  • Databases: PostgreSQL, MySQL/MariaDB, DynamoDB, DB2, Oracle
  • Observability: Dynatrace, Grafana, Prometheus, OpenTelemetry, DataDog
  • Test automation: RestAssured, TestContainers, Junit, Cucumber, JMeter, WireMock, SonarQube
  • Agile Practices: Scrum, Kanban, XP, TDD, CI/CD
  • Home automation: Home Assistant, InfluxDB

Work Experience

  • 2017 - Present

    Koivisto Consulting

    Worldwide
    Principal Engineer

    Client Engagements:

    Large Financial Services Group in Finland
    Helsinki, Finland Apr 2017 – Present

    Lead Developer and Architect in one of the largest financial group’s retail banking, in a team responsible for designing, building, and operating four distinct product areas: regulatory APIs (PSD2 Open Banking, government compliance), P2P mobile payment service and merchant API, and digital onboarding backend.

    • Architected PSD2-compliant Open Banking APIs (payment initiation, account information, funds confirmation) now processing millions of payments monthly as a significant channel alongside the bank’s own apps, making it the first Nordic bank to receive an exemption from the PSD2 fallback channel requirement.
    • Consolidated three separate Strong Customer Authentication solutions (web, mobile, sandbox) into a single unified solution. Enabled app-to-app SCA and dynamic linking in mobile via universal links.
    • Re-engineered APIs from a mixed technology stack to unified Vert.x architecture. Co-created a shared internal toolkit combining JAX-RS, Vert.x OpenAPI Router, and resilience patterns into reusable components adopted across team projects.
    • Maintained and operated the PSD2 production environment as a two-person team with continuous delivery.
    • Drove engineering excellence through zero bug tolerance and disciplined DevOps practices, achieving the organization’s first 100% CALMS maturity coverage.
    • Co-authored the organization’s first JWT-based security token for internal API usage, providing a stateless alternative to SAML 2.0 and session-based systems.
    • Adopted an AI-native development workflow using GitHub Copilot’s agentic coding with sub-agents for iterative planning and delegated implementation.
    • Represented the organization in Open Banking Europe technical and functional working groups, contributing to the definition of the OBE directory service.

    Technologies used: Java 17+, Vert.x, Docker, hybrid cloud with AWS, PostgreSQL, Apigee, REST, OpenAPI, JWT, OAuth 2.0 with Financial API (FAPI), OpenID Connect, Dynatrace, TestContainers, RestAssured, Apache Kafka, mTLS, eIDAS certificate

    Other Engagements:

    • CA Technologies (USA): Implemented encrypted token support to Liferay SAML 2.0 provider. Worked with teams in USA and India to integrate the solution to CAs own product.
    • Mondi Group (Austria): Performed performance analysis for a Liferay platform to identify and provide a report with actionable suggestions to fix the issues.

     

  • 2009 - 2016

    Liferay

    Long-time community member and open source contributor turned employee.
     

    Core Platform Engineer Nov 2010 – Dec 2016
    Los Angeles, CA USA & Helsinki, Finland 

    • Designed and built Liferay’s SAML 2.0 Identity Provider and Service Provider, a flagship enterprise feature still in the product today.
    • Worked closely with the company founder and Chief Software Architect on key platform development.
    • Trained support engineers in technical troubleshooting (heap dump analysis, thread dumps), dramatically improving their ability to diagnose and resolve customer issues independently.

    Senior Consultant Apr 2009 – Oct 2010
    Frankfurt am Main, Germany

    • Provided architecture consulting and solution validation for Fortune Global 500 clients including Robert Bosch, Vodafone, Barclays, and IBM.
    • Developed a client-funded audit framework for the core platform with pre-built hooks for key events and objects.
    • Delivered technical training, pre-sales support, and performance tuning across European client deployments.
  • 2001 - 2009

    Logica (now CGI)

    Lead Software Architect Nov 2006 – Mar 2009
    Helsinki, Finland

    • Coordinated architects across multiple concurrent projects, combining hands-on architecture with pre-sales support and RFP evaluation.
    • Architected message-driven SOA solutions using IBM Message Broker and WebServices.
    • Mentored developers and architects through regular code and architecture reviews.

    Software Architect / Software Designer Nov 2001 – Oct 2006

    • Progressed from developer to lead developer to architect across portal and CMS projects (IBM WebSphere Portal, Liferay, BEA WebLogic Portal, Fatwire CMS).
  • 1999 - 2001

    Spray Network

    Lead Developer

  • 1997 - 1998

    Western Washington University

    Web Technician [Computer assistant IV]