11 state portals. One alert when it changes.
A production-grade SaaS platform that continuously scrapes 11 Indian government property registries, diffs ownership records, and fires multi-channel alerts the moment a title change is detected — before the owner knows it happened.
The problem
Property fraud in India is a documented, large-scale problem. Fraudsters forge documents, bribe registration officials, or exploit NRI owners who can't physically monitor their assets — and change property records in government registries before the real owner has any idea. By the time they find out, the property may have been sold multiple times.
Indian state governments do publish property records online — Karnataka Bhoomi, Kaveri IGRS, Telangana Dharani, UP Bhulekh, and eight others. But they don't send alerts. They don't notify the registered owner. The records change silently.
The brief was to build the monitoring layer that's conspicuously absent from India's property ecosystem — continuous surveillance with immediate alerting, at a price point accessible to individual homeowners, not just corporates.
What we built
The core is a Playwright-based scraping engine that handles the dynamic, JavaScript-heavy interfaces of Indian government property portals. Each state portal has its own data structure, session handling, and CAPTCHA patterns — the scraper is built per-portal with a shared abstraction layer. A snapshot-and-diff engine compares consecutive scrapes and flags ownership, title, or encumbrance changes with field-level granularity.
Monitoring jobs run through BullMQ queues — scraping is entirely decoupled from the API, so no scraping happens in request handlers. BullMQ handles retry logic, dead-letter queuing, and job prioritisation based on subscription tier. The polling interval scales with plan: daily (Free), 30 minutes (Basic), 15 minutes (Pro), under 5 minutes (Investor).
Alert delivery is multi-channel: email via Nodemailer, SMS + WhatsApp + voice calls via Twilio, and in-app push. For Investor-tier users who own 100+ properties, a REST API endpoint lets them pipe alerts into their own systems.
Property documents and title deeds are stored encrypted in AWS S3 (AES-256) as a Document Vault. Full audit trail with timeline events — every ownership change, every scrape, every alert sent — is preserved for legal evidence if needed.
States covered
Scale and security
The architecture is designed for 50,000+ users: PostgreSQL 16 on Multi-AZ RDS with read replicas, Redis 7 on ElastiCache, and the API deployed to AWS ECS/Fargate with auto-scaling. GitHub Actions deploys to ECS on every push to main. One Docker Compose file runs the full stack locally.
Security: JWT with 15-minute access tokens and 30-day refresh tokens, Google OAuth2, OTP via Twilio, RBAC, audit logs on every sensitive action, CSRF protection, Helmet headers, and rate limiting per-user per-endpoint. Swagger API docs at /api/docs.