Case study · Loyalty
A loyalty program that obeys the rules
Published 2026-05-26
A wellness supplement brand outgrew its packaged loyalty platform. The rules didn't fit anymore. Points had to apply on subscription orders without breaking the subscription discount. Referrals had to be fraud-checked. The card had to live in Apple Wallet, not buried in an email.
Customer 4082 · point ledger
365-day FIFO
2026-05-02
Subscription order auto-creditorder #14092 · webhook orders/paid
+120
2026-05-04
Referral verifieddevice + address check passed
+250
2026-05-10
Redeemed at checkoutapplied via Shopify Function
−500
2026-05-22
Subscription auto-creditorder #14638 · subscription discount preserved
+120
2026-05-25
Expiration of 2025-05-25 credit365-day FIFO
−85
Every credit and debit is queryable. Finance can pull point liability and reconcile against orders on any day.
Why a custom build instead of Smile, LoyaltyLion, Yotpo or Rivo
The SaaS loyalty apps cover standard programs well. Points on order, redemption at checkout, tier-up after a threshold. Most stores never outgrow them.
The rules diverge when a subscription program meets a referral program meets a tier system meets an accountant. Points have to apply on subscription orders without breaking the subscription discount. Referrals have to catch self-referrals and address matches before the credit posts. The CFO wants a queryable ledger, not a CSV export.
SaaS loyalty either says no or forces a workaround. A custom build models the actual rules.
What gets built
- Native Shopify Functions for discount and point logic at checkout. Replaces the deprecated Scripts API.
- 11 UI extensions across Shopify checkout and the customer-account pages — redeem flows, tier displays, point history.
- A Postgres-backed point ledger. Every credit and debit auditable. Finance can pull liability on any day.
- Webhook deduplication. Concurrent events don't double-credit. Idempotent on every retry.
- An Apple Wallet loyalty card. Live point balance, tier badge. Updates on every point or tier change. Push notification on tier-up.
Rules the apps couldn't model
Subscription auto-redeem
Points apply on subscription orders without breaking the subscription discount. Shopify Functions handles both stacks at checkout.
FIFO point expiration
365-day expiration with refund and reorder edge cases handled. Returns reverse the original credit, not the most recent one.
Fraud-checked referrals
Self-referrals, address matches, device signals. The credit doesn't post until the check passes.
Apple Wallet loyalty card
Live balance, tier badge, push notification on tier-up. Updates from the same webhook stream as the ledger.
The receipts
Wellness supplement brand, in production
- 11
- Shopify extensions across checkout and customer-account pages.
- 546
- commits with idempotent webhook handling over the build.
- 365
- day FIFO point expiration with refund and reorder edge cases.
- 0
- double-credits since deduplication landed — every webhook processed exactly once.
- 1
- Postgres ledger holding the full point history. Finance queries it directly.
What an engagement looks like
A custom loyalty build runs 6 to 10 weeks. The first two weeks are the rules — every edge case written down before any code runs. The point ledger is the spine of the system; everything else is read-side.
Existing customers migrate with their accrued balances intact. The old SaaS provider goes read-only during the cutover so finance can reconcile both ledgers for a full month before the old one is decommissioned.
Loyalty rules the apps can't handle?
Email Tom with what the current platform won't do, plus a rough sense of the program (points per dollar, tier structure, referral mechanics).
Email Tom →