Build a multi-channel transactional notification platform — push (APNs/FCM), email (SES/SendGrid), SMS (Twilio/Sinch). Producers (your own services or merchant integrations) POST a notification request with an Idempotency-Key; the platform fans out to the user's preferred channels under the user's preferences and quiet hours, retries on transient provider failures, dedupes end-to-end so no duplicate ever reaches the recipient, and survives a full-region failover without sending the same message twice.

This is the system that powers "your driver is arriving" SMS, "order shipped" email, "2FA code" push, and the merchant-webhook fan-out that other systems lean on. Three things define it: (1) end-to-end idempotency under at-least-once Kafka and retried HTTP, (2) per-channel bulkheading so one provider's outage doesn't cascade, and (3) active-region fencing so failover never duplicates.