All articles

How to Build an Online Auction Platform [2025 Technical Guide]

A technical guide to building an online auction platform — covering auction formats, real-time bidding architecture, WebSocket infrastructure, payments, KYC, and the key decisions that determine whether your platform scales.

15 July 2025
Cyberbeak Team
How to Build an Online Auction Platform [2025 Technical Guide]

Auction platforms sit in a rare category of software where getting the technical fundamentals wrong doesn't just produce a bad user experience — it directly costs money, erodes trust, and in regulated sectors, creates legal liability. A bid that registers a second too late. A race condition that lets two buyers win the same lot. A timer that runs faster on one device than another. A payment that authorises but never captures. These aren't edge cases. They're the things that happen when you build an auction platform the same way you'd build a standard e-commerce site.

We've built auction and marketplace platforms across art, antiques, industrial equipment, livestock, vehicles, and commercial property. The common thread across all of those sectors is that the technology is genuinely hard — not because it requires exotic engineering, but because it demands a level of precision, consistency, and real-time coordination that most web applications simply don't.

This guide covers the full technical picture: the architecture decisions, the infrastructure choices, the features you need, and the mistakes we see repeatedly from teams who underestimate the problem. If you're evaluating whether to build, buy, or partner to bring an auction platform to market in 2025, this is the most technically honest breakdown we can give you.


Types of Auction Formats

The first decision that shapes every downstream technical requirement is: what kind of auction are you actually running? This is not a product decision that happens after you've built the platform. It's a foundational constraint that determines your data model, your real-time requirements, your timer behaviour, and your bidding engine logic.

English Ascending Auction

The most familiar format. A lot opens at a starting price, bidders compete by placing increasingly higher bids, and the highest bid at close wins. This is the format used by Sotheby's, Christie's, eBay (in its original form), and most livestock and vehicle auctions.

From a technical standpoint, this format is deceptively demanding. Every bid must be validated against the current highest bid in real time, which means you cannot tolerate stale reads. Two bidders can submit bids within milliseconds of each other — your system must resolve which arrived first, apply it atomically, and immediately propagate the new state to all connected clients. At scale (hundreds of simultaneous lots, thousands of connected bidders), the throughput and consistency requirements become serious engineering problems.

Dutch Descending Auction

The price starts high and decreases at a defined rate until a bidder accepts it — at which point the auction closes immediately. Used in flower markets, fish markets, and some commercial property liquidation platforms.

The technical profile here is different. You don't need to handle concurrent bid competition in the same way, but you do need highly accurate, server-authoritative price calculation at every tick interval. The timer is not cosmetic — it directly determines the transaction price. Client drift of even a few hundred milliseconds can produce disputes over what the accepted price actually was. Server-side price calculation with a signed timestamp on every acceptance event is mandatory.

Sealed-Bid (First-Price and Second-Price)

All bidders submit their maximum bid without seeing others' bids. In first-price sealed-bid, the highest bidder pays what they bid. In second-price (Vickrey), they pay the second-highest amount. Used in government procurement, commercial property tenders, and some specialist collector markets.

The technical requirements here are different again — less real-time complexity, but considerably more sensitivity around bid confidentiality and reveal integrity. Bids must be stored encrypted or at minimum inaccessible to all parties (including your own operations team in some regulatory contexts) until the reveal window. The audit trail for sealed-bid auctions is frequently scrutinised, so cryptographic commitment schemes or at minimum immutable event logging is not optional.

Reserve Price Auctions

Not a standalone format, but a modifier applied to any of the above. A lot has a hidden minimum price (the reserve). If bidding does not reach that threshold, the seller is not obligated to sell. If it does, the auction is said to be "on the market."

This adds state to your lot model — each lot needs to track whether the reserve has been met, and that state must be communicated to bidders without revealing the reserve figure itself. Your bidding engine needs to evaluate reserve conditions on every bid and trigger notifications ("the reserve has been met") accordingly.

Timed Online vs Live/Simulcast

Timed online auctions run asynchronously — lots are open for a defined window (hours, days) and bidders participate at any time. Live auctions are synchronous — a human auctioneer controls pace, and bidders in a room and online compete simultaneously. Simulcast combines both: a live auctioneer runs the room while an online platform feeds external bids in real time.

Timed auctions are significantly easier to build. The real-time requirements are modest — you need reliable WebSocket updates, but the pace is slow enough that eventual consistency across a few hundred milliseconds is acceptable.

Simulcast is one of the hardest problems in auction software. You're bridging a physical room operating at human conversational speed with an online platform operating at network speed, while maintaining bid parity, managing the auctioneer's ability to accept or reject bids, and ensuring that latency on the online side doesn't disadvantage bidders relative to the room. If your client intends to run simulcast from day one, the architecture must be designed for it — retrofitting is painful.


Core Technical Components of an Auction Platform

Real-Time Bidding Engine

The bidding engine is the heart of the system. It receives bid submissions, validates them, applies them, and broadcasts state changes. Every other component depends on its correctness and performance.

WebSocket vs Long-Polling vs Server-Sent Events

The choice of real-time transport has significant implications:

  • WebSockets (via Socket.io or native ws) provide full-duplex, persistent connections. Bidders send bids and receive updates over the same connection. This is the right choice for live and simulcast auctions where the platform needs to push updates at high frequency and receive bid submissions in real time. The connection management overhead (reconnection logic, heartbeats, room/channel management) is non-trivial but well-understood.
  • Server-Sent Events (SSE) are one-directional — the server pushes updates to the client, but submissions go over separate HTTP requests. This works well for timed auctions where the interaction pattern is mostly "watch updates, occasionally submit a bid." SSE is simpler to implement and scales better behind HTTP/2 load balancers, but loses the elegance of a single connection for truly interactive experiences.
  • Long-polling is a legacy pattern that should be avoided for new auction platforms. It creates unnecessary server load, introduces latency, and complicates state management.

Our default recommendation for auction platforms is WebSocket with Socket.io for rooms (lots), combined with a Redis pub/sub layer so that bid events can be broadcast across multiple server instances without requiring sticky sessions.

Bidding Engine Architecture

The bidding engine should be stateless at the application layer. All authoritative state — current highest bid, bid increment table, lot status, reserve status — lives in a data store that all instances can read consistently. The flow on every bid submission:

  1. Receive bid from authenticated client
  2. Validate authentication and active lot status
  3. Acquire atomic lock on the lot (see race condition handling below)
  4. Read current highest bid from authoritative store
  5. Validate bid amount against minimum increment
  6. Validate bidder eligibility (not current highest bidder, not suspended)
  7. Write new bid record to the database
  8. Update lot state in cache
  9. Release lock
  10. Publish bid event to pub/sub channel
  11. All connected instances receive event and push update to their connected clients

This flow, executed correctly, ensures that no two bids can be applied simultaneously, the state is always consistent, and every connected client sees the same information within the latency of the pub/sub round-trip.

Bid Validation and Race Condition Handling

Race conditions in auction platforms are not theoretical. When a popular lot is closing, it's common to receive dozens of bids within a single second. Without proper concurrency controls, multiple bids can read the same "current highest bid" simultaneously, all pass validation, and all attempt to write — producing inconsistent state, incorrect winners, and disputes.

Optimistic Locking

One approach is optimistic locking at the database level. Each lot record carries a version number. When your engine reads the current state and then attempts to write a new bid, it includes the version it read as a condition: UPDATE lots SET highest_bid = $1, version = version + 1 WHERE id = $2 AND version = $3. If another transaction committed a write between the read and the write, the version condition fails, the write is rejected, and the engine retries with fresh state. This works well for moderate concurrency.

Redis-Based Atomic Operations

For high-concurrency scenarios — hundreds of bids per second on a closing lot — we prefer Redis atomic operations using Lua scripts or the SET NX / INCR primitives. Redis is single-threaded for command execution, which means a Lua script that reads, validates, and writes bid state executes atomically without any risk of interleaving. The pattern:

-- Lua script (executed atomically by Redis)
local current = redis.call('GET', KEYS[1])  -- current highest bid
if tonumber(ARGV[1]) > tonumber(current) then
  redis.call('SET', KEYS[1], ARGV[1])
  return 1  -- bid accepted
else
  return 0  -- bid rejected (outbid)
end

The database write then happens asynchronously as a durable record, with Redis serving as the authoritative source of truth for live bid state. This approach scales to thousands of concurrent bids without lock contention.

The Importance of Server-Side Authority

A rule that cannot be stated often enough: the server is always authoritative. Client-side bid validation is only UX — it prevents clearly invalid submissions but must never be trusted as the final word. We've seen platforms where the client-side countdown timer determines when a lot "closes" from the bidder's perspective, allowing bids to be submitted after the lot has actually closed on the server. This creates disputes and, in some regulatory contexts, legal exposure.

Lot Management and Catalogue

The lot catalogue is the content backbone of the platform. At minimum, each lot needs:

  • Lot identity: lot number, title, description, provenance or condition notes
  • Media: multiple images with ordering, optional video, optional document attachments (certificates, valuations, surveys)
  • Pricing parameters: starting bid, reserve price (if applicable), bid increment table, buy-now price (if applicable)
  • Timing: lot open time, lot close time, auto-extend logic
  • State machine: draft, scheduled, open, closing, sold, unsold, withdrawn
  • Sale context: which auction sale does this lot belong to, what is its sequence within that sale

Auto-Extend (Soft Close)

One feature that dramatically improves bidder engagement and platform revenue is soft close (also called "going, going, gone" mode). When a bid is placed within a defined window before a lot's closing time (typically the last 2–5 minutes), the closing time automatically extends by a fixed interval (typically 2–3 minutes). This mimics the dynamics of a live room where the auctioneer will not close a lot while hands are still in the air.

The logic seems simple but has subtle edge cases: what is the maximum number of extensions allowed? What happens if a lot is in auto-extend when the sale's scheduled end time arrives? These must be defined in your lot model and implemented consistently.

Buyer/Seller Identity and KYC

Auctions are trust-dependent transactions. Unlike a standard e-commerce checkout where identity is relatively low-stakes, an auction platform needs to know that:

  • Bidders are who they claim to be
  • Bidders have financial capacity to honour winning bids
  • Sellers have legitimate title to what they're selling
  • Neither party is on a sanctions list or subject to AML red flags

KYC requirements vary by sector. Art markets operating above certain thresholds are subject to the Anti-Money Laundering Directive in the UK and EU. Vehicle auctions have title verification requirements. Industrial equipment auctions deal with export control regulations. The KYC layer of your platform needs to be defined with a compliance professional, not just an engineer.

From a technical implementation standpoint, KYC is typically handled through one of several third-party providers — Onfido, Jumio, Veriff, or Stripe Identity — that handle document capture, liveness checks, and watchlist screening. Your platform integrates their SDK into the registration flow, stores a KYC status flag on the user record, and gates bidding access on that status.

Timer Management

The timer is one of the most contested components in any auction platform, and one of the most commonly implemented incorrectly. The rule is absolute: the server defines when lots open and close. The client displays that information.

Server-Side Lot Closing

Lot closing must be triggered by a server-side scheduled job, not by the last bid's timestamp or a client-side timer reaching zero. We use a background worker (running on a dedicated process or a scheduled cloud function) that queries for lots entering their closing window, transitions their state, triggers winner determination, and dispatches settlement events. This worker must be idempotent — if it runs twice due to a crash and restart, it must not close a lot twice or create duplicate settlement records.

Clock Synchronisation

For display purposes, clients need to know the current server time to render accurate countdowns. We expose a /api/time endpoint that returns the current UTC timestamp and include a signed server timestamp on every WebSocket bid event. Clients can calculate the delta between their local clock and server time on connection and apply that offset to all countdown calculations. This prevents cosmetic drift — where a bidder's countdown shows "2 seconds" when the server has already closed the lot — which, even when it has no functional effect, creates trust issues and support tickets.

Notification System

Auction platforms generate a very large volume of time-sensitive notifications: outbid alerts, lot opening reminders, lot closing warnings, winner notifications, payment requests, and seller settlement confirmations. The notification system is frequently underestimated in both design and infrastructure terms.

Notification Channels

Most auction platforms need at minimum:

  • In-app real-time notifications (WebSocket push to connected clients)
  • Email notifications (for users not currently on-platform)
  • SMS notifications (for high-value or time-critical events — outbid alerts, lot closing)
  • Push notifications (for mobile clients)

Volume and Throttling

When a lot closes, every outbid bidder receives a "you didn't win" notification simultaneously. For a popular lot with 200 bidders, that's 199 emails, 199 SMS messages (if enabled), and 199 push notifications in a single moment. Multiply by 50 lots closing in the same 5-minute window and you have 9,950 messages to dispatch in minutes. Email providers have rate limits. SMS gateways have throughput caps. Push notification services have their own queuing behaviours.

The notification system must be queue-backed, with separate workers for each channel, retry logic with exponential backoff, and monitoring for queue depth. We typically use BullMQ (backed by Redis) for job queuing, with separate queues for each notification channel and priority levels that ensure winner notifications are dispatched before mass outbid alerts.


Recommended Architecture

Monolith vs Microservices

The microservices conversation is inescapable in any technical architecture discussion in 2025. Our honest position: for almost all auction platforms in their first 18–24 months, a well-structured modular monolith is the correct choice.

Here's why. Microservices introduce real operational complexity: distributed tracing, service discovery, inter-service authentication, network latency between components, and independent deployment pipelines for every service. These are costs worth paying when you have a large team, high traffic, and well-understood service boundaries. In a first-version auction platform with a team of four to ten engineers, these costs are almost always higher than the problems they're supposed to solve.

Our recommended starting architecture is a modular monolith with clear internal domain boundaries:

  • bidding — the bidding engine, bid validation, race condition handling
  • lots — lot catalogue, state machine, timer management
  • users — authentication, KYC status, buyer/seller profiles
  • notifications — notification templates, channel routing, dispatch workers
  • payments — payment authorisation, capture, settlement, invoicing
  • admin — internal tooling, auction management, reporting

Each module has its own models, services, and controllers. Cross-module communication happens through well-defined internal interfaces — not direct database queries across domain boundaries. When and if you need to extract a service (the bidding engine is the most common candidate), the boundaries are already in place.

Event-Driven Patterns

The bidding domain is naturally event-driven. A bid is placed → bid.submitted event. Bid is validated and accepted → bid.accepted event. Lot timer expires → lot.closing event. Winner is determined → lot.won event. These events are the triggers for downstream behaviour: notification dispatch, payment initiation, seller dashboard updates, audit log entries.

We implement this with an internal event bus for the monolith (synchronous in-process for speed, using something like EventEmitter2 or a simple observer pattern) and an external event bus (Redis Streams or a lightweight message queue) for anything that needs durability — payment events, winner determination, settlement confirmations. As the platform grows and services are extracted, the internal bus transitions to the external one.

Database Design Considerations

The auction database schema is more complex than a standard e-commerce schema. Key design decisions:

  • Lots and bids as separate tables with a foreign key relationship — never store the current highest bid as a column on the lot record without a mechanism to ensure consistency with the bids table
  • Soft deletes throughout — auction records are financial records; nothing is ever hard-deleted
  • Partition bids by sale or time period — a popular platform can accumulate tens of millions of bid records; partitioning keeps query performance predictable
  • Row-level locking on lot writes — PostgreSQL's SELECT FOR UPDATE prevents concurrent writes to the same lot record without the application-level Redis solution

Technology Stack Recommendations

Based on our experience building and maintaining auction platforms in production, our current recommended stack is:

LayerTechnologyRationale
FrontendNext.js (React)SSR for catalogue SEO, React for real-time bid UI
StylingTailwind CSSRapid development, consistent design tokens
Real-time clientSocket.io clientAutomatic reconnection, room support
BackendNode.js (TypeScript)Same language across stack, excellent WebSocket ecosystem
REST/GraphQL APIExpress or FastifyProven, well-understood, easy to instrument
Primary databasePostgreSQLACID compliance, row-level locking, strong community
Cache / bid stateRedisAtomic Lua scripts, pub/sub, job queue (BullMQ)
Real-time serverSocket.ioRooms, namespaces, Redis adapter for multi-instance
Job queuesBullMQRedis-backed, retry logic, job prioritisation
Media storageAWS S3 / Cloudflare R2Scalable, CDN-ready, presigned upload URLs
Image processingSharp / AWS LambdaThumbnail generation, WebP conversion
SearchPostgreSQL full-text or TypesenseFull-text search on lot catalogue
EmailSendGrid / PostmarkTransactional email with delivery tracking
SMSTwilioSMS and WhatsApp notifications
InfrastructureAWS (ECS/EC2) or RenderManaged containers, autoscaling
CI/CDGitHub ActionsAutomated test and deploy pipelines
MonitoringDatadog or Grafana CloudAPM, error tracking, queue monitoring

Why not Python? Python is an excellent choice for auction backends — Django has a strong track record in marketplace development, and FastAPI handles async workloads well. We default to Node.js because it shares a language with the frontend, simplifying team organisation and knowledge sharing. If your team's strength is Python, we will happily build on that foundation.

Why not MongoDB? The bidding engine's consistency requirements — transactions across related records, row-level locking, ACID guarantees — are where relational databases genuinely outperform document stores. MongoDB has improved its transaction support significantly, but PostgreSQL remains the more natural fit for the financial data model of an auction platform.


Key Features Checklist

A production-ready auction platform requires a larger feature set than most initial scoping exercises account for. Here is the complete list we work from:

Bidder Experience

  • Bidder registration with email verification
  • KYC/identity verification flow (integrated third-party provider)
  • Deposit or card-on-file requirement before bidding
  • Lot catalogue with filtering, sorting, and search
  • Individual lot pages with full media gallery and lot details
  • Watchlist / save lots for later
  • Live bidding room with real-time bid updates
  • Proxy bidding (auto-bid): bidder sets a maximum, system bids on their behalf up to that amount
  • Reserve price status indicator (met / not yet met)
  • Buy-now option (where applicable)
  • Outbid notifications (in-app, email, SMS)
  • Lot closing countdown with soft-close extension indicators
  • Post-auction invoice generation and payment
  • Order history and lot win history
  • Bidder dashboard with upcoming lots, active bids, won lots, payment status

Seller / Consignor Experience

  • Seller registration and onboarding
  • Lot submission form (title, description, images, reserve price, starting price)
  • Lot approval workflow (pending admin review)
  • Seller dashboard with lot performance data (views, bids, final price)
  • Post-sale settlement notifications
  • Payout processing and history

Auction House / Admin Panel

  • Sale management (create, schedule, close auction sales)
  • Lot management (approve, edit, withdraw, re-list)
  • Bidder management (approve, suspend, review KYC status)
  • Live sale control panel (for simulcast: accept/reject online bids, control lot sequencing)
  • Bid history and audit log per lot
  • Reserve price management
  • Settlement management (mark lots as paid, initiate payouts)
  • Reporting (sale totals, buyer premiums, seller net proceeds, unsold rate)
  • Financial reconciliation export (CSV for accounting)

Platform / Infrastructure

  • Multi-sale support (run multiple concurrent auction events)
  • White-label theming support
  • API for third-party integrations
  • Mobile-responsive web (or native mobile apps)
  • CDN-delivered media
  • Real-time monitoring and alerting

Payment and Settlement Architecture

Auction payments are fundamentally different from standard e-commerce payments, and treating them the same way is one of the most common mistakes we see.

The Authorisation-Hold-Capture Pattern

In standard e-commerce, payment is captured at checkout. In most auction formats, you don't know the final price at the time of bidding — and even when you do (in the case of proxy bidding at the lot's close), you may not want to capture payment until settlement is confirmed.

The correct pattern for most auction platforms is:

  1. Pre-authorisation hold at registration or before bidding on a lot — a card authorisation for a deposit amount (typically £250–£2,000 depending on lot category) to verify payment method and demonstrate financial seriousness
  2. Winner determination — when a lot closes, the system identifies the winning bidder and the final price
  3. Invoice generation — the invoice is created, including the hammer price plus buyer's premium plus applicable taxes
  4. Payment capture — the winning bidder is prompted (or automatically charged) for the full invoice amount, separate from the registration deposit

The registration deposit authorisation is typically released after the auction closes for non-winning bidders. For winning bidders, the deposit may be credited against the invoice total.

Post-Auction Settlement

For most auction house clients, the settlement cycle is:

  1. Winning bidder pays invoice (typically within 24–72 hours of auction close)
  2. Platform or auction house confirms receipt of cleared funds
  3. Buyer collects or arranges delivery of lot
  4. Seller payout is initiated (typically 14–21 days after auction close, minus commission and listing fees)

Each step must be tracked in your settlement state machine. Unpaid invoices need automated reminders and, after a defined period, escalation to the admin team. Seller payouts need to integrate with your chosen payout mechanism — Stripe Connect is the most common choice for marketplace-style platforms where the platform holds funds in transit.

Payment Provider Recommendations

ProviderBest ForNotes
StripeUK, EU, US, most marketsBest API, Stripe Connect for marketplace payouts
PayPalMarkets where PayPal trust is highUseful as supplementary option
BraintreeMulti-currency, high volumeOwned by PayPal, strong fraud tooling
GoCardlessUK/EU bank debitGood for large invoice settlement
Checkout.comHigh-volume, enterpriseCompetitive rates at scale
Stripe + regionalGlobal platformsStripe as primary, regional provider as fallback

For platforms operating in the UAE or KSA, we typically implement PayTabs or HyperPay alongside Stripe for local card coverage.


KYC and Fraud Prevention

Auctions attract a disproportionate share of payment fraud and identity fraud relative to standard e-commerce, for a simple reason: the time pressure of bidding creates less opportunity for careful scrutiny, and auction platforms historically have lower friction than bank transactions. Fraudsters exploit both.

Why Auctions Attract Fraud

The common fraud patterns we encounter:

  • Shill bidding: a seller (or their associate) places artificial bids to inflate the hammer price. Technically detectable through IP address analysis, device fingerprinting, bidding pattern analysis, and relationship mapping between buyer and seller accounts.
  • Payment fraud: a winning bidder places a bid with no intention of paying, using stolen card credentials for the deposit. The fraud is discovered at capture, days after the auction.
  • Identity fraud: creating multiple accounts under false identities to circumvent bidder limits or suspension.
  • Seller fraud: sellers listing items they don't own or that don't match the description, collecting buyer funds and disappearing before fulfilment.

Identity Verification Approaches

Tier 1 — Email verification only: Appropriate only for low-value, low-risk lots. Provides no meaningful fraud prevention.

Tier 2 — Card-on-file with address verification: Requires a valid payment card with matching billing address. Provides basic fraud friction. Suitable for mid-tier consumer platforms.

Tier 3 — Government ID verification: Integration with a KYC provider (Onfido, Jumio, Veriff) to verify a passport or driving licence and match it to a selfie. This is the minimum standard for platforms dealing with lots above £1,000–£2,000 or operating in regulated sectors.

Tier 4 — Full KYC with AML screening: Document verification plus watchlist screening against PEP (Politically Exposed Person) and sanctions databases. Required for art market operators under the UK's Money Laundering Regulations and for platforms with institutional or high-net-worth buyer bases.

Deposit Requirements

Requiring a pre-authorisation hold before bidding is one of the highest-value fraud prevention mechanisms available — not because it makes fraud impossible, but because it dramatically raises the cost of attempting it. A fraudster who needs a valid, verifiable card to place a deposit before bidding on any lot faces a meaningful barrier.

Deposit thresholds should be tiered by lot value category. A platform running lots from £50 to £50,000 in the same sale should not require the same deposit from all bidders — it both over-restricts access at the low end and under-protects at the high end.


Common Mistakes We See

Not Handling Race Conditions

The most technically damaging mistake. Teams build the happy path — one bid, one bidder, it works in testing — and then go live. Under real load, with simultaneous bids, they discover that the database has two records claiming to be the highest bid on the same lot. The scramble to fix this in production, while the auction is live and bidders are watching, is exactly as painful as it sounds.

The fix is not complicated. It requires thinking about it before you start building the bidding engine, not after the first live sale produces a data integrity incident.

Trusting Client-Side Timers

We have seen this in every form imaginable. JavaScript countdown timers that determine when the submit button is disabled. Mobile app timers that drift because the device went to sleep. Browser tab timers that pause when the tab is backgrounded. In every case, the platform allows (or denies) bids based on a timer that is not the authoritative source of truth.

The server closes lots. The server accepts or rejects bids based on lot status at the time of submission. The client timer is a display convenience. These must be treated as entirely separate concerns.

Underestimating Notification Load

A platform with 500 registered bidders and 100 lots in a sale will dispatch approximately 50,000 notifications in the two hours of a live sale — outbid alerts, lot closing warnings, winner notifications, payment requests. Teams that route all of these through a single synchronous email function discover this at the worst possible moment.

Notifications must be designed as an asynchronous, queue-backed system from day one. Retrofit is painful and involves rewriting notification dispatch during a live production system.

Building for One Auction Format and Retrofitting

A client comes in needing a timed online auction. The team builds exactly that — a timed auction platform, with assumptions about single-price display, single lot timeline, no live bidder count, no simulcast support baked into the data model. Six months later, the client wants to add live simulcast capability. The work to retrofit this into a system designed around different assumptions routinely costs more than building it correctly from the start.

Understanding which auction formats the client intends to run — now and in 18 months — is a prerequisite for architecture, not an afterthought.

Storing Proxy Bid Maximums Visibly

Proxy bidding (auto-bid) requires storing the bidder's maximum amount. This amount must be encrypted at rest and never exposed to any other party — including auction house staff. We have reviewed platforms where proxy maximums were visible in the admin panel, giving the auction house operator the ability to see every bidder's ceiling before the auction closes. Depending on jurisdiction and platform rules, this is a significant trust violation and potentially a legal exposure. Proxy maximums should be stored encrypted, decrypted only by the bid engine at the moment of bid placement, and never surfaced in any administrative interface.


How We Build Auction Platforms at Cyberbeak

We've built auction and marketplace platforms from first principles enough times to have a repeatable process — but no two clients have had identical requirements, and we don't pretend otherwise.

Our Process

Discovery and Architecture (weeks 1–3): We run structured workshops to define the auction formats, the buyer and seller journeys, the compliance requirements, and the integration landscape. We produce a technical architecture document, a data model draft, and a feature specification before a line of code is written. This is not a bureaucratic step — it's the phase that prevents the expensive mistakes described above.

Foundation Build (weeks 4–10): Core infrastructure, authentication, KYC integration, lot catalogue, bidding engine, and real-time WebSocket layer. We build the bidding engine first and stress-test it before building the UI on top of it, because the UI can be changed easily and the bidding engine cannot.

Feature Build (weeks 11–16): Buyer and seller dashboards, notification system, payment integration, settlement workflows, admin panel, reporting.

Integration and Testing (weeks 15–18): Third-party integration completion, load testing on the bidding engine (we target 10× projected peak concurrency before launch), security review, and accessibility audit.

Pilot and Launch (weeks 18–20): A supervised pilot sale with a limited bidder group before public launch. This catches the operational issues that no amount of testing surfaces — the support questions, the edge cases in real bidder behaviour, the moments where the auctioneer's workflow doesn't match the admin panel's assumptions.

Typical Timeline

  • Timed online auction, single format, standard feature set: 12–16 weeks
  • Live/simulcast capable platform: 16–22 weeks
  • Enterprise platform with multiple auction formats, custom integrations, mobile apps: 24–36 weeks

Investment Range

Auction platform development sits in a higher investment bracket than standard e-commerce, because the technical complexity is genuinely higher and the cost of getting it wrong is higher. Our typical project ranges:

  • Timed online auction — standard scope: £80,000–£130,000
  • Live / simulcast capable platform: £130,000–£180,000
  • Enterprise multi-format platform: £180,000–£250,000+

These figures reflect a UK-based delivery team with senior engineers and a full delivery process. Offshore-only delivery can reduce cost but typically increases coordination overhead and risk on a problem domain where precision matters as much as this one.


Frequently Asked Questions

Can we add simulcast capability later if we start with timed online?

Yes, but the cost of doing so correctly depends heavily on how the initial platform was architected. If the data model, real-time layer, and admin panel were built with future simulcast in mind — even if the feature wasn't implemented — the addition is an extension, typically 8–14 weeks of work. If the initial build was optimised purely for timed auctions with no consideration of live functionality, the work is closer to a partial rebuild. We always recommend including simulcast-readiness in the initial architecture even if the feature goes in later.

How many concurrent bidders can the platform handle?

With horizontal scaling on the WebSocket layer (Socket.io with the Redis adapter, deployed behind a load balancer) and Redis handling bid state atomically, a well-built platform can comfortably handle thousands of simultaneous connected bidders across hundreds of concurrent lots. The limiting factor is almost always the notification dispatch layer, not the bidding engine itself. For platforms with genuinely extreme concurrency requirements — tens of thousands of simultaneous bidders — the architecture requires more specialised infrastructure, which we scope separately.

Do you build mobile apps as part of auction platform projects?

We build responsive web applications as standard, which work well on mobile browsers. Dedicated iOS and Android apps are available as an addition to the project scope, typically adding 8–14 weeks and £30,000–£60,000 to the total investment. For most auction platforms, a well-built mobile web experience covers 85–90% of use cases. Native apps add value where push notifications, camera access for lot inspections, or deep offline support are required.

What about compliance — are there regulatory requirements specific to auction platforms?

Yes, and they vary by sector and geography. Art market operators in the UK are regulated under the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 (as amended), which imposes AML obligations, KYC requirements, and transaction reporting duties. Vehicle auctions have title and registration considerations. Food and agriculture auctions operate under sector-specific licensing regimes. Firearms and certain commodities have export control implications. We always recommend a compliance review with a specialist solicitor before platform launch, and we build the technical infrastructure to support whatever compliance posture that review produces.

Can the platform be white-labelled for other auction houses?

Yes. We build platforms with multi-tenancy and white-labelling as optional architectural capabilities. A white-label model — where multiple auction houses operate on the same underlying platform with their own branding, catalogue, and bidder base — requires a more complex initial architecture (tenant isolation at the data layer, per-tenant configuration, subdomain or custom domain routing), but it's a commercially attractive model for platform operators who want to serve multiple auction house clients. We've built this model successfully and it adds approximately 30–40% to the initial build cost in exchange for a significantly more scalable commercial model.


Ready to Build?

If you're evaluating an auction platform build — whether you're an established auction house moving online, a startup entering a specialist vertical, or an operator looking to replace a legacy system — we'd like to talk.

We're selective about the projects we take on, because auction platforms require deep collaboration to build well. The first conversation is always a technical discussion, not a sales call. We want to understand your auction format, your bidder base, your compliance environment, and your commercial model before we say anything about timelines or costs.

Get in touch with the Cyberbeak team to start that conversation.

Ready to build?

Talk to our team about your project

We work with businesses across the UK, USA, UAE, KSA, Canada, Australia and Germany to build custom software, SaaS platforms and marketplace systems.