BUILDING BLOCKS

 

Select the plus signs for more information.

CLOUD APP

BUILDING A PCI-DSS COMPLIANT REWARDS MANAGEMENT PLATFORM ON THE CLOUD

The client is a loyalty and rewards management solutions provider in India. It wanted to develop a PCI-DSS compliant rewards management platform for banks in the country.

THE APPROACH

  • Suggested and implemented a templatized cookie cutter model for predictable deployment on AWS Cloud due to the repetitive nature of audit requirements with the banking business
  • Made significant changes to the application architecture to accommodate compliance controls at various layers of the platform and to facilitate platform scalability
  • Leveraged a combination of various AWS services, open source solutions, and third party solutions to achieve the necessary compliance
  • Redesigned and redeployed the environment on AWS

TECHNOLOGY COMPONENTS

  • Linux, Apache/Nginx/PHP/NodeJS, MySQL/MongoDB, Redis Cache, Application Load Balancers, Web Application Firewall, Application and host level Logging – ELK Stack, File Finger printing – OSSEC, Security Incident Event Management – OSSEC, Cloud API log – AWS CloudTrail, Alert notification – AWS Simple Notification Service, IP whitelisting – AWS VPC Security Group, Layer 7 – Web Application Firewall, Host level firewall – iptables Vulnerability assessment – VAPT (OpenVAS + Nessus), Data in Transit encryption HTTPS – SSL Certificates

THE BUSINESS CHALLENGE

To design and build a loyalty management platform on the public cloud that would not only comply with stringent auditing requirements but also be scalable to other businesses.

TRANSFORMATIONAL EFFECTS

  • Reduced deployment time from 12 weeks to one week
  • Highly scalable environment and Cost optimized campaign management
  • Option to deploy the platform as is for clients similar to banks in a cookie cutter mode