BUILDING A PCI-DSS COMPLIANT REWARDS MANAGEMENT PLATFORM ON THE CLOUD
The client is a loyalty and rewards management solutions provider in India. It wanted to develop a PCI-DSS compliant rewards management platform for banks in the country.
- Suggested and implemented a templatized cookie cutter model for predictable deployment on AWS Cloud due to the repetitive nature of audit requirements with the banking business
- Made significant changes to the application architecture to accommodate compliance controls at various layers of the platform and to facilitate platform scalability
- Leveraged a combination of various AWS services, open source solutions, and third party solutions to achieve the necessary compliance
- Redesigned and redeployed the environment on AWS
- Linux, Apache/Nginx/PHP/NodeJS, MySQL/MongoDB, Redis Cache, Application Load Balancers, Web Application Firewall, Application and host level Logging – ELK Stack, File Finger printing – OSSEC, Security Incident Event Management – OSSEC, Cloud API log – AWS CloudTrail, Alert notification – AWS Simple Notification Service, IP whitelisting – AWS VPC Security Group, Layer 7 – Web Application Firewall, Host level firewall – iptables Vulnerability assessment – VAPT (OpenVAS + Nessus), Data in Transit encryption HTTPS – SSL Certificates
THE BUSINESS CHALLENGE
To design and build a loyalty management platform on the public cloud that would not only comply with stringent auditing requirements but also be scalable to other businesses.
- Reduced deployment time from 12 weeks to one week
- Highly scalable environment and Cost optimized campaign management
- Option to deploy the platform as is for clients similar to banks in a cookie cutter mode