Designing and Deploying a Secure B2C Public Cloud Platform

One of the leading mobile apps based gifting merchants wanted its services to be compliant with PCI-DSS for users to make the purchases confidently using their credit cards.

Business Challenge

The challenge was to design, build and deploy a mobile application with stringent security features for both Android and iOS platforms that are PCI-DSS compliant.

Technology Components

  • Application level de/encryption – AWS KMS

  • Encrypted database table data – AWS RDS

  • Application and host level logging – ELK Stack

  • File Finger printing – OSSEC

  • Security Incident Management (SIM)/ Security Information and Event Management (SIEM) – OSSEC

  • Cloud API logging – AWS CloudTrail

  • Cloud infrastructure change audit trail – AWS Config

  • Alert notification – AWS Simple Notification Service

  • IP whitelisting – AWS VPC Security Group

  • Layer 7 – Web Application Firewall

  • Host-level firewalls – IP tables

  • Patch management – Spacewalk

  • Vulnerability assessment – VAPT (OpenVAS + Nessus)

  • Data in Transit encryption HTTPS – SSL Certificates

Approach

  • Designed and deployed the cloud environment leveraging several Amazon Web Services (AWS) security services alongside multiple open source solutions to achieve PCI compliance.

  • Engaged Business and Technology teams of the client – from initial audit to multiple re-audits.

  • Implemented a complete CI/ CD pipeline to ensure that a blue green deployment can be achieved.

  • Completed the engagement end-to-end from design to go-live in 16 weeks.

  • Enforced a targeted approach for the public cloud deployment due to the nature of the platform.

Transformational Effects

  • AWS services that are PCI compliant are used to set up infrastructure.

  • Application as well as its environment are PCI-certified.

  • Created a secure application that can be trusted by customers to use their credit cards.

Contact Us Today

By submitting your information, you agree to our revised  Privacy Policy.

TESTIMONIALS

Get in Touch

Let us Help You in
Your Transformation
Journey


Would you like to speak with an expert?

x

Status message

We're eager to assist you! Please leave a message and we'll get back to you shortly.

By submitting your information, you agree to our revised  Privacy Policy.