SpotPaymentech is a PCI certified, Master Payment Service Provider by means of providing a single acquiring point for brokers wishing to process transactions globally and connect with multiple payment providers, acquiring banks and alternative payment schemes.
SpotPaymentech platform supports a wide range of payment methods such as major credit and debit cards, online banking and alternative e-payment solutions.
SpotPaymentech needed to find a cloud provider to help them achieve their security and compliance requirements for their new application. After exploring different public cloud vendors, AWS cloud platform was chosen to best meet their needs.
By building a secure and PCI-DSS compliant infrastructure on AWS, CloudZone enabled us to deliver our customers a secure environment for payment processing services. This in turn reduced their compliance burden and provided enhanced security for our highly sensitive payment card data.
– Amir Vaknin , CTO, SpotOption
In order to secure the application’s network perimeter and to reduce the operational costs, CloudZone implemented a network which consisted of three network segments (VPCs): management, PCI-DSS and non-PCI. This type of architecture was used to reduce the number of application components which has access to the cardholder’s data.
SpotPaymentech applications run on Amazon Elastic Compute Cloud (Amazon EC2) instances and use Amazon Simple Storage Service (Amazon S3). Amazon Relational Database Service (Amazon RDS) was used to help the organization operate and reach the goals of data at-rest and in-flight encryption as an “out of the box” solution. AWS CodeCommit was used to host private Git repositories while AWS IAM to control access to CodeCommit Git repositories. AWS CodeDeploy was used to automate deployment without having SSH access to the production instances.
As part of the application perimeter security, CloudZone also used Incapsula as a Web Application Firewall, software as a service (SaaS) solution and TrendMicro Deep Security – a solution that protects applications against threats, malware and vulnerabilities.
AWS platform flexibility allows SpotPaymentech to build secure and cost effective solution while achieving PCI-DSS Level 1 compliance for their cloud environment. Achieving PCI-DSS compliance has helped enable SpotPaymentech to deliver a certified environment for payment processing services. This reduces the compliance burden on their customers and provides added security for highly sensitive payment card data.
In addition to the security and compliance benefits achieved through AWS, SpotPaymentech has also achieved significant cost-saving, allowing the company to operate efficiently and maintain a competitive edge in the marketplace.