Coinhako Migrates to AWS for Compliance Support and High Availability
Facilitating Crypto Trading in Singapore and Beyond
Many signs indicate that cryptocurrency is finally going mainstream. In 2020, large-scale financial institutions began investing in the crypto market, and payment systems started buying, selling, and holding bitcoin for their customers.
Singapore-based cryptocurrency platform Coinhako was founded in 2014 with the aim of improving access to Asia’s crypto-economy. The platform currently serves over 300,000 users and adopts a localized focus to cryptocurrency services, with country-specific language settings and integrations with various regional payment gateways, including Fast And Secure Transfers (FAST) in Singapore, VISA and Mastercard payments, and more.
Numerous security features that come out-of-the-box with AMS would have taken us months, if not years, to properly roll out.”
Cofounder and Chief Technology Officer, Coinhako
Accelerating Compliance with Amazon Managed Services
Coinhako launched its operations on a combination of cloud providers, including Amazon Web Services (AWS). However, over time, FinTech regulations and compliance in Singapore grew more stringent. Some regulations include the Payment Services Act 2019, which regulates traditional and cryptocurrency payments and exchanges, and the Omnibus Act for the financial sector, which sets requirements for areas such as risk management.
Trust is paramount in the crypto market, and Coinhako has set its sights on obtaining a license as a Digital Payment Token (DPT) services provider under the Payment Services Act in Singapore to give current and potential customers full confidence in its platform. One of the key requirements is adherence to the Technology Risk Management Guidelines (TRMG), which is a rigorous compliance framework that governs issues such as data protection, system availability and redundancy, and change management control.
To reduce the burden of meeting TRMG requirements, Coinhako reached out to AWS and discovered how AWS Managed Services (AMS) could enhance operational security and compliance, among other benefits. It decided to fully migrate to AWS in 2021 and since the migration, specialists from AMS have helped accelerate the company’s compliance timeline from seven months to three.
“Numerous security features that come out-of-the-box with AMS would have taken us months, if not years, to properly roll out,” says Gerry Eng, cofounder and chief technology officer at Coinhako. “Most of the TRMG checklist is covered by AMS, so we can focus on refining business processes that ultimately make our platform more robust.”
Scaling Platform to Handle High Traffic Spikes in the Crypto Market
In addition to TRMG compliance, the company has benefited from expert guidance on architecting in the cloud to improve availability and optimize costs.
To scale smoothly during spikes in traffic—as much as six times higher volume during peak crypto trading waves—Coinhako rearchitected its platform to leverage more AWS Cloud–native tools. Previously, its platform experienced lags that could last up to 40 minutes during peak trading windows. With the help of AMS, Coinhako reconfigured its database using Amazon Relational Database Service (Amazon RDS) to better handle an influx of queries when crypto markets rally. And backups are centralized and automated with Amazon RDS, which has boosted efficiency among Coinhako engineers by eliminating the need for active backup management.
The company is also using Amazon Elastic Kubernetes Service (Amazon EKS) for container orchestration. Engineers can set up containerized autoscaling groups to further improve platform resilience. “Managing Kubernetes infrastructure with Amazon EKS is intuitive. We can leverage comprehensive tooling, such as autoscaling groups, which removes the need for manual intervention and saves our engineers 10–15 minutes when demand surges,” Eng says.
Following Best Practices to Maintain Consistency
As Coinhako grows, its founders increasingly look to tighten processes to maintain a consistent operation at any scale, such as standardizing its usage of continuous integration and continuous deployment (CI/CD) tools to build and deploy its solutions. Since the company started using AMS, all of its teams across different projects are following the same processes defined by best practices.
Eng says, “Prior to 2020, there were small gaps in our processes, but AMS provides a framework that ensures projects are thoroughly managed. Things like availability, scaling, and backups are hard to manage individually, but on AMS, we’ve automated many of those processes and know how to properly handle each scenario.”
Reinforcing Security with an Eye toward Expansion
In tandem with the TRMG compliance on the Payment Services Act, Coinhako is also seeking ISO 27001 certification as part of its commitment to build trust with its users and continually raise its compliance standards. Because ISO compliance is internationally recognized, this will prove valuable as the company seeks to expand. Eng adds, “Whatever market we enter, there will always be a technology framework to adhere to; I foresee that AMS will continue helping us with compliance in international markets.”
While ramping up to TRMG compliance, Coinhako has fortified access controls with AWS Identity and Access Management (IAM). It has also implemented AWS Secrets Manager to automate encryption of data at rest and in transit. With its previous secret management service, whenever the company had a new project, Coinhako had to wait up to three days to provision a new vault service.
Optimizing Costs for a Projected 30% Savings
Cost optimization is an integral part of AMS, and Coinhako projects 30 percent lower operating costs by the end of 2021. In addition to monthly cost optimization reviews provided by AMS, a key factor driving savings is the ability to right-size instances. Eng explains, “On AMS, we have a wider range of options in terms of granular instance sizes, so we can scale our infrastructure to exactly what we need without over- or under-provisioning.”
In addition to finalizing TRMG compliance, Coinhako is currently focused on rearchitecting to improve platform stability in preparation for the next big cryptocurrency trading wave. The company’s goal is to achieve 99.99 percent availability by the end of 2021. It’s also looking at ways to reinforce its platform security and is exploring machine learning services such as Amazon Fraud Detector to prevent fraudulent transactions in addition to tightening its electronic-know-your-customer (eKYC) onboarding for new users.
Looking ahead, Coinhako plans to continue leveraging AWS for forthcoming projects. Reflecting on the journey thus far and recalling the first phase of migration with AMS, Eng comments, “AWS really lives up to its promise of customer obsession. During the migration, for example, we had an AWS team of 10 supporting us for almost a month. The peak migration period was very intense, with consecutive 12-hour days for over a week. The level of service AWS provided, and continues to provide, has exceeded our expectations.”
To learn more, visit aws.amazon.com/managed-services/.
Founded in 2014, Coinhako is Singapore’s leading digital assets wallet service provider and one of the longest-standing platforms in the Asia Pacific region. With over 300,000 users, it aims to provide easy access to digital assets like Bitcoin and other cryptocurrencies in Asia.
Benefits of AWS
- Accelerates compliance timeline for TRMG and ISO 27001
- Provides high-touch support for migration and deployment
- Scales trading platform 6x during peak periods
- Conducts monthly cost optimization reviews to minimize spend
- Centralizes and automates database backups
AWS Services Used
AWS Managed Services
AWS Managed Services (AMS) helps you operate your AWS infrastructure more efficiently and securely. Leveraging AWS services and a growing library of automations, configurations, and run books, AMS can augment and optimize your operational capabilities in both new and existing AWS environments.
Amazon Elastic Kubernetes Service (EKS)
Amazon Elastic Kubernetes Service (Amazon EKS) is a managed container service to run and scale Kubernetes applications in the cloud or on-premises.
AWS Secrets Manager
AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources.
Amazon Relational Database Service (RDS)
Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database in the cloud.
Companies of all sizes across all industries are transforming their businesses every day using AWS. Contact our experts and start your own AWS Cloud journey today.