More money is flowing through the international digital economy than ever before.
That’s great news for global businesses. But there’s a catch. When people buy from overseas, businesses selling to them have to process the overseas payments.
And overseas payment processing isn’t cheap. Forex rates fluctuate, and it costs a lot for banks to process thousands of foreign currency transfers through legacy IT infrastructures.
Companies are crying out for a more agile, cost-effective way to process
customers’ international payments.
So in 2012, Currencycloud was founded to satisfy that need, with a new, faster way for businesses to handle overseas payments through the cloud.
But spending weeks to months spinning up new servers and data centers each time it won new clients meant the system soon became impractical.
What it needed was an IT infrastructure that could grow at the same pace as the market’s appetite for Currencycloud’s services. This is the story of how Currencycloud migrated its IT infrastructure to the AWS Cloud, and started scaling its business at the speed of its ambition.
To get consistency with on-premises servers, you need enough processing and data-storage grunt to be able to handle the absolute peaks of customer traffic, all the time. For Currencycloud that’s times like Christmas and Cyber Monday.
The thing is, the rest of the time, that server and data storage is going to waste. And it costs thousands of dollars to spin up and maintain each new server.
Plus, before moving to AWS, it would take weeks for Currencycloud to get servers up and running. It meant new products couldn’t be launched as quickly as it would have liked, or service new clients. The combination of waste, expense and delay was restricting its growth.
Currencycloud had to find a supplier with the scale to handle peaks in customer traffic, but with the flexibility to scale back down again at quieter times.
Currencycloud have to make absolutely sure its systems aren’t susceptible to fraud, hacks or attacks on customer data.
And this is the world of finance – rightly one of the most heavily regulated sectors in the world. Any prospective cloud provider it used had to be compliant with more than 10 international regulatory bodies’ accreditations, as well as the latest ISO standards for data security.
It’s a tall order, but one that had to be fulfilled by the chosen cloud provider.
Physical on-premises servers can vary in processing power and performance, especially as they age. That’s not ideal at the best of times. And if there’s an outage, it causes expensive downtime, and a slow service for customers.
The chosen provider would have to run on a robust and reliable server network if they were going to be an improvement on Currencycloud’s on-premises system.
One of the big attractions of migrating to cloud computing is that your IT department no longer has to spend hours at a time managing and maintaining the business’ infrastructure.
For a small, young and growing business like Currencycloud, the rigmarole of maintaining an on-premises IT system was a real burden.
The more it could off-load to the cloud while maintaining control of compliance and security, the better.
Finally, it needed a provider that could make the transition from one system to another as non-disruptive as possible. Any amount of time offline would result in hundreds of thousands of dollars in losses, not to mention the reputational hit.
It also needed access to market leading expertise, to make sure the migration went without a hitch.
Currencycloud had major growth targets, and if the chosen provider lagged behind in any of those five areas it was seriously going to set back the company's progress.
So research was done. Having attended AWS events to understand the possibilities of cloud architectures, and having seen guidance from UK financial regulator the Financial Conduct Authority (FCA) evangelising the virtues of secure cloud computing, it was ready to make a call.
AWS was chosen.
Right from the word go, AWS’s Solutions Architects worked closely with the team at Currencycloud to find the right way to take on each requirement.
There were some some big challenges to overcome together.
Because innovation in fintech is absolutely flying, often there won’t be a regulatory precedent for new players in the market. So a player who’s created a new kind of fintech business will need to work alongside the regulators to de-risk the business model.
Currencycloud was no exception. But AWS had all the tools needed to create a secure way to handle overseas payment via the cloud.
AWS takes a shared responsibility approach to security: a model that makes a distinction between the security of the cloud and security in the cloud.
AWS secures the IT infrastructure that forms the engine room of the cloud (like physical data centers, infrastructure, and networking). Then AWS clients use the tools AWS provides to secure customers’ data in the cloud. That’s things like firewalls, operating systems, and identity and access management (IAM).
The model is part of 51 compliance assurance programmes, from Certifications like ISO27001, Regulations like the EU Data Protection Directive, and Frameworks like the Centre for Internet Security (CIS).
You can find more about each of the assurance programmes here.
It can be challenging to prove to an auditor whether or not your physical data centres are wired and patched together securely. It’s a time-consuming process of physically checking every single server and data centre for faults or weaknesses, and sometimes it can take weeks to complete.
Using AWS meant Currencycloud no longer had a physical infrastructure to look after – that was all taken care of.
AWS handled the heavy lifting – the encryption, the strength of the firewall, and more – and ensured compliance with the highest international security standards.
All Currencycloud needed to do was lift its code and send it onto the auditors for review.
Amazon Elastic Compute Cloud (Amazon EC2) is a virtually limitless supply of computing power that businesses can access as often as they need to. As your business grows, you can add server instances on the fly.
Amazon Aurora is a database engine that offers a commercial-grade database engine at open-source costs. It doesn’t lock you into a contract, and it’s fully compatible with MySQL database engines, making migrating from one to the other nice and smooth.
Whenever Currencycloud needs to handle a peak in customer activity, it can configure the amount of computing resource and data capacity it needs quickly. By logging in to its account and setting the parameters needed, in a matter of minutes server instances and databases are up and running.
Rather than paying for enough servers to handle its peak traffic all the time, Amazon EC2 and Amazon Aurora are pay only-for-what-you-use services. That means Currencycloud can set up to handle the peaks at cost-price when it needs to, and when the traffic subsides after the latest Cyber Monday, its costs come down too.
Amazon EC2 has a Service Level Agreement of 99.95% instance availability for all regions around the world. And if any go down, there are hundreds of backup servers ready to take their place instantaneously. Similarly, with Amazon Aurora, for every 10Gb of database space Currencycloud uses, AWS makes six replications of that data across three availability zones. Each of them backed up every 5 minutes. On-premise IT just doesn’t come close.
AWS’s Solutions Architects recommended bringing in migration specialists Claranet for hands-on support. Claranet is an expert when it comes to helping companies switch IT infrastructures to the cloud painlessly, and well-versed in the full range of AWS products.
Between the Currencycloud IT team, Claranet and AWS, the team was able to identify the pitfalls that could have caused the migration to falter, accelerating the process.
Then, once everything was set for migration, the team used AWS Snowball to transfer petabytes of data to the new infrastructure.
Normally it would take months to transfer that level of data across a 100Mbps connection. Snowball’s speeds took that down to less than a day.
Automation is a vital component in any cloud security programme, not just to handle high-scale checks efficiently, but also to reduce human configuration errors.
You should also be able to automate infrastructure and application security checks whenever new code is deployed, to continually enforce your security and compliance controls, ensuring confidentiality, integrity and availability at all times.
With the back-end operations taken care of, the team at Currencycloud can put that behind them and throw themselves into developing new products and services.
Its databases, its server capacity – all of it is to help Currencycloud develop any number of new products and services and to bring them to market rapidly.
All its energy goes into growing the business, improving customer service and developing new ideas. And none of it is hamstrung by the technology it’s built upon.
You have to choose a provider based on where you’re expecting your technology to be in one, two, or even five years’ time.
Be absolutely sure that the provider you choose will be there, developing their technology at the same pace as your business.
The more your cloud provider can innovate, the more you can harness their technology to develop market-leading products other players would take years to create on their own.
The speed and scale of Amazon Aurora is vastly superior to MySQL, yet it still has 100% compatibility with the open-source MySQL data. It’s made a huge difference to how we handle customer data.
And when you sign up to use it, you’re not locked into a contract like more commercial databases. We took a trial period on that basis and we’d thoroughly recommend it, if you need to scale your databases quickly while staying compliant with strict regulations.
Migration isn’t something you or your IT team will do every day. But it’s exactly what your cloud provider does.
We brought in AWS’s solution architects as well as Claranet early in the processs so they could be part of the design of the migration plan from the get-go.
They got right down to the nuts and bolts of how the security of the IAMs and firewalls would need to be configured for our needs, and their support throughout those months was invaluable.
If the support is there, use it. Your suppliers want the process to go just as smoothly as you do.