Vodafone Italy, based in Milan, is a subsidiary of Vodafone Group Plc, a leading mobile communications corporation that operates in more than 30 countries worldwide. After growing steadily in the Italian mobile phone market over the last 15 years, today Vodafone Italy has more than 30 million mobile customers. The company reported over $8 billion in service revenues for fiscal year 2012.

Vodafone Italy’s mobile phones each contain a subscriber identity module (SIM) card that holds the account holder’s personal information—phone number, address book, text messages, and other data. SIM cards are transferable between phones and are popular with many users. Vodafone Italy customers can buy additional credit for a SIM card—a process known as top up—in stores or ATM machines.

As SIM transactions increased, Vodafone Italy wanted to make it easy for customers to use a debit or credit card to top up mobile phones and other broadband devices. The company needed a reliable and secure solution that they could use to protect client data that is Level 1 compliant under the Payment Card Industry (PCI) and Data Security Standard (DSS). Vodafone Italy could not accurately predict how many customers would use the solution, so the company wanted a flexible infrastructure with the ability to scale up and down to meet demand.

“A key requirement for this project was to design a solution that was PCI DSS-compliant,” says Stefano Harak, Online Senior Product Manager for Vodafone Italy. “Amazon Web Services (AWS) was the clear choice in terms of security and PCI DSS Level 1 compliance compared to an on-premises or co-location datacenter solution. From a technical perspective, when we evaluated the ease of implementation and management, we believed that AWS would dramatically reduce the time to market as well as the cost of infrastructure.”

Working with Storm Reply, an Advanced Consulting Partner member of the AWS Partner Network, Vodafone Italy created TopUp without Login. This solution uses a multichannel approach that allows customers to buy credit for SIM cards using a credit card or PayPal on a website, mobile site, mobile application, or social networks. At the same time, the solution minimizes the number of information needed to complete the process, resulting in a faster and easier top-up process.

The TopUp without Login solution front-end layer consists of several websites, (including two Facebook sites, a stand-alone website, a stand-alone mobile site, and two mobile applications), a content management system (CMS), and a tracking and report application that tracks transactions, performs statistical analysis, and builds reports. Vodafone Italy uses Oracle Database, the Liferay content management framework, and the JasperReports Java reporting tool in the solution. The company uses AWS in the middleware layer to decouple data from the applications and manage the information flow to Vodafone and other third-party providers and services. This design makes it easy to integrate additional channels for the TopUp solution. Figure 1 shows the TopUp without Login design.

Vodafone Architecture Diagram 1

Figure 1. TopUp without Login Design

TopUp without Login runs on Amazon Elastic Compute Cloud (Amazon EC2), Amazon Virtual Private Cloud (Amazon VPC), Amazon Elastic Block Store (Amazon EBS), and Amazon Simple Email Service (Amazon SES). Vodafone Italy uses Amazon Simple Storage Service (Amazon S3) to store approximately 25 GB of log copy and static web content.

Vodafone Italy set up its cloud architecture by creating three Amazon Virtual Private Cloud (Amazon VPC) subnets. Each subnet is located in a different Availability Zone in the EU (Ireland) Region. Marco Noli, Senior Manager for Storm Reply comments, “To ensure reliability, all essential instances have a back-up instance in another Availability Zone, ready to be switched on if needed.”

Since launching TopUp without Login, Vodafone Italy has achieved significant transaction volumes. “The solution has been in place for two years,” says Harak. “We began with about one thousand TopUp without Login requests per day and now we’re up to several thousand per day. Initially, TopUp without Login was available to customers through only one website and one mobile application. Operating the solution on the AWS Cloud gives Vodafone Italy the flexibility to add additional channels, and the telephone company now offers access to TopUp without Login through seven channels, including Facebook and additional mobile and web applications. The cloud architecture also helped enable Vodafone Italy to add additional credit processing services to the solution.

“We always monitor the reliability of our environment and it has always been excellent,” reports Harak. “We’re seeing up to 99.99% availability, which increases the satisfaction level of our customers.” The solution also meets Vodafone’s stringent security requirements. Harak comments, “We have conducted several code reviews and tests to make sure that our solution would be safe and PCI-DSS compliant.”

“Using AWS, we were able to design and launch a security-compliant solution in three months while reducing our capital expenses by 30 percent,” says Harak. “The flexibility and robustness offered by AWS combined with an architecture that enables us to add more channels and payment services is a winning combination.”

To learn more about how AWS can help your web application needs, visit our Web, Mobile, and Social Apps details page: http://aws.amazon.com/web-mobile-social/.

For more information about how Storm Reply can help your company run on the AWS Cloud, see Storm Reply's listing in the AWS Partner Directory.