How Wallester Meets Security and Compliance Standards Faster Using AWS

Creating Wallester’s own data center required substantial financial investment and resources, to manage it and keep it running—while also being flexible. Meanwhile, the cloud would make it easy to build a scalable solution that could seamlessly expand in multiple regions and keep costs low. Wallester’s IT team, which had past positive experiences building on AWS, wanted a cloud provider that was already meeting the demanding requirements of other high-profile organizations. The company turned to AWS as its preferred cloud provider for building a secure, scalable, and reliable BaaS platform.

Wallester started with essential services, such as Amazon Elastic Compute Cloud (Amazon EC2), Amazon Elastic Kubernetes Service (Amazon EKS), AWS CodeBuild, and Amazon Relational Database Service (Amazon RDS), and later implemented complex security services, including AWS Key Management Service (AWS KMS) and AWS CloudHSM (CloudHSM).

From the beginning, the company found the process of establishing its infrastructure within AWS to be clear and intuitive. On the rare occasions when the firm needed help, AWS teams provided immediate support—from quickly solving minor challenges to working through more complex questions—so that the team could continue to move forward at a productive pace.

Managing regulatory compliance is a complex and challenging task for financial institutions. Failing to meet regulations can have serious consequences—particularly with companies operating globally. To ensure compliance, companies sometimes need to hire specialized staff and deliver extensive training, resulting in a significant amount of resources dedicated to effective risk management.

For example, Payment Card Industry Data Security Standard (PCI-DSS) certification is a set of requirements designed to protect credit card information. But certification requires enormous preparation and resources. Wallester needed to solve the encryption of the hardware security module (HSM), which is mandatory for use in the card world. CloudHSM helped to meet the corporate, contractual, and regulatory compliance requirements for data security. This way, along with AWS KMS—which is already PCI-DSS compliant—the company can fulfill the main security requirements for the storage of card data in its databases. As a result, Wallester reduced the cost of owning and managing regular on-premises HSM modules. Without the burden of building and managing physical security systems, the firm can focus directly on customer needs, providing the most secure and technologically advanced embedded financial solutions in the modern fintech market.

The automated compliance and security capabilities provided by AWS helped Wallester become one of the first financial service providers in the world to receive PCI-DSS certification and enable payment transactions in the cloud. Additionally, it has become the first financial cloud operator to be certified by the Estonian Financial Supervisory Authority (FSA). Sergei Astafjev, Wallester co-founder and chief executive officer (CEO), says, “AWS’s key strengths are the compliance support they offer, as well as the shared responsibility model. This saved us a lot of energy and brought huge benefits to our business in the shortest possible time.”

In addition to helping fintech firms achieve PCI-DSS certification, AWS maintains nearly 100 security standards and compliance certifications, with encryption available for all 117 services that store customer data. Moreover, AWS participates in the voluntary Security, Trust, Assurance and Risk (STAR) program of the Cloud Security Alliance (CSA) to document compliance with best CSA-published practices.