Unlocking FinTech Efficiency: Achieving PCI Compliance 3x Faster and Saving 53% with base2Services
"When we started the company we had very demanding PCI compliance challenges to overcome and knew we didn't have the resources to solve them in-house. We got this expertise from base2Services. Not only did they build a compliant environment very quickly, they also implemented a high degree of automation to maintain continuous compliance"Robert Owens, Chief Solutions Officer & Co-Founder
A bit about Parakeet
Parakeet is a B2B early payments platform that takes the headache out of getting paid on time while increasing earnings and creating immediate cash flow and administrative relief for its customers.
Parakeet's cloud-native SaaS offering provides an easy-to-configure payment platform so businesses can create a digital wallet, configure invoice automation, add supplier profiles and automate and incentivize early payments, as well as many other payment capabilities.
What Parakeet needed
Any SaaS application that deals in finance needs to be reliable, relevant, and above all else, secure.
As a payment platform, Parakeet has to comply with the Payment Card Industry Data Security Standard (PCI DSS), a global information security standard for companies dealing with major credit cards. Achieving this compliance requires Parakeet to have highly secure, regularly monitored systems and networks that enforce vigorous access controls.
Parakeet knew it wanted to deploy on AWS, but it lacked the technical resources to meet production readiness and its explicit cloud goals with certainty. They needed to add cloud platform and security expertise to the team so the Development Team could focus on product functionality, without incurring significant costs hiring new engineers so they could:
- Ensure its rigorous PCI DSS security requirements could be met in a highly scalable and available environment
- Take its Kubernetes application deployment workflow from on-prem into the cloud
- Implement DevOps processes, pipelines and automation leveraging the cloud architecture
- Accelerate time to market
- Receive ongoing management of the environment
By teaming up with base2Services, Parakeet extended their team with expertise spanning the AWS platform and that provides ongoing cloud, security, DevOps and automation support as the business grows.
What base2Services delivered
From the beginning base2Services has been an integral part of the team. The collaboration ensures that each of Parakeet’s security, compliance, deployment and quality assurance goals are met, and the company has a strong capability to continuously manage cloud security and DevOps automation as they grow.
Parakeet’s most immediate concern was rapidly achieving and continuously maintaining PCI DSS compliance so they can do business using the services of major global card brands like Visa, Mastercard and American Express.
As part of Parakeet’s DevOps as a Service plan, base2Services architected a secure and highly automated cloud dev, test and production environment that was PCI compliant using multiple AWS services in conjunction with base2Services’ open source software and tools. More specifically:
- base2Services built Parakeet a managed Amazon Elastic Kubernetes Services (EKS) platform and the pipelines to build and deploy their applications into it. The containerized workloads enable clustered security, high availability and quick access to new updates from AWS. The environment also makes it easy for Parakeet to build and deploy microservices to Kubernetes, providing them with a production- ready Platform-as-a-Service to build applications and microservices on top of.
- A major requirement for Parakeet was continuous integration and continuous deployment to the cloud, base2Services implemented a Jenkins CI/CD automated pipeline to Parakeet's Elastic Kubernetes Services through which their software is developed, updated, tested and committed confidently to production securely and without error. This service also makes use of base2Services' extensive Jenkins shared library functions. The workflow ensures that nothing reaches the production environments without administrator approval and without being tested first.
- Several AWS managed cloud security services were also orchestrated and automated by base2Services to meet the FinTech start up's PCI DSS requirements. This included the design of Amazon's GuardDuty, AWS Cloudtrail, AWS Key Management Service (KMS), Amazon CloudWatch and AWS WAF cloud security services into a configured, coordinated suite of controls that manages intrusion detection; governance, compliance a auditing; encryption; monitoring and alerting; and frontline attack prevention.
These AWS configurations are complemented by base2Services' proven applications and tools for source code version control, database backups and other dev-essential automation tools, as well as a key PCI DSS intrusion detection system, OSSEC.
Introducing the underlying systems and policies to achieve compliance is complicated, time consuming and expensive for companies that do not already have explicit Infrastructure as a Service (IaaS) technical skills in-house.
base2Services expertise in cloud deployment, management and security means Parakeet was able to achieve continuous PCI DSS compliance in only 6 weeks, gain access to the latest cloud services and make big savings by not having to hire new IaaS technicians or divert the focus of existing staff.
The innovations base2Services has brought to the partnership enable Parakeet to do business securely and rapidly. As a result Parakeet have become an approved Xero integration partner which will accelerate their growth and is a significant achievement for their business.
As an extension of Parakeet’s team, base2Services designs and manages the cloud and security infrastructure in direct collaboration with Parakeet’s engineers. As part of DevOps as a Service, base2Services will continuously enhance the delivered solution, provide new capabilities as Parakeet’s needs change, and provide global 24/7 support across the whole environment.
See the impressive results
- Built and implemented a PCI DSS compliant environment 3x faster than if done on their own
- PCI DSS compliance process completed in just 6 weeks
- Fully operational AWS Elastic Kubernetes Service along with CI/CD pipelines to enable faster time to market
- Avoided need to hire 2 full- time cloud engineers, saving >$200,000 a year which can go into product features
- Cloud cost savings of 53% on dev and test environments due to base2Services’ flexible AWS spot instances configuration
- Enabled them to go from ideation to a customer-facing product (production) in less than 3 months
- Greatly increased potential customer base through the successful selection as approved integration partner for Xero
- PCI DSS Compliance process completed in just 6 weeks
- $200,000 Savings in Staffing Costs
- 53% Cost Reduction for Dev/Test Environment
"It was awesome to have a team of experts who proactively worked with us to achieve PCI Level 1 Compliance. It only took 6 weeks to achieve which was a great outcome"Charles Wong, CEO & Co-Founder