Customer Stories / Financial Services / Singapore
2C2P Delivers Scalable and Secure Payment Processing with AWS CloudHSM
Discover how the Singapore-based payments platform's strategic integration of AWS bolstered scalability, while ensuring seamless payment processing and fortifying customer trust.
100%
Uptime for e-commerce transactions
20x
Improvement in scalability
100x
Increased transaction throughput
US$250K
Saved on FIPS 140-2 Level 3 security certification through AWS CloudHSM
Overview
The number of internet users surged from under three million in 1991 to about 300 million by the end of the decade. A quarter of these users purchased goods online and spend around US$110 billion per year on average. However, in Southeast Asia, a crucial challenge is a lack of secure payment options.
Established in 2003, fintech startup 2C2P started its operations in Thailand to provide secure and efficient payment solutions to merchants across the region. Over the next 20 years, the company transformed into a full-suite payments platform catering to the diverse needs of the region through mobile, online, and traditional offline channels. Now based out of Singapore, 2C2P is present in eight markets in Asia, supporting more than 250 payment channels, including alternative payment touchpoints in 400,000 locations across Asia Pacific.
In 2014, 2C2P recognized the escalating demand for secure business-to-business payment services. The company decided to improve the scalability of its card holder authentication system by migrating to Amazon Web Services (AWS). This transition facilitated the seamless and secure processing of millions of monthly payment transactions, enhanced the customer experience, and accelerated the acquisition of new customers.
Opportunity | Surmounting On-Premises Constraints by Migrating to AWS
The number of transactions facilitated by 2C2P rose by up to 300 percent between 2020 and 2022. During peak periods, such as festive seasons and major sales, payment transactions would spike by as much as 600 percent. With 2C2P’s card holder authentication system deployed on an on-premises infrastructure, it was unable to accommodate the increase in traffic, which led to service disruptions every six to 12 months. Consequently, payment authentication could not be verified, impacting both consumers’ online purchases and merchants' revenue. Additionally, these disruptions often required five technicians, taking up to five hours to resolve.
Moreover, considering the sensitive financial information involved in payment transactions, the hardware security modules (HSM) had to be Federal Information Processing Standard 140-2 Level-3 (FIPS 140-2 Level-3) certified for security and compliances purposes. This is a United States government computer security standard used to approve cryptographic module for protecting sensitive information. The certification’s device costs up to US$250K and required up to 12 weeks to complete. This time-consuming process impeded 2C2P’s ability to quickly and efficiently scale its on-premises resources.
The on-premises infrastructure also incurred annual expenses of up to US$50K to manage. To handle this, the company assigned two staff members for operation and maintenance, resulting in up to 16 man-hours per month set aside for system upkeep.
To address these challenges, 2C2P sought a highly secure, reliable, scalable, and cost-effective solution to enhance its infrastructure and better serve its customers.
Through AWS, we've unlocked the power to securely, dynamically, and compliantly scale to meet the surge in payment transaction volumes. AWS CloudHSM plays a pivotal role in fulfilling compliance requirements and propelling us toward accelerated business expansion."
Myo Zaw
Chief Technology Officer, 2C2P
Solution | Facilitating Effortless Scaling, High Availability and Security Compliance
2C2P used Amazon Elastic Kubernetes Service (Amazon EKS), a managed Kubernetes service, to process the increased transaction volumes in its card holder authentication system. With Amazon EKS, 2C2P can dynamically scale its applications by up to 20 times for high availability and uninterrupted service for its customers. This helps 2C2P meet surging payment transaction activities, all while maintaining seamless operations.
Since migrating to AWS, 2C2P is able to manage up to 100 times transactions per second, in addition to a 300 percent faster response time. As a result, the company can now support more customers and payment transactions, which in turn drives revenue growth.
With 2C2P's services being expanded across Asia Pacific, the company also harnessed AWS Global Accelerator, a service that directs user traffic to the nearest AWS endpoint. This intelligent routing minimizes latency, optimizes the payment platform's global performance, which ultimately enhances the overall customer experience with a faster transaction process.
With AWS Lambda, a serverless compute service, 2C2P can now efficiently execute code without provisioning or managing servers. This means that operations and technical support staff are now freed to focus on higher-level tasks, such as innovating new services that drive business excellence.
On the security front, 2C2P uses AWS CloudHSM, a cloud-based HSM service, to generate, store, and manage cryptographic keys in a secure and tamper-resistant environment. By implementing FIPS 140-2 level 3-certified HSMs, the company has further fortified its data protection. Meanwhile, 2C2P also uses AWS Shield, a managed Distributed Denial of Service (DDoS) protection service, and AWS Secrets Manager, a cloud-based secret manager, to safeguard against evolving cyber threats. Specifically, AWS Shield helps to minimize DdoS attacks on its websites and application, and AWS Secrets Manager manages all of 2C2P’s passwords, API keys and other secrets in a single location to protect sensitive credentials and minimize vulnerabilities to critical systems. Ultimately, customers transactions are kept secure, private, and confidential.
Outcome | Strengthening Customer Experiences through Innovative Services
With AWS CloudHSM processing and validating payment requests at a faster rate, 2C2P’s customers can now experience a more seamless and reliable payment experience across various payment channels. Card-issuing banks is also able to process more payment transactions reliably and securely.
Looking ahead, 2C2P plans to use AWS CloudHSM, coupled with artificial intelligence and machine learning, to serve other high traffic services such as automated documentation analysis and recognition and digital signature scanning. The goal is to detect and block forged documents being validated during payment requests, which in turn minimizes fraud risks for issuing banks and customers.
“Through AWS, we've unlocked the power to securely, dynamically, and compliantly scale to meet the surge in payment transaction volumes. AWS CloudHSM plays a pivotal role in fulfilling compliance requirements and propelling us towards accelerated business expansion,” said Myo Zaw, Chief Technology Officer of 2C2P.
Learn More
To learn more, visit thinkwithwp.com/financial-services.
About 2C2P
2C2P is a full-suite payments platform helping global businesses securely accept payments across mobile, online, and offline channels. Founded in 2003 in Bangkok, the Singapore-headquartered company operates globally, and is present in eight markets across Asia.
AWS Services Used
AWS CloudHSM
AWS CloudHSM helps you meet corporate, contractual, and regulatory compliance requirements for data security.
Amazon Elastic Kubernetes Service
Amazon Elastic Kubernetes Service (Amazon EKS) is a managed Kubernetes service to run Kubernetes in the AWS cloud and on-premises data centers.
Learn more »
AWS Shield
AWS Shield is a managed DDoS protection service that safeguards applications running on AWS.
Learn more »
AWS Secrets Manager
AWS Secrets Manager helps you manage, retrieve, and rotate database credentials, API keys, and other secrets throughout their lifecycles.
Learn more »
More Financial Services Customer Stories
Get Started
Organizations of all sizes across all industries are transforming their businesses and delivering on their missions every day using AWS. Contact our experts and start your own AWS journey today.