設計可擴展-安全的創新金融科技-FinTech-應用-深入探討現代化的數位支付服務

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
設計可擴展、安全的創新金融科技 (FinTech) 應用：
深入探討現代化的數位支付服務
Yi-an Han
Manager, Territory Business Development
AWS
2 0 1 9 A W S T a i p e i S u m m i t – I n d u s t r y T r a c k - F i n T e c h
Joseph Liao
Vice President
Cherri Tech 喬睿科技

Agenda
Part A: Yi-an Han – AWS Manager, Territory Business Development
- Latest trends in Financial Services and FinTech industry
- Build payment applications on AWS
- Security and compliance needs for financial industry
- How does AWS help financial institutions and FinTech startups innovate
Part B: Joseph Liao, Cherri Tech’s Vice President
- 喬睿科技Cherri Tech背景介紹
- 支付市場現況與選擇AWS的過程
- 如何使用 AWS

New forms of risk
are constantly
emerging.
Consumers have higher
expectations and more
choices.
Data is revealing go-to-
market and cost-saving
opportunities.
The Financial Services industry continues to evolve

FinTech startups have also found a home on AWS.
“ ”Banks aren’t being disrupted by FinTech technology, they’re being disrupted by customer expectation
— McKinsey & Company
of the 2018
Forbes FinTech 50
use AWS
100%
Launched its exchange on
AWS, including real-time
analytics processed by Amazon
Kinesis
Built a secure big data
storage and analytics
system on AWS
Launched a scalable
trading app,
transacting over $1B
Relies on the security best
practices and auditability of
AWS to run its PCI-compliant
payment platform
Adopted AWS for the
service quality and the
resilience it required,
at a variable cost
Uses AWS managed
services to process data
at scale while reducing
operating costs
FinTech startups have also found a home on
AWS.

Cloud is enabling transformation and innovation in the industry
Customer
experience &
digital channels
As financial institutions better understand their ability to meet regulatory compliance
obligations when operating in the cloud, they are increasingly focused on leveraging the
cloud to transform existing businesses and bring innovative new solutions to market.
Grid &
high-performance
computing
Data lakes &
agile analytics
Core systems
transformation
AI/Machine
Learning
Blockchain
& DLT
Widespread
adoption today
Gaining traction
Cloud is enabling transformation and innovation in the industry

FIs are aggressively moving grids to the cloud for scale and flexibility.
Cloud-enabled grids are providing burst capacity and the ability quickly to run large compute jobs and
complex simulations.
Compute-intensive calculations
• More granular risk factors
• Wider range of scenarios
• More historical data
• Real-time pricing and valuation
capabilities
Broad regulatory requirements
• Comprehensive Capital Analysis and
Review (Banking/Dodd Frank)
• Solvency Capital Requirements
(Insurance/Basel II)
• Fundamental Review of the Trading
Book (Insurance/Basel III)
Diverse risk analysis models
• Market risk
• Credit risk
• Liquidity risk
Elastic cloud-based compute grids comprising multiple compute types
+ +
=
FIs are aggressively moving grids to the cloud for scale and
flexibility

Doing more with data by performing agile analytics in the cloud.
Cloud-based data lakes and interactive querying services are enabling financial institutions to run
analytics more quickly and easily, without building and maintaining data warehouses.
Heterogeneous
data types
Amazon S3
data lake
Amazon
Athena
Ad-hoc
queries
> > > Key Features
• Serverless
• No ETL
• No spin-up time
• Fast, ad-hoc queries
Doing more with data by performing agile analytics in the
cloud

AI and ML are the next edge in digital innovation.
Compliance, Surveillance,
and Fraud Detection
Document
Processing
Pricing and Product
Recommendation Trading
Financial institutions are increasingly investing in AI/ML thanks, in part, to the availability of
cost-effective, easy-to-use, and scalable cloud-based AI/ML services.
Customer Experience
• Credit card/account
fraud detection
• Sales practices/
transaction surveillance
• AML/Sanctions
• Investigations
optimization
• Regulatory mapping
• Common financial
instrument
taxonomy
• Contract ingestion
and analytics
• Financial
information
extraction
• Corporate actions
• Loan/Insurance
underwriting
• Sales/recommendations of
financial products
• Credit assessments
• Portfolio management/
robo-advising
• Algorithmic trading
• Sentiment/news analysis
• Image analysis
• Grid computing
scheduling
• Enhanced customer
service through chatbots
• Call center optimization
• Personal financial
management
Core processing Client facing
AI and ML are the next edge in digital innovation

Cash is still king, but non-cash payments are growing
+10.2%
CEMEA
+30.9%
Emerging Asia
+19.6%
Developing Markets
46.8% overall market share
+6.5%
Europe
+5.6%
Mature Markets
53.2% overall market share
+7.1%
LATAM
+4.3%
NAMER
+7.6%
Mature APAC
Source: World Payments Report 2017, BNP Paribas & Capgemini
Cash still accounts for 43% of global transactions, but non-cash
payments are expected to grow by 10.9% globally by 2020.

The global payments landscape is shifting
Shift to digital
accelerated by
growing smartphone
adoption and new
channels for non-
cash transactions
New non-banks and
Payment Service
Providers (PSPs) offering
payment services and
technology, enabling
transactions outside
traditional channels
Changing customer
demands including
frictionless payments
experience, one-touch
options, and
instant settlement
Progressive changes
among regulators
promoting transparency,
security, innovation,
interoperability, and
competition
The global payments landscape is shifting

Consumer demands are driving payment innovation
Now: Payments as a differentiator
• Firms investing in payments technologies and
processing infrastructure
• Faster, seamless payment experiences and better
use of customer data
• Collaborative payment ecosystem focused on
customer demands
• New payments channels replace cash in small
transactions and increase firm’s revenue
Before: Payments as a commodity
• Small transactions dominated by cash
• Check payments still common
• Most digital payments running on legacy platforms
• Card payments processing handled by credit card
networks
• Payments considered low profit product by banks and
PSPs
Payment providers are adapting to new technologies, payment channels, and customer
demands
Consumer demands are driving payment
innovation

Stripe wanted to make it easier than ever
for developers to process payments via
web and mobile applications.
Stripe now handles billions of dollars
every year, and the company is
valued at over USD $22.5 billion.
Using AWS gave Stripe access to
world-class infrastructure that helped it
scale seamlessly and increase
developer productivity.
Online payment processor
Payment processor Stripe has delivered its PCI DSS-compliant payment
platform on AWS since 2011. The startup relies on the security best
practices and easy auditability of the AWS platform.
Stripe runs its payments platform entirely on
AWS

Mastercard purchased NuData to improve
its fraud prevention techniques by using
passive biometrics to authenticate account
holders’ identities
NuData uses an Amazon S3 Data Lake to
store customer data that are collected
and analyzed in real time using Amazon
Kinesis, Amazon Redshift, Amazon EMR,
and Amazon Athena
By using AWS, NuData is able to
collect and analyze hundreds of
data points which are then used
to authenticate users and protect
customers from fraud
Amazon S3 Amazon Kinesis
Without the tools and techniques we have available on AWS,
these would be much harder problems to solve.
– Robert Capps, Vice President of Business Development, NuData
“
”
NuData is using a data lake to fight fraud

The Brazilian startup introduced a
no-fee credit card, managed with an
app, built and deployed on AWS in
just seven months.
AWS is helping Nubank jump ahead
of traditional banks with AI/ML and
Big Data capabilities powering new
features in their app.
In 2017, Nubank doubled its
customer base to reach 6M, and
over 13M Brazilians have requested
a Nubank card.
The biggest benefit of AWS was time to market. Nubank could only exist
because of the cloud. The resources available that we could use with AWS
were much more advanced than the local cloud providers.
– Marcus Ferreira, Lead Operations Manager, Nubank
“
”
Nubank grew to 3M+ payments customers with
AWS

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I TS U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Security and compliance are
moving from obligation to
advantage.

Certifications & Attestations Laws, Regulations and Privacy Alignments & Frameworks
Cloud Computing Compliance Controls
Catalogue (C5)
🇩🇪 CISPE 🇪🇺 CIS (Center for Internet Security) 🌐
Cyber Essentials Plus 🇬🇧 EU Model Clauses 🇪🇺 CJIS (US FBI) 🇺🇸
DoD SRG 🇺🇸 FERPA 🇺🇸 CSA (Cloud Security Alliance) 🌐
FedRAMP 🇺🇸 GLBA 🇺🇸 Esquema Nacional de Seguridad 🇪🇸
FIPS 🇺🇸 HIPAA 🇺🇸 EU-US Privacy Shield 🇪🇺
IRAP 🇦🇺 HITECH 🌐 FISC 🇯🇵
ISO 9001 🌐 IRS 1075 🇺🇸 FISMA 🇺🇸
ISO 27001 🌐 ITAR 🇺🇸 G-Cloud 🇬🇧
ISO 27017 🌐 My Number Act 🇯🇵 GxP (US FDA CFR 21 Part 11) 🇺🇸
ISO 27018 🌐 Data Protection Act – 1988 🇬🇧 ICREA 🌐
MLPS Level 3 🇨🇳 VPAT / Section 508 🇺🇸 IT Grundschutz 🇩🇪
MTCS 🇸🇬 Data Protection Directive 🇪🇺 MITA 3.0 (US Medicaid) 🇺🇸
PCI DSS Level 1 💳 Privacy Act [Australia] 🇦🇺 MPAA 🇺🇸
SEC Rule 17-a-4(f) 🇺🇸 Privacy Act [New Zealand] 🇳🇿 NIST 🇺🇸
SOC 1, SOC 2, SOC 3 🌐 PDPA - 2010 [Malaysia] 🇲🇾 Uptime Institute Tiers 🌐
PDPA - 2012 [Singapore] 🇸🇬 Cloud Security Principles 🇬🇧
PIPEDA [Canada] 🇨🇦
🌐 = industry or global standard Agencia Española de Protección de Datos 🇪🇸
26
Customers rely on AWS’ compliance with global standards

Terms &
Conditions Transparency
Compliance,
Security Tools
& Services
Security &
Continuity
Assets
Deep
Industry
Expertise
Regulatory
Engagement
Guidance and programs to
help customers quickly set up
robust compliance programs
Tools and assets to
help customers
manage
audit demands
Mechanisms to advocate
for and share best
practices with customers
> >
We also offer customer tools and guidance to enable
compliance

“
”
The on-hand expertise from AWS Solutions Architects allowed us to
validate our best ideas and sense-check any unrealistic ambitions
before we took any expensive wrong turns.
–Anne Boden, CEO, Starling Bank
Starling Bank
is a mobile-only challenger
bank founded in the UK.
Starling Bank is regulated
by the Financial Conduct
Authority and the
Prudential Regulation
Authority. The company’s
vision is to give everyone
in the world the opportunity
to enjoy a healthy financial
life.
• As a mobile-only bank, the AWS was a natural home for Starling Bank, which needed
fast scalability, native security, a resilient architecture, and pay-as-you-use services.
• By building on AWS, Starling Bank is natively compliant with the EU’s PSD2 directive; it
is using open APIs to realize a strategic opportunity through Starling Marketplace, a
launchpad for new payments and banking integrations
• The bank uses AWS for secure virtual server hosting through Amazon EC2; a fully
managed database engine with Amazon RDS; data lake data storage and retrieval with
Amazon S3; and automated cloud services using AWS CloudFormation
• Starling Bank also uses AWS Lambda to automate privilege management for new
releases using Slack
Starling Bank is breaking the banking mold on
AWS

Bank with APIs
25
Insurance
FX
Connectivity
Where I
spend
Mortgages
Loyalty
Loans
Investme
nt

API Tier
• Apply to upgrade access tier
• Allows delegated account access
• There are due diligence checks
• Privacy policy always required
• For higher tiers also terms & infosec

We built everything in the cloud
• Back-end APIs for mobile apps
• Open APIs for developers and partners
• Console for CC and operations
• Back-end ledger, payments
• Connectivity for cards, FPS
• Notifications, messaging
• Customer and fraud analytics
• Entirely in AWS

Resilient architecture in the cloud
• Immutable infrastructure
• Crash-safe
• Chaos engineering
• Practiced incident response

Agenda
• 喬睿科技Cherri Tech背景介紹
• 支付市場現況與選擇AWS的過程
• 如何使用 AWS
• AWS使用情境1：
以EC2 Auto Scaling來因應高峰流量以及非常態運算需求
以CloudFront和API Gateway打造安全、可擴展的服務入口
以合規的AWS基礎設施來更快打造符合PCI DSS的服務
以AWS Direct Connect建立更安全、穩定的連線

使命與背景
• 創立於 2015年4月
• 獲選 2017年 KPMG 全球百大金融科技公司(#69)
• Apple、Google、Samsung 支付在台灣指定合作廠商
• 發卡組織 Visa、Mastercard、AMEX 等之技術合作夥伴
喬睿科技致力於防堵網路交易的偽冒詐欺，提升網路交易的體驗

我們的產品
喬睿科技致力於防堵網路交易的偽冒詐欺，提升網路交易的體驗
Payment Gateway
Experience
Risk Management
Anti-fraud
Tokenization
Secure

支付市場規模現況
據歷年資料統計，
台灣2018年刷卡金額來到 2.8兆新台幣
1,500(B)
2,000(B)
2,500(B)
3,000(B)
2015 16 17 2018
5%
10%
15%
20%
2015 16 17 2018
其中線上交易佔據18%，約 3600億新台幣
3600億 / 客單價 2000 = 1.8億次交易

考量到產業特色及理想系統要求而選擇使用AWS
網路交易量成長快速
電子商務競爭激烈
限時特賣、雙11
偽冒交易層出不窮
更重視交易安全
決定開始使用
AWS 服務
產業特色理想的IT系統
能隨著業務成長
做彈性調整
依業務量做預算控管
定期流量、不定期流量
做資源管理
穩定性

使用EC2 Auto Scaling來根據交易量自動擴展
EC2 - Auto Scaling
能夠協助我們依據每日不同時段的交易數量做腳本設定自動擴展
Server

彈性啟用EC2運算資源處理批次大數據分析需求
大量批次處理型工作 / 非常態使用的運算資源情境
主要需求
即時性：需即時要在1秒內回傳交易結果
批次、定期大數據分析：每天晚上要批次處理大量的交易報表、偽冒資料分析
解決方案透過自動腳本操作 EC2，在需要處理大量資料時再開啟EC2運算資源
方案優點
- 與主交易即時服務做區隔，不會在執行批次的時候影響主服務
- 避免開啟閒置運算資源而造成多於成本

使用API Gateway以及CloudFront來提升安全性
API Gateway & CloudFront
能夠協助我們將主服務位置與路徑巧妙地做隱藏
Request
/transaction/pay
Body : amount
Request
/trade3345678/123
Body : amt
Amazon
EC2
Amazon
API Gateway
Amazon
CloudFront

以API Gateway作為安全的服務入口
同時 API GW - Authorizer 的功能
能夠在請求在進到主服務之前就先做好資料驗證與過濾。
Request
/transaction/pay
Body : amount
驗證 JWE, Checksum, Timestamp
Amazon
EC2
Amazon
API Gateway

AWS合規的服務協助通過PCI DSS認證
PCI DSS 稽核
(Payment Card Industry Data Security Standard)
每年都需要通過 PCIDSS 認證，包含：
1. 機房管制
2. 人員管理
3. 公司資訊安全流程內稽內控
4. 公司對外協力廠商稽核
5. 人力資源聘雇稽核流程
6. 每季一次定期系統滲透掃描稽核
7. 其他
• AWS 提供的機器與機房服務上，
多數有先取得 PCI DSS 的稽核報告
• 針對這點可以減少一部分的檢核項目，
且確保提供的服務符合安全相關規範
• 更多資訊可以參考：
https://aws.amazon.com/tw/compliance/pci-dss-level-1-faqs/?nc1=h_ls

透過AWS Direct Connect專線打造更穩定的連線
AWS Direct Connect
大部分透過 AWS 服務都是使用網路連線
但為了更穩定的網路與問題查找，有時我們會採用專線與客戶連接
1. 固定頻寬
2. 固定節點
3. 異質迴路備援
AWS Direct Connect

AWS Direct Connect提供彈性的頻寬選擇
AWS Direct Connect 已經與地區的網路供應商做好骨幹連結，
我們可以依據服務的用量來決定使用 20M ~ 1G 專線頻寬
AWS 僅依流量收取 Direct Connect 費用
專線的頻寬租賃費用需另外費者線路提供商
AWS Direct Connect

喬睿科技徵才資訊
資深Java後端工程師
資深技術專案/產品經理
資深QA/QC品質保證工程師
https://www.104.com.tw/jobbank/custjob/index.php?r=cust&j=643c446d3638406932343c653a4
0381b82b2b2b6d4438402664j52&jobsource=2018indexpoc
https://www.tappaysdk.com/zh/recruit
公司網站
104 職缺

歡迎聯繫AWS來讓我們協助您的雲端專案！
• 填寫線上問卷
• 與AWS人員立即安排您的系統上雲評估討論
• 利用AWS提供的credit建立您的第一個PoC驗證專案
• 立刻利用AWS與我們合作夥伴提供的免費系統搬遷計畫

設計可擴展-安全的創新金融科技-FinTech-應用-深入探討現代化的數位支付服務

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie 設計可擴展-安全的創新金融科技-FinTech-應用-深入探討現代化的數位支付服務

Ähnlich wie 設計可擴展-安全的創新金融科技-FinTech-應用-深入探討現代化的數位支付服務 (20)

Mehr von Amazon Web Services

Mehr von Amazon Web Services (20)

設計可擴展-安全的創新金融科技-FinTech-應用-深入探討現代化的數位支付服務