SlideShare a Scribd company logo

Disrupting Traditional Payment Systems Architecture with AWS (FSV320) - AWS re:Invent 2018

Amazon Web Services
Amazon Web Services

In Financial Services, payments have evolved from a commodity into a key differentiator, driven by customer demand for faster, easier, and more seamless payment processing. Expectations from regulators for PCI DSS-compliant workloads have evolved with increased focus on risk reduction, transparency, and standardization. In this space, the need to replace legacy systems, address security concerns, and support a highly seasonal 24/7/365 operation present barriers to innovation. In this chalk talk, we examine how our customers address these concerns by using the AWS Cloud to rapidly build their own scalable payment systems, leveraging PCI DSS-compliant AWS services across compute, database, analytics, and security. Together, we explore traditional design patterns based on our PCI DSS Quick Start, as well as the evolution to managed services, microservices, and serverless services.

1 of 18
Download to read offline
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Disrupting Traditional Payment Systems Architecture with AWS Anthony Galleno Solution Architect AWS Financial Services F S V 3 2 0 Andrew Shortt Solution Delivery Manager AWS Financial Services
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Agenda Rapid Evolution In Payments PCI DSS Compliance PCI Architecture on AWS Serverless Architectures on AWS Q & A
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. The global payments landscape is shifting Shift to digital accelerated by growing smartphone adoption and new channels for non-cash transactions New non-banks and Payment Service Providers (PSPs) offering payment services and technology, enabling transactions outside traditional channels Changing customer demands including frictionless payments experience, one-touch options, and instant settlement Progressive changes among regulators promoting transparency, security, innovation, interoperability, and competition
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Consumer demands are driving innovation Retail and corporate payments customers want faster, easier, digital payments. Now: Payments as a differentiator • Firms investing in payments technologies and processing infrastructure • Faster, seamless payment experiences and better use of customer data • Collaborative payment ecosystem focused on customer demands • New payments channels replace cash in small transactions and increase firm’s revenue Before: Payments as a commodity • Small transactions dominated by cash • Check payments still common • Most digital payments running on legacy platforms • Card payments processing handled by credit card networks • Payments considered low profit product by banks and Payment Service Providers
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Customers Innovating Payments with AWS
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. PCI DSS Compliance “If you accept or process payment cards, the PCI Data Security Standards apply to you.” In order to connect to the major card networks, the system you build must comply with PCI DSS guidelines and be scoped, audited, and reviewed by an on-site PCI Qualified Security Assessor.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. PCI DSS Compliance on AWS Scale Compute to match demand Advanced data storage and analytics Seamless customer experience Model Risk, Credit and lending decisions Build, test, launch new features Serverless/Infrastructure as code Security and compliance Connect payment apps More than 60 AWS services are PCI-DSS compliant. With pay as you go pricing and global availability customers can leverage these services to deliver fast, frictionless payment systems.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. PCI DSS Guidelines on AWS Build Maintain a Secure Network and Systems 1. Install and Maintain a Firewall Configuration to Protect Cardholder Data 2. Do Not Use Vendor-Supplied Defaults for System Passwords and Other Security Parameters VPN Gateway Protect Cardholder Data 3. Protect Stored Cardholder Data 4. Encrypt transmission of cardholder data across open, public networks
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. PCI DSS Compliance on AWS Maintain a Vulnerability Management Program 5. Protect all systems against malware and regularly update anti-virus software 6. Develop and maintain secure systems and applications Implement Strong Access Controls 7. Restrict Access to Cardholder Data by Need to know 8. Identify and Authenticate Access to System Components 9. Restrict Physical Access to Cardholder Data
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. PCI DSS Compliance on AWS Regularly Monitor and Test Networks 10. Track and monitor all access to network resources and cardholder data 11. Regularly test security systems and processes Flow logs Maintain an Information Security Policy 12. Maintain a policy that addresses information security for all personnel
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. PCI quick-start on AWS Availability zone Public Subnet VPC Internet Private Subnet Private Subnet RDS MySQL DB instance NAT gateway Availability zone Public Subnet Private SubnetPrivate Subnet Auto Scaling group Instances Auto Scaling InstancesAuto Scaling NAT gateway RDS MySQL DB instance Auto Scaling group Instances Auto Scaling InstancesAuto Scaling
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Serverless API Development POST /v1/pay GET /v1/preferences/001 paymentbackend.com
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Related breakouts Tuesday, November 27 FSV302 - Transforming Consumer Banking with a 100% Cloud-based Bank 4:45 – 5:45 | Venetian, Level 3, Murano 3205 Thursday, November 29 FSV305 - How HSBC Uses Serverless to Process Millions of Transactions in Real Time 1:00 – 2:00 | Bellagio, Level 1, Grand Ballroom 2
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Serverless API Development POST /v1/pay GET /v1/preferences/001 paymentbackend.com
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. PCI quick-start on AWS Availability zone Public Subnet VPC Internet Private Subnet Private Subnet RDS MySQL DB instance NAT gateway Availability zone Public Subnet Private SubnetPrivate Subnet Auto Scaling group Instances Auto Scaling InstancesAuto Scaling NAT gateway RDS MySQL DB instance Auto Scaling group Instances Auto Scaling InstancesAuto Scaling
Thank you! © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Anthony Galleno gallenoa@amazon.com Andrew Shortt ashortt@amazon.com
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

Recommended

Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
Build a PCI SAQ A-EP-compliant serverless service to manage credit card payme...
Build a PCI SAQ A-EP-compliant serverless service to manage credit card payme...Build a PCI SAQ A-EP-compliant serverless service to manage credit card payme...
Build a PCI SAQ A-EP-compliant serverless service to manage credit card payme...Amazon Web Services
 
네트워크 및 엣지 컴퓨팅 분야 신규 서비스 - 최우형, AWS 솔루션즈 아키텍트 :: AWS re:Invent re:Cap 2021
네트워크 및 엣지 컴퓨팅 분야 신규 서비스 - 최우형, AWS 솔루션즈 아키텍트 :: AWS re:Invent re:Cap 2021네트워크 및 엣지 컴퓨팅 분야 신규 서비스 - 최우형, AWS 솔루션즈 아키텍트 :: AWS re:Invent re:Cap 2021
네트워크 및 엣지 컴퓨팅 분야 신규 서비스 - 최우형, AWS 솔루션즈 아키텍트 :: AWS re:Invent re:Cap 2021Amazon Web Services Korea
 
AWS Business Essentials Day
AWS Business Essentials DayAWS Business Essentials Day
AWS Business Essentials DayAmazon Web Services
 
Build your first blockchain application with Amazon Managed Blockchain - SVC2...
Build your first blockchain application with Amazon Managed Blockchain - SVC2...Build your first blockchain application with Amazon Managed Blockchain - SVC2...
Build your first blockchain application with Amazon Managed Blockchain - SVC2...Amazon Web Services
 
AWS Cloud Adoption and the Future of Financial Services
AWS Cloud Adoption and the Future of Financial ServicesAWS Cloud Adoption and the Future of Financial Services
AWS Cloud Adoption and the Future of Financial ServicesAmazon Web Services
 
Building Mobile Apps with AWS Amplify
Building Mobile Apps with AWS AmplifyBuilding Mobile Apps with AWS Amplify
Building Mobile Apps with AWS AmplifyAmazon Web Services
 
Building-a-Data-Lake-on-AWS
Building-a-Data-Lake-on-AWSBuilding-a-Data-Lake-on-AWS
Building-a-Data-Lake-on-AWSAmazon Web Services
 

Recommended

Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
Build a PCI SAQ A-EP-compliant serverless service to manage credit card payme...
Build a PCI SAQ A-EP-compliant serverless service to manage credit card payme...Build a PCI SAQ A-EP-compliant serverless service to manage credit card payme...
Build a PCI SAQ A-EP-compliant serverless service to manage credit card payme...Amazon Web Services
 
네트워크 및 엣지 컴퓨팅 분야 신규 서비스 - 최우형, AWS 솔루션즈 아키텍트 :: AWS re:Invent re:Cap 2021
네트워크 및 엣지 컴퓨팅 분야 신규 서비스 - 최우형, AWS 솔루션즈 아키텍트 :: AWS re:Invent re:Cap 2021네트워크 및 엣지 컴퓨팅 분야 신규 서비스 - 최우형, AWS 솔루션즈 아키텍트 :: AWS re:Invent re:Cap 2021
네트워크 및 엣지 컴퓨팅 분야 신규 서비스 - 최우형, AWS 솔루션즈 아키텍트 :: AWS re:Invent re:Cap 2021Amazon Web Services Korea
 
AWS Business Essentials Day
AWS Business Essentials DayAWS Business Essentials Day
AWS Business Essentials DayAmazon Web Services
 
Build your first blockchain application with Amazon Managed Blockchain - SVC2...
Build your first blockchain application with Amazon Managed Blockchain - SVC2...Build your first blockchain application with Amazon Managed Blockchain - SVC2...
Build your first blockchain application with Amazon Managed Blockchain - SVC2...Amazon Web Services
 
AWS Cloud Adoption and the Future of Financial Services
AWS Cloud Adoption and the Future of Financial ServicesAWS Cloud Adoption and the Future of Financial Services
AWS Cloud Adoption and the Future of Financial ServicesAmazon Web Services
 
Building Mobile Apps with AWS Amplify
Building Mobile Apps with AWS AmplifyBuilding Mobile Apps with AWS Amplify
Building Mobile Apps with AWS AmplifyAmazon Web Services
 
Building-a-Data-Lake-on-AWS
Building-a-Data-Lake-on-AWSBuilding-a-Data-Lake-on-AWS
Building-a-Data-Lake-on-AWSAmazon Web Services
 
For Partners: Build Your Business on AWS
For Partners: Build Your Business on AWSFor Partners: Build Your Business on AWS
For Partners: Build Your Business on AWSAmazon Web Services
 
AWS Marketplace
AWS MarketplaceAWS Marketplace
AWS MarketplaceAmazon Web Services
 
SRV403_Serverless Authentication and Authorization
SRV403_Serverless Authentication and AuthorizationSRV403_Serverless Authentication and Authorization
SRV403_Serverless Authentication and AuthorizationAmazon Web Services
 
Cloud Adoption in Financial Services
Cloud Adoption in Financial Services Cloud Adoption in Financial Services
Cloud Adoption in Financial Services Amazon Web Services
 
AWS Enterprise Summit Netherlands - Creating a Landing Zone
AWS Enterprise Summit Netherlands - Creating a Landing ZoneAWS Enterprise Summit Netherlands - Creating a Landing Zone
AWS Enterprise Summit Netherlands - Creating a Landing ZoneAmazon Web Services
 
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...Amazon Web Services
 
Migrating to the Cloud
Migrating to the CloudMigrating to the Cloud
Migrating to the CloudAmazon Web Services
 
So You Want to Be an AWS Partner?
So You Want to Be an AWS Partner? So You Want to Be an AWS Partner?
So You Want to Be an AWS Partner? Amazon Web Services
 
Introducing AWS DataSync - Simplify, automate, and accelerate online data tra...
Introducing AWS DataSync - Simplify, automate, and accelerate online data tra...Introducing AWS DataSync - Simplify, automate, and accelerate online data tra...
Introducing AWS DataSync - Simplify, automate, and accelerate online data tra...Amazon Web Services
 
Deep Dive on Amazon Elastic Container Service (ECS) and Fargate
Deep Dive on Amazon Elastic Container Service (ECS) and FargateDeep Dive on Amazon Elastic Container Service (ECS) and Fargate
Deep Dive on Amazon Elastic Container Service (ECS) and FargateAmazon Web Services
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftDavid J Rosenthal
 
Aws 101 A walk-through the aws cloud (2013)
Aws 101 A walk-through the aws cloud (2013)Aws 101 A walk-through the aws cloud (2013)
Aws 101 A walk-through the aws cloud (2013)Martin Yan
 
API Management - Why it matters!
API Management - Why it matters!API Management - Why it matters!
API Management - Why it matters!Sven Bernhardt
 
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...Amazon Web Services
 
Moving Large Scale Contact Centers to Amazon Connect (BAP324) - AWS re:Invent...
Moving Large Scale Contact Centers to Amazon Connect (BAP324) - AWS re:Invent...Moving Large Scale Contact Centers to Amazon Connect (BAP324) - AWS re:Invent...
Moving Large Scale Contact Centers to Amazon Connect (BAP324) - AWS re:Invent...Amazon Web Services
 
Building Your Cloud Strategy
Building Your Cloud StrategyBuilding Your Cloud Strategy
Building Your Cloud StrategyAmazon Web Services
 
Next Gen Innovation: Enhancing your Contact Center with Amazon Connect for t...
Next Gen Innovation: Enhancing your Contact Center with Amazon Connect for t...Next Gen Innovation: Enhancing your Contact Center with Amazon Connect for t...
Next Gen Innovation: Enhancing your Contact Center with Amazon Connect for t...Amazon Web Services
 
Building the business case for AWS
Building the business case for AWSBuilding the business case for AWS
Building the business case for AWSAmazon Web Services
 
AWS 101 and the benefits of Migrating to the Cloud
AWS 101 and the benefits of Migrating to the CloudAWS 101 and the benefits of Migrating to the Cloud
AWS 101 and the benefits of Migrating to the CloudCloudHesive
 
AWS Cloud Migration Insights Forum
AWS Cloud Migration Insights ForumAWS Cloud Migration Insights Forum
AWS Cloud Migration Insights ForumAmazon Web Services
 
Automated Frameworks to Deliver DevOps at Speed and Scale on AWS
Automated Frameworks to Deliver DevOps at Speed and Scale on AWS Automated Frameworks to Deliver DevOps at Speed and Scale on AWS
Automated Frameworks to Deliver DevOps at Speed and Scale on AWSAmazon Web Services
 
Open Banking APIs on AWS
Open Banking APIs on AWSOpen Banking APIs on AWS
Open Banking APIs on AWSAmazon Web Services
 

More Related Content

What's hot

For Partners: Build Your Business on AWS
For Partners: Build Your Business on AWSFor Partners: Build Your Business on AWS
For Partners: Build Your Business on AWSAmazon Web Services
 
SRV403_Serverless Authentication and Authorization
SRV403_Serverless Authentication and AuthorizationSRV403_Serverless Authentication and Authorization
SRV403_Serverless Authentication and AuthorizationAmazon Web Services
 
Cloud Adoption in Financial Services
Cloud Adoption in Financial Services Cloud Adoption in Financial Services
Cloud Adoption in Financial Services Amazon Web Services
 
AWS Enterprise Summit Netherlands - Creating a Landing Zone
AWS Enterprise Summit Netherlands - Creating a Landing ZoneAWS Enterprise Summit Netherlands - Creating a Landing Zone
AWS Enterprise Summit Netherlands - Creating a Landing ZoneAmazon Web Services
 
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...Amazon Web Services
 
So You Want to Be an AWS Partner?
So You Want to Be an AWS Partner? So You Want to Be an AWS Partner?
So You Want to Be an AWS Partner? Amazon Web Services
 
Introducing AWS DataSync - Simplify, automate, and accelerate online data tra...
Introducing AWS DataSync - Simplify, automate, and accelerate online data tra...Introducing AWS DataSync - Simplify, automate, and accelerate online data tra...
Introducing AWS DataSync - Simplify, automate, and accelerate online data tra...Amazon Web Services
 
Deep Dive on Amazon Elastic Container Service (ECS) and Fargate
Deep Dive on Amazon Elastic Container Service (ECS) and FargateDeep Dive on Amazon Elastic Container Service (ECS) and Fargate
Deep Dive on Amazon Elastic Container Service (ECS) and FargateAmazon Web Services
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftDavid J Rosenthal
 
Aws 101 A walk-through the aws cloud (2013)
Aws 101 A walk-through the aws cloud (2013)Aws 101 A walk-through the aws cloud (2013)
Aws 101 A walk-through the aws cloud (2013)Martin Yan
 
API Management - Why it matters!
API Management - Why it matters!API Management - Why it matters!
API Management - Why it matters!Sven Bernhardt
 
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...Amazon Web Services
 
Moving Large Scale Contact Centers to Amazon Connect (BAP324) - AWS re:Invent...
Moving Large Scale Contact Centers to Amazon Connect (BAP324) - AWS re:Invent...Moving Large Scale Contact Centers to Amazon Connect (BAP324) - AWS re:Invent...
Moving Large Scale Contact Centers to Amazon Connect (BAP324) - AWS re:Invent...Amazon Web Services
 
Next Gen Innovation: Enhancing your Contact Center with Amazon Connect for t...
Next Gen Innovation: Enhancing your Contact Center with Amazon Connect for t...Next Gen Innovation: Enhancing your Contact Center with Amazon Connect for t...
Next Gen Innovation: Enhancing your Contact Center with Amazon Connect for t...Amazon Web Services
 
Building the business case for AWS
Building the business case for AWSBuilding the business case for AWS
Building the business case for AWSAmazon Web Services
 
AWS 101 and the benefits of Migrating to the Cloud
AWS 101 and the benefits of Migrating to the CloudAWS 101 and the benefits of Migrating to the Cloud
AWS 101 and the benefits of Migrating to the CloudCloudHesive
 
AWS Cloud Migration Insights Forum
AWS Cloud Migration Insights ForumAWS Cloud Migration Insights Forum
AWS Cloud Migration Insights ForumAmazon Web Services
 

What's hot (20)

For Partners: Build Your Business on AWS
For Partners: Build Your Business on AWSFor Partners: Build Your Business on AWS
For Partners: Build Your Business on AWS
 
AWS Marketplace
AWS MarketplaceAWS Marketplace
AWS Marketplace
 
SRV403_Serverless Authentication and Authorization
SRV403_Serverless Authentication and AuthorizationSRV403_Serverless Authentication and Authorization
SRV403_Serverless Authentication and Authorization
 
Cloud Adoption in Financial Services
Cloud Adoption in Financial Services Cloud Adoption in Financial Services
Cloud Adoption in Financial Services
 
AWS Enterprise Summit Netherlands - Creating a Landing Zone
AWS Enterprise Summit Netherlands - Creating a Landing ZoneAWS Enterprise Summit Netherlands - Creating a Landing Zone
AWS Enterprise Summit Netherlands - Creating a Landing Zone
 
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...
 
Migrating to the Cloud
Migrating to the CloudMigrating to the Cloud
Migrating to the Cloud
 
So You Want to Be an AWS Partner?
So You Want to Be an AWS Partner? So You Want to Be an AWS Partner?
So You Want to Be an AWS Partner?
 
Introducing AWS DataSync - Simplify, automate, and accelerate online data tra...
Introducing AWS DataSync - Simplify, automate, and accelerate online data tra...Introducing AWS DataSync - Simplify, automate, and accelerate online data tra...
Introducing AWS DataSync - Simplify, automate, and accelerate online data tra...
 
Deep Dive on Amazon Elastic Container Service (ECS) and Fargate
Deep Dive on Amazon Elastic Container Service (ECS) and FargateDeep Dive on Amazon Elastic Container Service (ECS) and Fargate
Deep Dive on Amazon Elastic Container Service (ECS) and Fargate
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from Microsoft
 
Aws 101 A walk-through the aws cloud (2013)
Aws 101 A walk-through the aws cloud (2013)Aws 101 A walk-through the aws cloud (2013)
Aws 101 A walk-through the aws cloud (2013)
 
API Management - Why it matters!
API Management - Why it matters!API Management - Why it matters!
API Management - Why it matters!
 
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...
 
Moving Large Scale Contact Centers to Amazon Connect (BAP324) - AWS re:Invent...
Moving Large Scale Contact Centers to Amazon Connect (BAP324) - AWS re:Invent...Moving Large Scale Contact Centers to Amazon Connect (BAP324) - AWS re:Invent...
Moving Large Scale Contact Centers to Amazon Connect (BAP324) - AWS re:Invent...
 
Building Your Cloud Strategy
Building Your Cloud StrategyBuilding Your Cloud Strategy
Building Your Cloud Strategy
 
Next Gen Innovation: Enhancing your Contact Center with Amazon Connect for t...
Next Gen Innovation: Enhancing your Contact Center with Amazon Connect for t...Next Gen Innovation: Enhancing your Contact Center with Amazon Connect for t...
Next Gen Innovation: Enhancing your Contact Center with Amazon Connect for t...
 
Building the business case for AWS
Building the business case for AWSBuilding the business case for AWS
Building the business case for AWS
 
AWS 101 and the benefits of Migrating to the Cloud
AWS 101 and the benefits of Migrating to the CloudAWS 101 and the benefits of Migrating to the Cloud
AWS 101 and the benefits of Migrating to the Cloud
 
AWS Cloud Migration Insights Forum
AWS Cloud Migration Insights ForumAWS Cloud Migration Insights Forum
AWS Cloud Migration Insights Forum
 

Similar to Disrupting Traditional Payment Systems Architecture with AWS (FSV320) - AWS re:Invent 2018

Automated Frameworks to Deliver DevOps at Speed and Scale on AWS
Automated Frameworks to Deliver DevOps at Speed and Scale on AWS Automated Frameworks to Deliver DevOps at Speed and Scale on AWS
Automated Frameworks to Deliver DevOps at Speed and Scale on AWSAmazon Web Services
 
How To Build Credit Card Payment Processing Platform on AWS?
How To Build Credit Card Payment Processing Platform on AWS?How To Build Credit Card Payment Processing Platform on AWS?
How To Build Credit Card Payment Processing Platform on AWS?itio Innovex Pvt Ltv
 
How to Process Transactions Like a Boss! AWS Developer Workshop at Web Summit...
How to Process Transactions Like a Boss! AWS Developer Workshop at Web Summit...How to Process Transactions Like a Boss! AWS Developer Workshop at Web Summit...
How to Process Transactions Like a Boss! AWS Developer Workshop at Web Summit...Amazon Web Services
 
Building Highly Sophisticated Environments for Security and Compliance on AWS
Building Highly Sophisticated Environments for Security and Compliance on AWSBuilding Highly Sophisticated Environments for Security and Compliance on AWS
Building Highly Sophisticated Environments for Security and Compliance on AWSBoyan Dimitrov
 
設計可擴展-安全的創新金融科技-FinTech-應用-深入探討現代化的數位支付服務
設計可擴展-安全的創新金融科技-FinTech-應用-深入探討現代化的數位支付服務設計可擴展-安全的創新金融科技-FinTech-應用-深入探討現代化的數位支付服務
設計可擴展-安全的創新金融科技-FinTech-應用-深入探討現代化的數位支付服務Amazon Web Services
 
Blockchain in Retail (RET217) - AWS re:Invent 2018
Blockchain in Retail (RET217) - AWS re:Invent 2018Blockchain in Retail (RET217) - AWS re:Invent 2018
Blockchain in Retail (RET217) - AWS re:Invent 2018Amazon Web Services
 
Guard Against Fraud and Financial Crime with NICE Actimize & AWS PPT
Guard Against Fraud and Financial Crime with NICE Actimize & AWS PPT Guard Against Fraud and Financial Crime with NICE Actimize & AWS PPT
Guard Against Fraud and Financial Crime with NICE Actimize & AWS PPTAmazon Web Services
 
Presentation Pci-dss compliance on the cloud
Presentation Pci-dss compliance on the cloudPresentation Pci-dss compliance on the cloud
Presentation Pci-dss compliance on the cloudHassan EL ALLOUSSI
 
ENT305 Compliance and Cloud Security for Regulated Industries
ENT305 Compliance and Cloud Security for Regulated IndustriesENT305 Compliance and Cloud Security for Regulated Industries
ENT305 Compliance and Cloud Security for Regulated IndustriesAmazon Web Services
 
Track 1 Session 5_數位創新 市場資料雲端分析與應用(new).pptx
Track 1 Session 5_數位創新 市場資料雲端分析與應用(new).pptxTrack 1 Session 5_數位創新 市場資料雲端分析與應用(new).pptx
Track 1 Session 5_數位創新 市場資料雲端分析與應用(new).pptxAmazon Web Services
 
Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...
Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...
Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...Amazon Web Services
 
Building Enterprise Solutions with Blockchain and Ledger Technology - SVC202 ...
Building Enterprise Solutions with Blockchain and Ledger Technology - SVC202 ...Building Enterprise Solutions with Blockchain and Ledger Technology - SVC202 ...
Building Enterprise Solutions with Blockchain and Ledger Technology - SVC202 ...Amazon Web Services
 
AWS Data Analytics on AWS
AWS Data Analytics on AWSAWS Data Analytics on AWS
AWS Data Analytics on AWSsampath439572
 
AWS IoT for Frictionless Consumer Experiences in Retail (RET201) - AWS re:Inv...
AWS IoT for Frictionless Consumer Experiences in Retail (RET201) - AWS re:Inv...AWS IoT for Frictionless Consumer Experiences in Retail (RET201) - AWS re:Inv...
AWS IoT for Frictionless Consumer Experiences in Retail (RET201) - AWS re:Inv...Amazon Web Services
 
Generational shiftsRedefining Customer Experience And The Way To Insure
Generational shiftsRedefining Customer Experience And The Way To InsureGenerational shiftsRedefining Customer Experience And The Way To Insure
Generational shiftsRedefining Customer Experience And The Way To InsureAmazon Web Services
 
AWS IoT: servizi costruiti per migliorare le performance di business
AWS IoT: servizi costruiti per migliorare le performance di businessAWS IoT: servizi costruiti per migliorare le performance di business
AWS IoT: servizi costruiti per migliorare le performance di businessAmazon Web Services
 

Similar to Disrupting Traditional Payment Systems Architecture with AWS (FSV320) - AWS re:Invent 2018 (20)

Automated Frameworks to Deliver DevOps at Speed and Scale on AWS
Automated Frameworks to Deliver DevOps at Speed and Scale on AWS Automated Frameworks to Deliver DevOps at Speed and Scale on AWS
Automated Frameworks to Deliver DevOps at Speed and Scale on AWS
 
Open Banking APIs on AWS
Open Banking APIs on AWSOpen Banking APIs on AWS
Open Banking APIs on AWS
 
How To Build Credit Card Payment Processing Platform on AWS?
How To Build Credit Card Payment Processing Platform on AWS?How To Build Credit Card Payment Processing Platform on AWS?
How To Build Credit Card Payment Processing Platform on AWS?
 
How to Process Transactions Like a Boss! AWS Developer Workshop at Web Summit...
How to Process Transactions Like a Boss! AWS Developer Workshop at Web Summit...How to Process Transactions Like a Boss! AWS Developer Workshop at Web Summit...
How to Process Transactions Like a Boss! AWS Developer Workshop at Web Summit...
 
Building Highly Sophisticated Environments for Security and Compliance on AWS
Building Highly Sophisticated Environments for Security and Compliance on AWSBuilding Highly Sophisticated Environments for Security and Compliance on AWS
Building Highly Sophisticated Environments for Security and Compliance on AWS
 
設計可擴展-安全的創新金融科技-FinTech-應用-深入探討現代化的數位支付服務
設計可擴展-安全的創新金融科技-FinTech-應用-深入探討現代化的數位支付服務設計可擴展-安全的創新金融科技-FinTech-應用-深入探討現代化的數位支付服務
設計可擴展-安全的創新金融科技-FinTech-應用-深入探討現代化的數位支付服務
 
Blockchain in Retail (RET217) - AWS re:Invent 2018
Blockchain in Retail (RET217) - AWS re:Invent 2018Blockchain in Retail (RET217) - AWS re:Invent 2018
Blockchain in Retail (RET217) - AWS re:Invent 2018
 
Guard Against Fraud and Financial Crime with NICE Actimize & AWS PPT
Guard Against Fraud and Financial Crime with NICE Actimize & AWS PPT Guard Against Fraud and Financial Crime with NICE Actimize & AWS PPT
Guard Against Fraud and Financial Crime with NICE Actimize & AWS PPT
 
New Tools for a New World
New Tools for a New WorldNew Tools for a New World
New Tools for a New World
 
Presentation Pci-dss compliance on the cloud
Presentation Pci-dss compliance on the cloudPresentation Pci-dss compliance on the cloud
Presentation Pci-dss compliance on the cloud
 
ENT305 Compliance and Cloud Security for Regulated Industries
ENT305 Compliance and Cloud Security for Regulated IndustriesENT305 Compliance and Cloud Security for Regulated Industries
ENT305 Compliance and Cloud Security for Regulated Industries
 
Track 1 Session 5_數位創新 市場資料雲端分析與應用(new).pptx
Track 1 Session 5_數位創新 市場資料雲端分析與應用(new).pptxTrack 1 Session 5_數位創新 市場資料雲端分析與應用(new).pptx
Track 1 Session 5_數位創新 市場資料雲端分析與應用(new).pptx
 
Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...
Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...
Enabling a Digital Platform with Microservices Architecture (ARC218-S) - AWS ...
 
Building Enterprise Solutions with Blockchain and Ledger Technology - SVC202 ...
Building Enterprise Solutions with Blockchain and Ledger Technology - SVC202 ...Building Enterprise Solutions with Blockchain and Ledger Technology - SVC202 ...
Building Enterprise Solutions with Blockchain and Ledger Technology - SVC202 ...
 
AWS Data Analytics on AWS
AWS Data Analytics on AWSAWS Data Analytics on AWS
AWS Data Analytics on AWS
 
AWS - Security & Compliance
AWS - Security & ComplianceAWS - Security & Compliance
AWS - Security & Compliance
 
Financial Services in the Cloud
Financial Services in the CloudFinancial Services in the Cloud
Financial Services in the Cloud
 
AWS IoT for Frictionless Consumer Experiences in Retail (RET201) - AWS re:Inv...
AWS IoT for Frictionless Consumer Experiences in Retail (RET201) - AWS re:Inv...AWS IoT for Frictionless Consumer Experiences in Retail (RET201) - AWS re:Inv...
AWS IoT for Frictionless Consumer Experiences in Retail (RET201) - AWS re:Inv...
 
Generational shiftsRedefining Customer Experience And The Way To Insure
Generational shiftsRedefining Customer Experience And The Way To InsureGenerational shiftsRedefining Customer Experience And The Way To Insure
Generational shiftsRedefining Customer Experience And The Way To Insure
 
AWS IoT: servizi costruiti per migliorare le performance di business
AWS IoT: servizi costruiti per migliorare le performance di businessAWS IoT: servizi costruiti per migliorare le performance di business
AWS IoT: servizi costruiti per migliorare le performance di business
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Disrupting Traditional Payment Systems Architecture with AWS (FSV320) - AWS re:Invent 2018

  • 1.
  • 2. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Disrupting Traditional Payment Systems Architecture with AWS Anthony Galleno Solution Architect AWS Financial Services F S V 3 2 0 Andrew Shortt Solution Delivery Manager AWS Financial Services
  • 3. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Agenda Rapid Evolution In Payments PCI DSS Compliance PCI Architecture on AWS Serverless Architectures on AWS Q & A
  • 4. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. The global payments landscape is shifting Shift to digital accelerated by growing smartphone adoption and new channels for non-cash transactions New non-banks and Payment Service Providers (PSPs) offering payment services and technology, enabling transactions outside traditional channels Changing customer demands including frictionless payments experience, one-touch options, and instant settlement Progressive changes among regulators promoting transparency, security, innovation, interoperability, and competition
  • 5. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Consumer demands are driving innovation Retail and corporate payments customers want faster, easier, digital payments. Now: Payments as a differentiator • Firms investing in payments technologies and processing infrastructure • Faster, seamless payment experiences and better use of customer data • Collaborative payment ecosystem focused on customer demands • New payments channels replace cash in small transactions and increase firm’s revenue Before: Payments as a commodity • Small transactions dominated by cash • Check payments still common • Most digital payments running on legacy platforms • Card payments processing handled by credit card networks • Payments considered low profit product by banks and Payment Service Providers
  • 6. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Customers Innovating Payments with AWS
  • 7. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. PCI DSS Compliance “If you accept or process payment cards, the PCI Data Security Standards apply to you.” In order to connect to the major card networks, the system you build must comply with PCI DSS guidelines and be scoped, audited, and reviewed by an on-site PCI Qualified Security Assessor.
  • 8. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. PCI DSS Compliance on AWS Scale Compute to match demand Advanced data storage and analytics Seamless customer experience Model Risk, Credit and lending decisions Build, test, launch new features Serverless/Infrastructure as code Security and compliance Connect payment apps More than 60 AWS services are PCI-DSS compliant. With pay as you go pricing and global availability customers can leverage these services to deliver fast, frictionless payment systems.
  • 9. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. PCI DSS Guidelines on AWS Build Maintain a Secure Network and Systems 1. Install and Maintain a Firewall Configuration to Protect Cardholder Data 2. Do Not Use Vendor-Supplied Defaults for System Passwords and Other Security Parameters VPN Gateway Protect Cardholder Data 3. Protect Stored Cardholder Data 4. Encrypt transmission of cardholder data across open, public networks
  • 10. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. PCI DSS Compliance on AWS Maintain a Vulnerability Management Program 5. Protect all systems against malware and regularly update anti-virus software 6. Develop and maintain secure systems and applications Implement Strong Access Controls 7. Restrict Access to Cardholder Data by Need to know 8. Identify and Authenticate Access to System Components 9. Restrict Physical Access to Cardholder Data
  • 11. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. PCI DSS Compliance on AWS Regularly Monitor and Test Networks 10. Track and monitor all access to network resources and cardholder data 11. Regularly test security systems and processes Flow logs Maintain an Information Security Policy 12. Maintain a policy that addresses information security for all personnel
  • 12. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. PCI quick-start on AWS Availability zone Public Subnet VPC Internet Private Subnet Private Subnet RDS MySQL DB instance NAT gateway Availability zone Public Subnet Private SubnetPrivate Subnet Auto Scaling group Instances Auto Scaling InstancesAuto Scaling NAT gateway RDS MySQL DB instance Auto Scaling group Instances Auto Scaling InstancesAuto Scaling
  • 13. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Serverless API Development POST /v1/pay GET /v1/preferences/001 paymentbackend.com
  • 14. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Related breakouts Tuesday, November 27 FSV302 - Transforming Consumer Banking with a 100% Cloud-based Bank 4:45 – 5:45 | Venetian, Level 3, Murano 3205 Thursday, November 29 FSV305 - How HSBC Uses Serverless to Process Millions of Transactions in Real Time 1:00 – 2:00 | Bellagio, Level 1, Grand Ballroom 2
  • 15. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Serverless API Development POST /v1/pay GET /v1/preferences/001 paymentbackend.com
  • 16. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. PCI quick-start on AWS Availability zone Public Subnet VPC Internet Private Subnet Private Subnet RDS MySQL DB instance NAT gateway Availability zone Public Subnet Private SubnetPrivate Subnet Auto Scaling group Instances Auto Scaling InstancesAuto Scaling NAT gateway RDS MySQL DB instance Auto Scaling group Instances Auto Scaling InstancesAuto Scaling
  • 17. Thank you! © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Anthony Galleno gallenoa@amazon.com Andrew Shortt ashortt@amazon.com
  • 18. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.