YellowPepper Banks on Cloud Power

"That’s why we decided to migrate to the cloud. It was the best solution for us with the staff we had and the budget we had at the time."

YP1-1

PROJECT SCOPE

 
INDUSTRY
Fintech

EMPLOYEES
50+

SERVICES PROVIDED
Google Cloud Platform

Since 2004, YellowPepper has been the leader in mobile financial technology throughout Latin America. Providing payment services in Brazil, Mexico, Colombia, Peru, Ecuador, Bolivia, Dominican Republic, Costa Rica and Trinidad and Tobago, the company began their journey by simply sending out SMS messages.

The organization has evolved from initially providing standardized text banking solutions to supplying nationwide real-time payment systems with switching and processing capabilities. Headquartered in Miami, YellowPepper also has offices in Sao Paulo, Mexico City, Bogota and Quito.

 

From Text Banking to Next-Gen Payment Processing Technology

SMS was a good solution in terms of speed and cost for YellowPepper. But when more banks began requesting this service, the organization transitioned from mobile banking services to hosting and managing a national payment system. YellowPepper struggled with a lean staff and massive growth, knowing it had to make a decision. Buying and maintaining more hardware was not an option. This would require the company’s IT staff to handle everything internally, an unsustainable solution. It was then that the YellowPepper decision makers realized they needed to migrate to the cloud so they wouldn’t be tied to making the upgrades themselves. With a limited staff, they absolutely could not afford it.

For six months, the YellowPepper team analyzed everything about making the transition to the cloud, including overall cost, how to dispose of the existing hardware and software, how to implement proper processes — and what certifications were required. It was a challenging decision-making process, but they knew moving to the cloud was their only option.

YellowPepper, however, did not believe it could make the transition alone. Leadership knew they needed a partner to help them. With a recommendation from Google, the company was introduced to Onix, a Premier Partner and a 12-time Partner of the Year award winner.

 

A Lift and Shift to the Cloud

Google Cloud Platform (GCP), the solution they chose, included a lift and shift for their major applications — and a refactoring for less important code. Based on their current on-premise situation, here’s why the company made that decision.

Security is a big deal to YellowPepper. As an organization handling sensitive credit card information, it’s required to be compliant with the Payment Card Industry Data Security Standard (PCI DSS). When making the decision to migrate to the cloud, its team weighed all security options, including how the network works, how load balancing works — and how to access virtual machines. Then they looked at how they could protect the working environment. They determined they could accomplish this by placing a firewall inside those security-sensitive projects, and then moving everything to the firewall where it interfaces with the internet.

Culture was another factor. Having physical servers on-site, employees were instructed not to touch them, keeping them somewhat secure, because it was unlikely that anyone would inadvertently disconnect a cable. In the cloud, there were different ways to protect their assets, should an employee delete something important.

To limit access, YellowPepper decided to separate applications by environment, with each application housed in a different project. With this structure in place, it created a system for access where an employee could log in to see a project, but lacks the permission to alter or remove a project, adhering to the compliance process. The team also activated two-factor authentication, so if an individual looks at a web page — or accesses the server or VPN, a verification process is required. These measures may seem like inconsequential details, but to remain PCI DSS-compliant, they are giant factors when the company is being audited.

Migrating to GCP was a challenge for YellowPepper. It has a complex mesh because their almost 150 applications communicate with the bank, third parties and other clients. If they were to refactor everything, they would have had to employ more people to rebuild from scratch, or to simply reconfigure. Working with Onix, the company decided to isolate its core applications and then begin moving each individually in order to reduce waste during the migration. Starting with the low-risk-low-impact clients, the migration team ran a test of each one to see what would happen. Once each application had been successfully migrated, they moved on to the next one. Since YellowPepper was migrating close to 100 servers, this process took four months. Next they refactored FTPs, SMTPs and other services that were not as critical.

 

Virtual Machines and Kubernetes Make Life Easier

Almost immediately after moving to the cloud, YellowPepper noticed huge changes in how its business operated. Previously, a developer would request a server; it would take at least two days to fulfill the request. Now, the organization can easily and quickly provide developers with virtual machines with Kubernetes clusters. If someone needs a server the next day, it’s done with two clicks, saving hours of lost time.

The Google Cloud Console is also making life easier for the operations team at YellowPepper. They have better access to security details such as seeing what components and rules are in place. This is integral for their Latin American clients as well. The lag time between Latin America and North America, where YellowPepper is based, is around 75 milliseconds. If that time is increased, it takes longer for something to appear on an individual’s screen.

When YellowPepper moved its servers from on-premise to the Google data center in South Carolina, its team worried about what would happen if the lag time increased. They were pleasantly surprised to learn that the processing in the data center was faster. The lag time was reduced from three to 3.5 seconds to two seconds for a result to appear on the screen. This made their clients happy, as they also benefited from better application stability.

 

What’s Next for YellowPepper

After their successful Google Cloud Platform migration, what’s next for the team at YellowPepper?

The next effort is Kubernetes. The largest YellowPepper client in Brazil needs a bank solution that must be a non-cardholder data environment (CDE), and it must hold credit card information. YellowPepper will be using only Kubernetes for this project, because processing for this type of client can grow rapidly, perhaps ten times in two weeks. There are also down times when processing is slower. Using Kubernetes will allow the project to expand and contract as necessary.

“We are more than happy with the migration and that’s why we want to continue doing business with Onix, because of the security and how efficiently they coordinated the project. We plan to use them for additional projects we have planned,” said Diego Mendoza, Head of Operations. “If you are going to migrate to the cloud, then you have to have a partner to help you through the process because they have the tools, experience and the right people to plan and complete the migration.”

Watch fintech company YellowPepper discuss their move to Google Cloud Platform. 

 

Case studies

CapsicoHealth, Inc.

CapsicoHealth, Inc.

Catalyst Tech Ventures

Catalyst Tech Ventures

Specialty Financial Institution

Specialty Financial Institution

UNICO Technologies Group

UNICO Technologies Group

Large Public University

Large Public University

JP Recovery Services

JP Recovery Services

The Garland Company

The Garland Company

Batteries Plus Bulbs

Batteries Plus Bulbs

Gordon Food Service

Gordon Food Service

Hurley Medical Center

Hurley Medical Center

Whirlpool Corporation

Whirlpool Corporation

University of Notre Dame

University of Notre Dame

United States Holocaust Memorial Museum

United States Holocaust Memorial Museum

Manitoulin Group of Companies

Manitoulin Group of Companies

Macomb County Circuit Court and Clerk

Macomb County Circuit Court and Clerk

Jarlette Health Services

Jarlette Health Services

Grand Traverse County

Grand Traverse County

The Garland Company

The Garland Company

Florida Fish and Wildlife Conservation Commission

Florida Fish and Wildlife Conservation Commission

Dominion Enterprises

Dominion Enterprises