© 2015 Omise

+

The OMISE Lean Startup Success StoryThe AWS connection

Monday, 2 March, 15

© 2015 Omise+

What is Omise?

Monday, 2 March, 15

© 2015 Omise

Omise did not start from PAYMENT

+Monday, 2 March, 15

© 2015 Omise

Discover huge problem

More difficult = Bigger chance

+Monday, 2 March, 15

© 2015 Omise

Startup always facing limited resources of

- Team- Skill- Fund- Time- Connections- Mentorship

Are you confident you can solve all of these?

Monday, 2 March, 15

© 2015 Omise

Find right VC is not easy.We’ve done over 100 pitched to VCs such as Silicon valley, Japan, Singapore, Indonesia,Thailand and many more oversea VCs.

- Mentorship- Their portfolio- Culture fit- Feeling- Their fund size

+Monday, 2 March, 15

© 2015 Omise

Execute as fast as possible.Roll out your product like an American muscle.This is Startup RACE!

In fact if you can find a good environmentplatform you can accomplish in short period.

Monday, 2 March, 15

© 2015 Omise

How Omise could build in 3 monthsa finance product?

+Monday, 2 March, 15

© 2015 Omise+

Introduction to Omise

Monday, 2 March, 15

© 2015 Omise+

From Idea, to Build, to Launch

2014 2015

2014 July : Omise got the idea to build an awesome payment gateway in Thailand.Close Seed Funding

2014 Aug : Development started

2014 Sep : Launch Sandbox at Echelon

2014 Dec : The final product was launched

2014 Oct : PCI-DSS 3.0 fully certified

2015 Jan~ : Today we have plans to extend in more countries in SEA

IDEA BUILD LAUNCH SCALE

Monday, 2 March, 15

© 2015 Omise+

How did we do it so fast?

The Lean Startup concept, we built and launch fast, iterate on the live product, immediate feedback.

The right TEAM with the right skills, with great working culture.

AWS allowed us to build fast and implement high security infrastructure required for PCI-DSS

Monday, 2 March, 15

© 2015 Omise+

Idea and Team

Omise had the idea to change the payment landscape in Thailand.There was no payment solution in Thailand with a modern restful API, fast support, near instant live activation, secure and fast response.Omise build a skilful team that achieved a fast development of a great code base, working long days and nights with passion.

Monday, 2 March, 15

© 2015 Omise+

AWS helped solve the biggest challenge

The biggest challenge for Omise was to build a secure and stable Payment Gateway API, PCI-DSS Compliant.

PCI-DSS compliance is hard to achieve, in both Software level (app, firewall, logging) and Hardware level (co-location, rack, physical access)

AWS being a PCI-DSS level 1 compliant service provider, lets us not have to worry about physical implementation of PCI. No investment required.

Monday, 2 March, 15

© 2015 Omise

PCI-DSS Physical Requirements

- Datacenter Security

- Biometric access

- CCTV

- Power Backup

- Network security

- Cabling, routers isolation

- Virtualization isolation

- Security of Host OS

- Disaster Recovery

Monday, 2 March, 15

© 2015 Omise

Building the Infrastructure with AWS

0

250000

500000

750000

1000000

AWS Reserved Instances Build in TH

฿1,000,000

฿90,000

Initial Investment to build infrastructure

0

1.5

3

4.5

6

AWS Build in TH

6 Months

3 Months

Time to build infrastructure

Monday, 2 March, 15

© 2015 Omise

Monthly operational costs

0

30000

60000

90000

120000

AWS Build in TH

฿120,000

฿30,000

Monthly cost

AWS allows us to operate at 1/4 the cost if we have to co-locate and use Leased lines in Thailand on our“Mini Datacenter”

We use reserved instances with mixture of partial upfront and and no upfront.

4 x RDS Reserved instances (multi-AZ)30 x EC2 Reserved Instances80 x EBS Volumes (some are encrypted) 4 x ELBs

Monday, 2 March, 15

© 2015 Omise

What if we did it by our self?If we had to build the hardware and network infrastructure for our payment gateway, being PCI Compliance, the estimate would be…

TIME

6 Month

Investment

1 Million THB (minimum)

Monthly

120,000 THB (minimum)

Monday, 2 March, 15

© 2015 Omise

With AWSWith AWS we would pay the same every month, have auto-scaling, Gbps uplink, cdn, better redundancy (ebs+s3), global network (Singapore).* Upfront down payments for reserved instances

TIME

3 Month

Investment

100,000 THB *

Monthly

30,000 THB (minimum)

Monday, 2 March, 15

© 2015 Omise

Scalability and Deployments

We use Opsworks and CHEF to deploy code, build servers and auto-scale.This allows us to build the whole infrastructure from a DB backup in 1 hour!

1 - Create Stack from our JSON2 - Create VPC with PCI settings3 - Build Security Groups4 - Build EC2 Instances with Chef5 - Deploy Code6 - Update DNS in Route53

All this can be achieved in 1 hour if we use C3/C4 instances. Longer if using slower instances.

Monday, 2 March, 15

© 2015 Omise

Reliability and FailoverAWS features for reliability and failover:

1 - Auto-Healing instances (Opsworks) : When an instance stops responding, stop it and and build a new one automatically.

2 - RDS Multi-AZ deployment: If primary DB faces a failure or crashes, the replica will be automatically promoted to master.

3 - Seamless DB upgrade and resizing (RDS): Slave db is upgrade, then promoted to master, Master is upgraded, synced and re-promoted back.

4 - Round Robin DNS (Route53): Distribute traffic between the two Availability zones in Singapore

RDS is a state of the art database service, you should use it for any critical application.

Monday, 2 March, 15

© 2015 Omise

Achieving Security

- VPC: Segment our network, no external IP, hide servers from the dangerous WWW :)

- ELB: Hide internal proxy IPs and balance traffic between availability zones.

- Security Groups and ACL: Implement Firewall rules and Access controls

- App Servers are hidden behind 3 layers of proxying- Access only by VPN + Authy

Monday, 2 March, 15

© 2015 Omise

AWS Business Support

Exchanged architecture diagrams with AWS engineers for feedback and advices.

AWS reserved instances can reduce our costs even further (36% on 1 year term, 54% on 3 years term)

Monday, 2 March, 15

© 2015 Omise

+Thank you

Monday, 2 March, 15

© 2015 Omise

The cost of building our self (TH)

Servers and Backup: 320,000 BahtRack, Backup Power: 100,000 BahtBiometric, Security, CCTV: 80,000 BahtRouters, Cable, networking: 50,000 BahtDedicated Leased Lines: 40,000 Baht/monthCo-location + Surveillance: 20,000 Baht/monthExtra Labour (3 months extra): 450,000 Baht

Total: 1.0 MB

Monday, 2 March, 15