Cloud technologies entered into banking pretty recently — owning servers and entire data centers seemed a more familiar option for this area. But over time, cloud security solutions have become so innovative that they can help carry out transactions even in conditions of shelling, blackouts and other emergency situations. And according to IBM's CloudPath Survey, by 2024, most banks will spend a quarter of their IT budget on the public cloud.

In this article, you will find out how banking clients' path to the cloud takes place every time they touch the terminal with their card or phone.

Taking cloud to the store — how card payments work

If you pay with a card or NFC on your gadget, you are already using cloud services.

Inside the plastic card, there is a microprocessor and an antenna. This microprocessor hosts its own operating system with a special payment application and a small card client database. When this system gets in contact with the terminal, the program is activated and transmits encrypted data to the terminal through a specific radio frequency. From it, the information is then sent to the bank's system, where it is verified whether there are enough funds in the account, and a payment report is sent in turn to the terminal owner's account. It is usually this process that takes place on the cloud capacities.

Thus, if the server where the bank's database and verification services are located does not work, then the payment does not go through, because the user and his account cannot be verified. That is why, especially during a full-scale invasion and blackout, banks needed cloud solutions, and the National Bank of Ukraine allowed certain data to be stored in clouds both in Ukraine and abroad.

The same principle applies when paying via the Google Pay and Apple Pay systems. The bank card is linked to such a payment service, payment access keys are stored on the gadget and in the cloud account, which then forward the request to the bank card data. Via NFC wireless technology, this information is sent to the terminal, and then to the bank.

Bank card elements arrangement

What exactly are banks moving to the cloud?

In fact, it is not only databases and the verification process required for payment that can be migrated. It is often also a solution for processing Big data to identify patterns of customer behavior and suspicious activity: on the cloud, data can be collected from various resources and then unified, users can be divided into separate groups, with each of them receiving separate offers and personalized messages.

Considerable capacity is required from the moment the client submits an application for opening a bank account, when the person and his documents are checked, and a card is issued for him. Financial monitoring of clients can also be carried out on the cloud infrastructure.

Advantages of cloud solutions for financial institutions:

• Strict safety standards. To be able to host banks' data, cloud operators must have PCI DSS certificates, comply with national legislation (e.g., have a certificate of compliance with the CSIP and follow the NBU regulations, if it is a Ukrainian provider). This guarantees reliability and reduces the burden on banks, which will not need to monitor the requirements update for infrastructure on their own. In GigaCloud, the clouds for banks are located in special shielded modules, preventing unauthorized interference in their work and physical damage, and of course they are certified according to all requirements.
• Business continuity. Even in case bank branches are closed, employees work remotely, and there is no electricity in most of the city, transactions are carried out, because the exchange of information takes place in data centers that are reliably protected from most force majeures. Also, during periods of peak loads (in particular, on major holidays), banks can deploy additional capacities in the cloud to process numerous requests without stopping the system.
• The possibility of integration with other products and innovative developments through API. It is easier to implement the principle of open banking in the cloud - it is developing rapidly all over the world, and in Ukraine the National Bank of Ukraine has already approved the concept of open banking, which will come into force in 2025. It regulates the exchange of data between the bank and third parties (fintech companies, budgeting applications and other financial instruments). The cloud makes this data exchange safer and faster — it's easier to control levels of access to information, it's possible to close those accesses when needed, and responses to data requests can be instant.
• Automatic fraud detection. In the cloud, the operator itself provides services for preserving the integrity of the data it hosts, and the bank's security service employees do not have to independently solve problems 24/7. In addition, cloud power allows you to place complex protection systems that would not slow down the server. For example, after the data of more than 100 million Capital One customers was hacked in 2019, this American bank decided that 8 of its own data centers were no longer enough to maintain security. The system is now cloud-based and uses machine learning technologies to identify suspicious activity. In addition, the cloud made it possible to increase the capacity of the system during the holiday spending of customers, as well as to start implementing a plan to transfer call center operators to full remote work.

One of the 8 Capital One data centers that had to be maintained and which the bank then replaced with clouds

The more clouds, the better

To ensure uninterrupted operations and faster recovery in case of force majeure, not just one operator, but a multi-cloud approach is used. For example, one of the largest financial institutions in the world, JPMorgan Chase, has as many as 4 different cloud solutions: from Amazon, Google, Microsoft and its own private cloud. It is generally desired for banks to have backup functions and place these copies in clouds and data centers that are physically located in different cities or even countries and controlled by different providers — so there is less risk of downtime and data loss.