May 31, 2024
Card issuers and cloud migration: six keys to success
The cloud’s advantages are winning over payment providers, but the move demands planning and organizational focus.
Real-time payments get all the headlines, but cards remain a primary method of transaction. In North America, consumers spend an astonishing $3 trillion per year on credit cards—a figure that’s increasing 10% annually.
Despite the impressive numbers, traditional card issuers are at a crossroads. Many feel the squeeze on their legacy systems from growing card transaction volumes, reduced margins and competitors’ digital-first card products.
To stay competitive, they’re considering cloud-native card processing platforms—a move that would have been unthinkable a few years ago due to concerns over cloud’s reliability. But cloud’s scalability and resilience are winning over more providers, as is cloud’s ability to power a modern customer experience (CX). For card issuers, it’s a defining moment as they move to platforms that can help remake their businesses.
To succeed, they’ll need a structured, well-executed cloud migration strategy. Here we’ll highlight the key considerations and success factors.
Why card issuers are feeling the squeeze
Driven by regulations and new business models like BNPL (buy now, pay later), card payments are evolving quickly. Cashless transactions surged during the pandemic, leading to growth in online card transactions and in-store use of digital wallets. Real-time settlement for card-based payments is becoming the norm, and interest in security is increasing adoption of solutions like the 3DS2.0 protocol and card-on-file tokenization.
For traditional card issuers, staying relevant and competitive means re-evaluating the CX they provide with an eye toward such digital capabilities as insights and financial wellness that fintechs deliver with ease.
Cloud’s long list of appealing qualities
What’s cloud’s appeal? Agility, speed and, for some, potential new revenues. Cloud provides issuers on-demand scalability and capacity to meet seasonal spending spikes. Its containerization of card platform applications enables fast expansion into new markets.
What’s more, it helps to reduce initial infrastructure capital, enabling quick turnaround time and customization of core applications for market-specific needs—critical qualities for businesses that need to increase their agility.
For larger issuers, cloud holds an additional benefit: Its containerized, modular architecture enables card processing rails “as-a-service.” Large issuers can gain additional revenues from their card processing platforms by offering plug-and-play experience and process APIs to fintechs and small institutions or merchants looking for private-label cards.
Key considerations and success factors
While there’s plenty of upside, cloud migration takes careful planning and organizational focus. We recommend issuers prioritize the following six areas:
- Assess application readiness for cloud. Issuers considering migration of card processing platforms and applications to cloud must holistically evaluate their business capabilities, CX strategy, back-office operations, and processes. While a few issuers have built cloud platforms and leveraged international expansion as a test bed before migrating existing customers, most issuers choose parallel or phased execution approaches. Organizations should evaluate their platform and application readiness and prepare applications that meet the criteria to move to cloud. This assessment and due diligence of application readiness is referred to as the six Rs of cloud migration: refactor, rearchitect, rehost, retire, retain, and repurchase.
- Big bang versus phased approach. Most financial institutions follow one of two models for migration. In the big bang approach, issuers completely build out the card processing platform with all capabilities—from customer onboarding to account management, transaction processing, billing, and even disputes and collection recovery. Customers and live traffic are then migrated to the platform. The phased migration approach works best for most organizations. It first migrates peripheral applications—like dispute management, statements and billing—to ensure the architecture is proven before migrating core card processing applications.
- Determine whether to build or buy. Determining whether to keep core processing in-house or rely on outsourced vendors—or even hybrid—is an important consideration in formulating a cloud migration strategy. While some larger issuers build card processing platforms in-house, and regional issuers often rely on card processors to manage the same, we’ve recently seen a few larger issuers pivot in strategy and move to card processors that leverage API-first integration models that accelerate the shift to cloud.
- Evaluate data migration and insourcing of data. Issuers’ cloud maturity level and go-to-market strategy will determine whether they choose to use data migration tools from established cloud service providers or bespoke solutions. In cases in which the issuer is newly migrating to cloud or seeking a global presence, or when speed to migrate is critical, it’s advisable to use native tools from established cloud providers like AWS, Azure, and Google Cloud. But the cost for these tools can be high, so we also see issuers leverage lower cost bespoke tools.
- Manage cloud FinOps. Effectively managing cloud costs is crucial for card issuers. Realizing the lower Opex that cloud offers compared to running applications on premises is not always easy. It’s important that governance be established to oversee technology, finance, and product, and that operations are organized to ensure accountability and to step up the realization of business value. FinOps needs to be a function of the cloud transformation office and continued after the migration is completed.
- Implement data security and compliance. The migration of payment infrastructure to cloud has brought increased concerns about security. Cloud payment solutions are highly secure if proper protocols and standards are followed:
- Ensure compliance with data privacy regulations by carefully mapping the data flow across the cloud landscape for each migrated process and capability.
- Request certifications from providers that they use the latest software updates and security features.
- Ensure automated attack responses are in place if issues are detected.
- Conduct timely internal audits to ensure adherence to compliance requirements.
- Ensure compliance with data privacy regulations by carefully mapping the data flow across the cloud landscape for each migrated process and capability.
Watershed moments bring challenge and opportunity. In exchange for a structured, well-executed cloud migration strategy, card issuers gain flexibility, a cost-effective infrastructure strategy, and a card processing platform ready for what’s next.
For more information, visit our report on the Evolution of payments.
Dipayan Ghosh is a Senior Manager in Cognizant's BFS Industry Solutions Group - Cards & Payments with an aptitude for providing holistic and collaborative solutions for the evolving payments industry. He has been part of core groups for implementing country wide real-time payments, fraud & risk management platform, cards processor migration, and ISO20022 migration.
Latest posts
Related posts
Subscribe for more and stay relevant
The Modern Business newsletter delivers monthly insights to help your business adapt, evolve, and respond—as if on intuition