Powering the future of payments

Revolutionary platforms require novel approaches

One of Interac’s primary goals is to modernize its popular Interac® e-Transfer service, a secure and convenient way to send money in Canada using online banking, to align with the on-demand, instant transfers customers have come to expect. Operated through member banks and credit unions, Interac e-Transfer transactions are designed to be near real-time but can sometimes take up to 30 minutes to complete depending on the bank or credit union.

Launched in 2021, Interac e-Transfer for Business is an upgraded version of the retail Interac e-Transfer service that is ubiquitous in Canada consumer payments today. Interac e-Transfer for Business includes features such as real-time payment confirmation, account-based payments, a larger, $25,000 limit, and the availability to submit payments through a bulk payment file.

While Interac is busy working to update existing services, the company is also working with Payments Canada as the exchange solution provider for Payments Canada's Real-Time Rail (RTR) project. In delivering these services, Interac knew that upgrading its technology would be critical and would help support the ability to meet strict risk-management standards set by Payments Canada and authorities at the Bank of Canada.

The project simultaneously requires enhancing data security all the way down to the application layer and providing Interac the flexibility to manage both on-premise and cloud-based workloads using a consolidated industry-leading toolchain.

Seamless infrastructure automation enables easier, safer transactions

Eager to kick Interac’s transformation into overdrive, Kliewer and his colleagues sought a scalable, end-to-end infrastructure automation solution capable of supporting everything a digitally enabled enterprise needs to compete: service discovery as part of a larger service mesh, infrastructure as code, hybrid-cloud orchestration, and automated secrets management to strengthen its security posture.

“What we really wanted was a best-of-breed service discovery solution and a comprehensive set of common tools that could create consistency across our internal teams and our external partners,” Kliewer says. “HashiCorp Terraform, Consul, and Vault enable us to realize our company-wide microservices adoption goal while providing the tools, support, and infrastructure we need to build products in a secure, scalable environment.”

Specifically, Terraform and Consul combine to form the foundation of an efficient self-service infrastructure and service mesh environment that dramatically improves the company’s ability to roll out new products, services, and features quickly and securely.

Terraform’s easy-to-learn HCL language along with a Cloud Development Kit (CDK) for familiar programming languages accelerates infrastructure as code adoption, and a private registry allows the experts to compose the infrastructure, validate it, test it, and then be able to publish the results for the rest of the organization to use. These workflows and the extensibility of Terraform to work with all types of infrastructure enable multiple Interac teams to collaborate more closely and reuse code to simplify and standardize deployments of different aspects of products and services.

Meanwhile, Consul helps Interac eliminate time-consuming manual service connections by automatically discovering and securely connecting services developed across on-premises virtual machines, as well as in multiple private and public cloud environments from a central registry. Now, Interac teams can function completely autonomously, leveraging Consul’s self-service capabilities and a real-time directory of running services to deploy a service mesh for efficient and secure application deployment.

“Simultaneously developing a wide range of new products for a host of new markets while enhancing existing ones can easily add unnecessary complexity and time to the process,” Kliewer says. “Consul and Terraform help to automate many of the most time-consuming and difficult elements of those processes and are key pieces to our service mesh puzzle.”

As the future backbone of Canada’s financial transactions system, security and compliance are paramount to the success of any rollout. HashiCorp Vault is designed to deliver automated secrets management as a service, replacing previously inefficient processes.

According to Kliewer, Interac’s reputation as one of the most trusted financial brands in the country has been built largely on the company’s well-documented emphasis on and dedication to safeguarding sensitive information using the latest technology and best practices.

“HashiCorp Vault is an integral part of our security posture because it helps to eliminate the possibility of mistakes in our secrets management that otherwise could occur because of even the smallest error,” he says. “With our goals of achieving ISO 27001 certification and maintaining the reputation we’ve worked so hard to build over the years, the value of HashiCorp Vault as a service across the organization to aid in transforming how we handle cryptographic material and app-level passwords is important.”

Solving tomorrow’s payments problems today

When creating the platform that will eventually support a national payments system, step-by-step benchmarks are hard to come by. The platform needs to be able to handle billions of fast, data-rich payments — giving government and businesses of all sizes the ability to move meaningful sums of money instantly and with certainty.

But Kliewer notes that consolidating and centralizing the infrastructure and secrets tool set made a sizable impact on teams’ daily activities. “Automating deployment with HashiCorp Terraform creates marked increases in overall efficiency as well as our deployment frequency and the general velocity of our operations,” he says. “When you factor in the enhanced service discovery with HashiCorp Consul’s automated authentication and authorization and how HashiCorp Vault greatly reduces the time our security teams used to spend logging in and out of various systems to manage secrets, the return on investment just in productivity is impressive.”

Modernizing its IT environment with HashiCorp solutions is a key step for Interac to achieve its ambitious future objectives and maintain the company’s perch atop the Canadian financial technology market. “HashiCorp has helped us fundamentally transform and mature our IT operations while improving our delivery timelines, productivity, and ability to meet the strictest compliance regulations,” Kliewer says. “Everything we do now is designed to be more seamless, more efficient, and more secure. It’s exactly what we need to get where we ultimately want to go.”