Kundenfallstudie 14:39

Build a secure payment experience for all | Fastly

Präsentiert von
speaker avatar

Arijit Ghosh

Software Engineer, PayPal

twitterlinkedinfacebook

PayPal has become one of the most trusted, versatile payment apps on the web, proving even more crucial in a global economy with limited physical contact. Their goal? To provide the exact same secure, seamless experience to every one of their users around the globe — and they build their .com experience at the edge to ensure that consistency. Hear how caching dynamic logic helps them deliver billions of trusted transactions a day, and get a sneak peek of some of the team’s more experimental projects, including in-store contactless payments.

Building trust into every transaction

Discover why financial apps and institutions choose Fastly to secure and deliver their online experiences.

Videotranskript

Arijit Ghosh (00:08):

Hello everyone. My name is [Arijit 00:00:11] , and I'm here today to talk about Edge Engineering at PayPal. First of all, I would like to thank Fastly team for having us, and hope this session will give all the attendees an insight in our Edge Engineering journey with Fastly. Here is the agenda of today's session, which we are going to cover. About PayPal journey with Fastly, the challenges we faced, and of course the journey continues to build an edge for the future.


Arijit Ghosh (00:46):

Before I deep dive into sharing our experience with Fastly, I want to tell you a bit about who we are. Most of you might already know us, but we at PayPal are committed to democratize financial services and empowering people and businesses to join and thrive in the global economy. We are a two-sided network, creating payment solutions for both consumers and merchants through a combination of technological innovation and strategic partnerships. Being a financial organization, and in the business of trust, one of the most important thing we do is security. Along with that into this time with global presence, user experience at scale is another very important factor we'll look at.


Arijit Ghosh (01:38):

Now let's look into our journey with Fastly, shall we? You must be already aware of the term edge, which I like to think of as the first point of ingress for any traffic. There are indeed varied definitions of edge based on the technology stack and where and how it is being used. For me, implementing an edge solution is essentially bringing processing or routing of the data to the edge of network where customer can have fast and reliable experience. In other words, bring the processing closer to the source of data as much as possible.


Arijit Ghosh (02:21):

Now I would like to touch base on why Edge [inaudible 00:02:24] Solutions I feel is necessary for today, and I think it's an absolute requirement for tomorrow. When we started our journey with Fastly, we discussed on parameters like performance, which is response time, hit ratios and et cetera. Configuration, the complexity around it, the cell service, and of course the reporting metrics and logging.


Arijit Ghosh (02:47):

Now below are few key items which we wanted to make sure, an absolute necessary to have it covered in our engagement with Fastly. Response time. With our global footprint, our goal is to bring processing of data closer to source of data, ultimately resulting to faster response time. That's simple, but very complex. Enhanced security and compliance, website spying, various attempts to DDoS or exploit vulnerabilities happens all the time. We need to address this to safeguard our customers and at the same time, prevent them from being a victim of denial of service.


Arijit Ghosh (03:31):

Reliable operations, even with intermittent loss of connectivity. Internet is vast, and failure can happen, and it happens every time. We need to address to reduce the impact as much as possible, even if something happens beyond our control. Address scaling globally and measure pressure on our traffic bandwidth is a very important agenda to look at to maintain high availability. All these to monitor and take action swiftly, we need to have single point of entry for observability, yet not having a single point of failure. Needless to say in today's world for any of us, if we don't take care of this, will eventually result in a bad user experience.


Arijit Ghosh (04:19):

Now let's run through some of the solutions we have built in partnership with Fastly for the services onboarded on Fastly. Expansive physical their presence. We have been able to leverage Fastly's Origin Connect and set up P&I at the strategic locations globally. Origin Connect provided us with physical connection between our network and the Fastly shield hub thus reducing the number of hops handling customer data. Traffic sent across the secure, dedicated bandwidth paths, instead of going over the public internet effectively reduces latency, improves delivery, and increases network availability.


Arijit Ghosh (04:58):

Most of our services on Fastly are dynamic in nature, which means we have a high volume of what we call in [inaudible 00:05:05] term, pass traffic. Having this expansive physical presence has helped tremendously in avoiding many general internet issues as well. Comprehensive aid stack, as end-to-end monitoring of their ability and smart alerting system, which we have built based on those metrics creates an automated feedback loop, which enables us proactively fine tune our configurations. Again, as mentioned, since we have high volume of pass traffic, the flexibility which Fastly provides to control the agent shield capabilities is tremendous. It provides us freedom to extend the fastest path configuration control as per the service, user needs, and how internet is performing on a given day.


Arijit Ghosh (05:55):

Other item, which I am very much proud to say about is real-time everything. Fastly lets us interact with and analyze our services in real-time, we are able to deploy our configurations to the web interface or automate changes via various CACD tools, API calls, and et cetera. If activity in a new configuration was too much for every minor changes. In addition to that, we used edge dictionaries for the same. This allowed us, on the fly, to define and modify VCL logic like endpoint maintenance, enable visible shields, and various other settings for different use cases at the edge of fastest network. These real time interactions and analysis gives us quick visibility into end users experience so we can proactively take measure for it. Comprehensive security controls, Fastly's WAF and other related security controls is an extension towards security measures, which we take to protect our customers.


Arijit Ghosh (06:57):

The Fastly WAF is designed to protect our services against known vulnerabilities and many common attacks. What I love most about these features at Fastly, the flexibility on how we can analyze in real time everything from monitoring and alerting. Latency[inaudible 00:00:07:16] dropping, this is one of the very important aspect as we continue working through it. There are times in past where network specifics like time to first byte, page load time, et cetera, used to determine end user experience. But specifically in current time, these metrics are only good to identify issues, bottlenecks and performance, to some extent, but definitely not the ultimate end user experience.


Arijit Ghosh (07:37):

This is where real-time network metrics we believe can drive our operation to give a more accurate picture of end-user user experience, and then steer traffic, configure clustering based on those. Again, you might mean you might hear me saying this multiple times, but Fastly's extensive metric reporting have enabled us to build latency specific dashboards, which helps us in deciding locations, configurations, and how Fastly is exposed VCL makes things simple and fast, really fast. Now this is just some of the key pillars solutions we built it Fastly. Needless to say that there are many more contributing to our partnership with Fastly and ultimately helping us to provide our end users a great experience.


Arijit Ghosh (08:30):

Now, these are some of the global latency trends we observed during our journey with Fastly, purely based on catch synthetic monitoring tests. Now, of course, to achieve these desired graphs, we did face some hiccups along the way. That takes us to my next slide, which is all about the challenges. Now, as we started implementing the various solutions, best part of our journey happened. And for me, that is facing the new challenges. As mentioned earlier, our primary focus has always been security. Our biggest task was to ensure we have the highest level of risk mitigation and security controls in place. Once we had that in place to our Fastly engagement, we started moving to the next steps in our journey.


Arijit Ghosh (09:22):

Features. Again, one of our primary challenge was to address the pass traffic with optimal performance, as we are not only talking about the last mile here, but we need to optimize the entire round-trip traffic from end users device. Naturally, it needed many custom features and Fastly have some in their roadmap already and some were new, but the role of this feature is very fast and in a perfect [inaudible 00:09:49] way, which enabled us continuously integrate those features on our end.


Arijit Ghosh (09:54):

Next set of challenges we had was the questions we ask ourselves at every stage in the process, the four dubs, which helps to give I believe foundations of any solutions strong. What and why. What and why we are trying to achieve here as we transform there needs to happen a knowledge shift, which gives us better insights into the existing processes and what can be done differently once we know that the next questions comes is who we are working with to achieve the same.


Arijit Ghosh (10:27):

That means a culture shift. You need partnerships that are in essence, an extension of your team. They must be willing and wanting to work alongside you to quickly fix any issues you encounter and, of course, sharing success and failure together. Fastly team have been a great example and a great extension to our system. The last question comes, here it is, how we are trying to achieve. That means a tooling shift. You need to advance features that are easy to implement and mental like infrastructure as a code, DevOps, pipeline, testing environment, automated feedback loops, et cetera, to name a few. At the end of all these challenges, we learn from each other and implemented solutions, which we are really, really proud of. Now, after all this naturally the question comes is where we go from here? What are the next steps.


Arijit Ghosh (11:31):

As our journey to Fastly continues, here are some of the key items which we are excited about to explore more into a next phase. Fastly's latest traffic engineering optimizations, which includes the egress and ingress solutions to avoid any guest anomalies and improve the last [inaudible 00:11:50] mile latencies. Of course, with global footprints increasing everyday expanding the origin connects is another item, which we are continuously looking at and continuously trying to optimize for better user experience. Fastly's origin insights. With origin insights real time analytics will give us additional visibility into the egress data coming from our origin infrastructure to the Fastly edge cloud. That will enable us to fine tune the bottlenecks accordingly.


Arijit Ghosh (12:24):

And then, cloud optimizer and image optimizer. We are going to continue looking more into this and take our existing implementations into the next steps. Smart pipeline for automated config deployments. Gone are the days where a developer had to contact [inaudible 00:12:46] for the configurations, which impacts the application behavior. Along with Fastly, we want to enable each platform to empower teams with the tools so that we can control each and every customer requirements through a secured, fast, reliable, and robust pipeline. Fastly extending support for multiple DevOps tools, it aligns with getting the best out from our respective world of operation.


Arijit Ghosh (13:12):

I'm very excited about what's coming next with Fastly and really it opens up endless possibilities of what we can bring to our customers. We need to also understand that at some point, every solutions will hit the law of diminishing returns. That is where we believe innovation and continuously delivering on cutting edge technologies is so important to stay relevant.


Arijit Ghosh (13:38):

We are building towards it together to explore the various processing possible to make them global in true sense. At the end of the day, we all hope to give our users not just the best, but a satisfied experience. At the end to conclude, I would like to mention that as a team, we focus on keeping our architecture's simple, as we believe best solutions are always based on simplest ideas. Technology will change. Tools will change. There will be more challenges, but one thing which we truly value the most in our engagement with Fastly is the people at Fastly we work with. They have been a tremendous partner and, and the high altitude hiking journey, which we started with Fastly continues. That's all folks. Thank you so much for your time today.




Sie möchten loslegen?

Setzen Sie sich mit uns in Verbindung oder erstellen Sie einen Account.