Rich Steenburg, Senior Director of Engineering, WePay
WePay upgrades to MySQL Enterprise Edition 8.0 for maximum uptime, greater database observability, and enhanced compliance with financial regulations.
Business Challenges & Goals
WePay is the integrated payments business of JPMorgan Chase. WePay provide payments infrastructure for independent software vendors (ISVs) and software platforms to ensure small businesses get paid quickly and easily. Our application programming interfaces (APIs) make flexible, integrated payments possible through referral, white-label, or payment facilitator models.
Given this, WePay's development processes are subject to strict security and compliance controls. Security, reliability, and compliance are key requirements of a relational database management system for online payments.
Since 2008, WePay has been running MySQL as its core database to support an agile development environment. For the past decade, the database grew into a single monolithic database of 250 TB. As a payments company, uptime is mission critical, so in 2018 WePay began creating microservices running on MySQL database clusters.
Upon moving to MySQL Enterprise Edition 5.7, WePay improved database availability, observability, separation of responsibilities, and audit compliance. This led to an upgrade in 2020 to MySQL Enterprise Edition 8.0.
Business Results & Metrics
With MySQL Enterprise Edition 5.7, WePay achieved improved observability of production database performance by using global transaction identifiers (GTIDs) and MySQL Orchestrator to detect failure and perform role transition. These tools significantly boosted database availability and scalability by handling unplanned events in cluster replication.
WePay implemented MySQL Enterprise Monitor to gain even deeper observability of changes in the production database that helped them better track who made them and why. Site reliability engineers—who do not have direct access to the production database due to compliance with Payment Card Industry Data Security Standard (PCI-DSS) controls—can now see what goes on inside the database.
As an organization bound to the Agile software development methodology, this observability allows the engineering teams to quickly evolve the payment platform, adhering to PCI-DSS rules and audits and other banking controls.
"Being able to see how the database is performing with production data and load is fantastic," said Rich Steenburg, Senior Director of Engineering at WePay. "If we didn't have MySQL Enterprise Edition, I don't think we would be able to satisfy these requirements and to change as fast."
Database application performance was also further enhanced by MySQL Query Analyzer, which WePay uses for pinpointing and solving queries causing slowdowns. This ensures maximum availability of the platform.
Because the payments platform also shares instances across hundreds of databases and microservices, the company relies on MySQL's resource management to enable or restrict resource consumption. Beyond optimizing CPU utilization, this feature provides control over which users can perform resource group operations.
MySQL Enterprise Audit is equally critical within WePay for compliance with the strict separation of duties and responsibilities required in a payments industry, where billions of transactions between merchants, payment processors, and banks take place daily and fraud is an existential threat.
MySQL Enterprise Audit's automated policy-based auditing, coupled with MySQL Enterprise Edition 8.0's identity management and encryption tools, provide WePay with powerful security controls to satisfy regulatory compliance.
In addition, WePay uses MySQL Roles for granting specific permissions to team members by role, as a convenient alternative to granting individual privileges.
WePay is confident in providing its partners with a highly available, reliable, and secure online payments infrastructure. WePay is working with the Oracle MySQL Premier Support team to upgrade to MySQL Enterprise Edition 8.0.
"Having a direct line to the engineering team, ultimately responsible for the system that you're using, is critical to our success," Steenburg said.
WePay chose MySQL as its core database from inception in 2008, successively moving through various MySQL versions until moving to MySQL Enterprise Edition 5.7. The pivot to version 5.7 hinged on the ability to better observe the impact of changes in the production database and to comply more stringently with banking regulations. Eager for ever more robust monitoring, auditing, and security tools, WePay began migration to MySQL Enterprise Edition 8.0 in 2020.