CentraPass deploys AS2 Gateway for its business in trust
CentraPass required an AS2 gateway for on-premise deployment on its own Amazon Web Services (AWS) account, primarily for secure communication with the Government of New Zealand. The system required to be installed within a short period of time.
CentraPass provides New Zealand businesses with the most comprehensive decentralized Identity Toolkit to future-proof
customer sign-up, access, and authentication experiences. They also provide KYC API for verification of all New Zealand
and Australian identity documents.
CentraPass required an AS2 gateway for on-premise deployment on its own Amazon Web Services (AWS) account, primarily
for secure communication with the Government of New Zealand. The system required to be installed within a short
period of time.
AS2 Gateway was required for a government identity verification system integration. CentraPass’s existing KYC API
comprises of microservices built on AWS Lambda due to high scalability requirements and as such asynchronous
communication between the Lambda function and AS2 Gateway was required.
CentraPass selected the AS2 Gateway on-premise version from Aayu Technologies LLC, for deployment into its own
AWS account. The AS2 Gateway met the requirements sought by CentraPass, and the installation and support offered
by Aayu Technologies helped implement the solution in production in a very short period of time.
The Lambda function in the KYC API calls AS2 Gateway using the REST API to send a message to the integration
partner. The solution uses AS2 Gateway’s webhook capability to run another Lambda function to push the documents
received from the integration partner to an S3 bucket with a 1 minute expiry since the file should be pulled
immediately by the API Lambda. The API Lambda function will wait for this file by long polling S3. This
process was very straight forward for us and fortunately took only a day to integrate into our workflow.
Implementing a long poll also avoids the need to have a database since we strive ourselves in providing a
fully stateless verification platform for our customers, where we don’t hold any personally identifiable information.
On average the KYC API verification Lambda takes 3-5 seconds to run. This is quite long for a Lambda function,
but the limitation is from the integration partner. CentraPass were using another leading AS2 provider before
moving to AS2 Gateway and it took 10 seconds on average, so there was a 100% performance improvement out of the
box because of the simple REST API and webhook functionality as opposed to the cronjob type implementation
we had in previous AS2 provider.
The Aayu Technologies team worked with CentraPass to quickly complete the deployment to meet the urgency
requirements. The system was deployed into an AWS account in the Asia Pacific region, meeting the requirements
of security, control and ownership by CentraPass for the sensitive information being stored and exchanged. The
deployment is a standard AS2 Gateway solution, similar to the publicly hosted Software as a Service (SaaS)
version of the AS2 Gateway. CentraPass utilizes the AS2 Gateway webhooks and REST APIs to send and receive
messages from its internal systems, and deployed the system for production use since October 2021.
This is deployed across multiple environments: development, UAT and production. CentraPass have 2 AS2 Gateway
instances running, 1 test instance (hooked up to the integration partners test environment) and 1 production
instance. To make this work on the test environ- ment we have had to share the S3 bucket for both the development
and UAT environments which worked fine in our use case.
"We were using another leading AS2 provider before moving to AS2 Gateway. There was a 100% performance improvement out of the box because of the simple REST API and webhook functionality as opposed to the cronjob type implementation we had in previous AS2 provider."