It's a very good question. The stand-in system itself has been built to have basically no external dependencies itself.

So, the question you are really asking is "to what extent are the other parties involved in the processing of payments resilient to AWS failure" – e.g. Stripe probably isn't and that's probably a decent chunk of e-commerce.

I definitely don't think this would be anything close to smooth sailing if AWS was to fully go down, but we do have the benefit that underlying payment infra is still dominated by on-prem with leased lines etc. My best guess of the actual behaviour would be that bank transfers would keep working, the card networks themselves would keep working but the average e-commerce website would not.

Naturally, we can only control for what we can control for – and for us the primary benefit of stand-in is what it gives us in the much more likely scenario of an incident in our platform.

From what I understand of payment systems this is so that payments through card machines, contactless payments for public transport, cash withdrawals from ATMs, etc. all continue to work. A lot of those systems are surprisingly insulated from AWS simply by virtue of being extremely archaic

I wouldn’t assume that is the case. The failure modes are different that is all.

I saw a whole corp POS platform a couple of decades ago that was hanging off a TFTP server on a machine that no one dared turn off in case the world ended. One day the DC UPS failed, it didn’t come back up and they had no retail operations for several hours while they sent a bunch of cash to a guy who had left to help them fix it.

There’s stuff like that everywhere lurking in the archaic.

I know of a modem in a DC which is used to talk to a branch office running AS400 hardware that is so old they have to buy spares off eBay.

To add to this, I remember a story my father told me. This is off the top of my head and a few years ago so it might not be fully accurate.

My father worked as a banker for most of his life and when he was in his late twenties he got a position to oversee a smaller investment bank. This is sometime in the late 90s. When he started, he took a general look around, checked with everyone how things are going and happened to meet on of the few IT people working in the building. When the IT guy realized that he was speaking to a new person who might be able to change things around there, he was elated and told him that there was an issue the previous boss never took too urgently, even though it was quite critical. Apparently the servers that were running pretty much all of the transactions of that investment bank were located in the basement of that building and have literally never been migrated, upgraded or anything else. The servers that were left over from that time was literally one running machine and another machine that had died a few years prior that was now only used for spares in case anything on the singular still working machine broke. Since the hardware was so old, there apparently weren’t many replacement parts left and the ones that were left were incredibly expensive due to many bank depending on those specific servers.

Anyway, my father heard that story and immediately got the guy the funding he needed to migrate to a newer and better system. Sometimes I think about this kind of stuff, we think banks are really resilient (and they try to be), but I wouldn’t be surprised if setup like these still exist somewhere because people are too scared to touch them.