We have seen over 30% improvement using CoPilot: Razorpay's Brahmadesam

In the fintech sector, we focus a lot on feature development. While doing so, specifically in India, the regulation and the market landscape is constantly changing, he says

Fintech firms in India have been at the forefront of adopting new technologies to offer the best user experience. Fintech major Razorpay leveraged it to emerge as one of the leading players in the sector. 
 

Ajinkya Kawale speaks with Murali Brahmadesam, head of engineering and chief technology officer (CTO) at the digital payments firm, to know more about the company’s technology shifts, focus on security, and use of artificial intelligence. Excerpts from the video interview

There is greater regulatory oversight over fintech firms now. How can technology keep up with evolving regulatory requirements? 

The Reserve Bank of India (RBI) is a progressive regulator that looks at customer trust as a key aspect. We don’t think regulation is a burden, and we should be operating regardless of it. In case of Razorpay, given that we have been at this for a while, I have added more rigour to it in the past two years. Regulations may change based on the need. We have an ambition to go to multiple geographies, and it can get more complicated. We’re all up for it. 

Does focus on regulatory compliance redirect budgets from innovation & R&D?

I don't think so. These are all basics. I don't think the regulation is asking something out of the ordinary. For instance, we were able to prove that our systems continue to work even when the server fails. We are constantly injecting failure to the system so that it can adapt to it. There has to be a change in mindset saying that if faults do happen, how can one manage it. 

When it comes to artificial intelligence (AI) and generative AI, what is the decadal view that you hold? 

10 years is too hard to predict. Every three months, it feels like a decade-worth of improvement has happened. A year back, we weren’t sure if the AI tools were up to the mark when it comes to developer productivity. Now, we have seen more than 30 per cent improvement here using CoPilot. We can generate test cases using Gen AI, cutting down time of communicating to an engineer about a new service from a week to under 10 minutes. The amount of tickets to debug has come down from about 500 per week to lower single digits with AI. There is still hallucination, but we as an industry have figured out how to control it. 

Do you think AI can be used to streamline Know Your Customer (KYC) processes? 

We are using AI with Optical Character Recognition (OCR) and verification of documents. We validate what category a merchant website is operating in, and check if it matches with the customer’s submission. We check if the terms of service are in place, and all of it is validated using AI now. 

What are the technology shifts that you have seen in the fintech industry and within the company since your appointment at Razorpay two years back? 

In the fintech sector, we focus a lot on feature development. While doing so, specifically in India, the regulation and the market landscape is constantly changing. For us, ensuring that compliance is in the mind of engineering and not an afterthought is important. 

Whatever we do has to be very secure, and that gives the trust to regulators and our customers. We have spent a good amount of time in performance improvement and cost consciousness. In two years, we were able to reduce more than 60 per cent of our infrastructural spend. 

Some technical attacks do happen against the company, and we had to build an infrastructure to ensure we identify these attacks, and prevent them. 

In the last two years, we have invested heavily in micro-service architecture. We are also working on cellular design where one has the end-to-end stack, but in a smaller footprint of machines which can be deployed independently. It allows us to launch in a new region without destabilising a larger market. 

Experimentation is part of our pipeline. We can turn on and off a particular feature for a select customer at any time which allows us to have the ability to reduce the blast radius of any impact. 

You spoke of attacks on the system, how do you track these attacks and ensure they are contained? 

We have an algorithmic approach to it. We know the traffic pattern of a merchant, and know where transactions would originate for our customer. We check for anomalies in this pattern, and based on the merchant, we are able to identify and isolate the attack. We control the firewall layer and the application programming interface (API) layer to prevent this traffic from pushing through our systems. 

How much time does it take for resolution from detection to prevention?

It happens within a few seconds. We have firewall rules that we update. We identify and process logs, and push it through our time series system. Then, if it sees an anomalous behaviour, we immediately update our firewall rules. 

At present, we are open sourcing this process. We are ready to give it as a consumable form so that other entities can benefit. We are open sourcing the full infrastructure so that it benefits the Indian fintechs and the banking infrastructure. We have open sourced almost 140 projects. 

Would you have a preference for home-grown cloud service providers over foreign majors? 

Moving a technology stack is always a challenging one. If there is a compelling offer, we are always ready to look at it. Operational capability is the main thing, and that is difficult to achieve at scale. It takes some time to establish operational credibility in this market. 

Is there a reliance on third party vendors as you build new products? 

Ninety per cent of our workforce is full-time, and the rest we take some help such as integrations, quality assurance (QA) testing, among others. We identify work that is not durable, and then give it to vendors. Engineering work that is durable is done by full-time engineers in the company. 

Is there a need for more tech talent at the company even today?

Our engineering organisation is a little over 1,000 people. We continue to have a lot of openings. At present, there are more than 200 plus positions open for hiring in engineering.