Q&A with Zubin Vandrevala of Gr4vy

Gr4vy, the cloud-native payment orchestration platform, addresses the industry’s lack of infrastructure for managing and scaling payment services. Gr4vy’s vision is to become the preferred destination for developers, retailers, and businesses in the payments realm, fostering a marketplace where banks, gateways, and anti-fraud companies offer their services without technological restrictions. How can businesses revolutionize their payment infrastructure with Gr4vy’s cloud-native platform? 

Enabling merchants to minimize payment costs, optimize authorization approval and mitigate fraud has always been a careful balancing act and an exercise in the deployment of significant capital for enterprise merchants. A novel approach to distilling the complexity and costs of the ever-change world of payments is Gr4vy’s provision of Infrastructure as a Service (“IaaS”) which provides for: 

  • Payment system connectivity – The ability, in real time, to deploy, customize and optimize processes such as authorization routing to both increase approvals and reduce costs and anti-fraud platforms to reduce chargebacks and fraud while minimizing friction in the checkout process. 
  • Product Agnostic – Gr4vy has established and maintained a policy of remaining neutral to all payments service providers to whom they connect. They accept no revenue share or other compensation from providers and therefore remain fiducial to their merchant partners. 

Payments Consulting Network Commercial Director, Dean Sheaffer, recently caught up with Zubin Vandrevala, Vice President of Business Development and Partnerships at Gr4vy to discuss how the company is enabling merchants to optimize the payment experience for their merchant partners and those partners’ customers. 

DS:Could you give us a brief overview of Gr4vy and its unique approach to payment optimization? 

ZV: Gr4vy was founded and incorporated in August 2020 by industry veterans John Lunn, Ali Minaei and Cristiano Betta. Our team includes pioneers and payment experts from Adyen, Braintree, Cybersource, Google, PayPal, Visa, and Yoyo Wallet with a deep understanding of the pain points facing businesses to optimize their payment stack.  

We launched our v1 product in April 2021. Our global customers include among others, Woolworths Group (Australia’s largest retailer), ELEVEN Sports (part of DAZN Group and 2022’s highest-grossing sports app), Ding.com (world-leading mobile top-up service), and Mythical Games (behemoth in digital asset gaming). Our plug-ins to Salesforce Commerce Cloud, commerce tools and Magento means businesses on these ecommerce platforms can take seamless advantage of our platform capabilities as well.  

Gr4vy’s core focus is on:  

  • Reducing tech debt by enabling access to the best-in-class payment and anti-fraud services via a single integration. They provide the tools to deploy, manage, customize, and optimize products efficiently. 
  • Driving growth and uplift in conversions by customizing and personalizing the best payment options in real time at checkout by recommending “recipes” based on merchant profiles and facilitating payments knowledge in collaboration with merchant payment teams. 
  • Optimizing transaction auth rates and reducing costs with dynamic retries network tokenization, tightly integrated anti-fraud management, and least cost routing.  
  • Future proofing payments infrastructure by having dedicated cloud instances to support their capacity, resilience, redundancy, and performance requirements. 
  • Providing a separate instance for each merchant enabling regional payments and privacy compliance, while sizing the instance uniquely based on client requirements.  
  • Real time, “No Code” changes processes to deploy Alternative Payment Methods, add or change processors, alter payment routing and much more through a business model focused on enabling technology. 

DS: What services do you offer merchants and not-for-profit organisations globally?  

ZV:Gr4vy’s payments orchestration platform services businesses globally. We have teams and customers distributed across North America, United Kingdom, Europe and now Asia Pacific. The key capabilities we offer our customers are:  

  • Vaulting & Tokenization: Gr4vy’s centralized vault gives businesses the freedom to move around and work with multiple payment providers while allowing them to securely and intelligently collect and store card data, simplifying the burden of PCI DSS compliance. Gr4vy supports tokenization and storage of all recurrent APMs. Gr4vy’s network tokenization solution centralizes the storage of network tokens allowing businesses to use them interoperably between PSPs (payment service providers). With the Gr4vy Vault, they can enable one-click checkout experiences, collect and store card data and use network tokens to tokenize transactions. As of June 2023, we now offer Gr4vy Cloud Vault as a standalone service to our customers as well.  
  • Mix and match preferred providers: Gr4vy enables businesses to determine the optimal mix of payment and anti-fraud connectors while keeping the maintenance burden low. Gr4vy makes it easy to add, test, and deploy new payment services with a couple of clicks through our agnostic and highly flexible architecture. Gr4vy also takes the burden of maintaining each connection, ensuring high fidelity. 
  • No-code workflows: Using Gr4vy’s powerful no-code platform enables businesses to route transactions to maximize approval rates and lower costs. In addition, the platform enables businesses to customize the payment flow by creating rules and conditions to control what payment options are presented to buyers. This includes setting rules for automated failover, and many more, delivering a personalized experience at checkout. 
  • Future-Proof Payments Infrastructure:  Gr4vy’s unique cloud architecture deploys local Instances in our customer’s preferred region within a public cloud such as Google Cloud, Amazon Web Service etc. And this ensures that there is no commingling of data or shared workloads with any other Gr4vy customers, mitigating the risk of becoming a single point of failure. Each Instance has its own capacity, redundancy, and resilience – which would not be the case if we had built Gr4vy as a SaaS company. Gr4vy’s enterprise-grade platform is compliant with GDPR, CCPA, and Australian Privacy Law Standards, and is PCI DSS Level 1 and SOC2 Type 2 certified.  

The agnostic nature of Gr4vy’s no-code orchestration platform enables our customers to take full control of customizing and optimizing their payments stacks to best meet their business needs and objectives.” -Zubin Vandrevala, Vice President of Business Development and Partnerships, Gr4vy

DS: Are there any industry sectors or client types that you focus on? 

ZV:Our ideal customer profile is B2C and B2B2C businesses. We see businesses that represent US $50M+ in annual revenue and ones that have complexity in their payment stack in the form of global presence, multiple sub-brands, and/or price-sensitive segments have shown greater need for orchestration. And Digital Goods & Services, Retail, and Travel & Hospitality tend to be the industry sectors that have shown a higher propensity to adopting a payment orchestration strategy. We operate our own in-house developed, EMV compliant, active-active payments switching platform with full redundancy. 

DS: What do you see as your key differentiators with respect to payment orchestration? 

ZV:The agnostic nature of Gr4vy’s no-code orchestration platform enables our customers to take full control of customizing and optimizing their payments stacks to best meet their business needs and objectives. For starters, Gr4vy does not have any revenue share agreements with downstream providers, which means that we remain fiducial in our relationship with our customers. By decoupling our vaulting and tokenization services, 3D Secure merchant-plug-in, Apple Pay / Google Pay integrations, and offer a library of payment and tightly coupled anti-fraud services, our customers can mix and match the right set of payment connections and configurations to maximize conversions and minimize costs. 

DS: Can you describe Gr4vy’s Cloud Vault features, functionality, and use cases? 

ZV: Gr4vy has announced the launch of its centralized vault to securely tokenize, store, pull, update, and distribute card data, including network tokens, alternative payment methods (APMs) tokens, and PSP tokens. Backed by PCI DSS Level 1 certification, businesses can now manage payment data how they want, without added security burdens, all while ensuring payment service provider (PSP) independence and data portability. The new product can be used as a standalone tool or as a fully integrated solution with Gr4vy’s payment orchestration platform. 

With Gr4vy, businesses can also easily tokenize payment methods and use them to process transactions via various PSPs and store multiple network tokens and PSP tokens per customer. The vault is ready-made to support network tokens for payment processing and can return card data, PSP tokens, or network tokens, to use with any compatible payment service. 

 Other notable features and advantages of Gr4vy’s card data storage capabilities include: 

  • Cloud Infrastructure: Gr4vy’s vault runs as a single-tenant solution on the Google Cloud Platform (GCP), allowing businesses to operate, scale, and manage card data in their own protected environment. 
  • Optimized Payment Selection: Businesses get to decide how to charge customers without building complicated routing logic. Gr4vy’s tokenization solution allows businesses to tokenize cards as well as all APMs that support repeated transactions, such as wallets, bank mandates, and more. 
  • Data Portability: Any card data vaulted with Gr4vy can be used across multiple PSPs seamlessly, so businesses can work with more than one provider or even migrate operations without having to re-tokenize all their card data. Gr4vy also uses a sophisticated decision engine to determine what token to use for any processor, removing the complexity of provisioning and storing card data, tokens, and network tokens. 
  • Network Tokens: Gr4vy’s vault is ready-made to support network tokens.
  • Seamless Migration: Businesses can import existing tokens from their current payment service provider into Gr4vy’s Cloud Vault for a seamless migration, and easily export these tokens from the vault. 

DS: What innovations do you have on your product/service roadmap for the next 12 months? 

ZV:Our mission remains to become the platform of choice that businesses use to deploy payment infrastructure globally. To date we have been extremely focused on helping our customers accelerate ecommerce growth by making seamless integration of new payment services and orchestrating these services effectively to optimize conversions while minimizing costs. 

 We are already making progress and over the next 12 months, our focus will be to refine some of the back-office functions that come with enabling more payment options such as in settlement and reconciliation, payouts, and additional data insights. 

DS: What key criteria or features should a business consider when evaluating payments orchestration providers? 

ZV: The complexity of compliance, considering that privacy, data, and commerce laws continue to change, and you need a POP that will help you evolve with them. This means supporting different laws and regulations on a country-by-country basis. And it often requires data storage “on soil” to comply with privacy and data sovereignty requirements. 

One must also consider the following:  

Importance of agility as new payment innovations continue to be introduced. Currency values and exchange rates continue to fluctuate, and local regulations continue to evolve. You need a POP that enables you to nimbly adjust to these shifts — on the fly and without excessive time or cost.  

Regardless of the scale of your operations, it is essential to have a payment orchestration platform (POP) that offers simplicity. With just one integration with your back-end systems, these platforms take care of the technical aspects behind the scenes. This includes managing back-end plumbing, reporting functionality, and security updates. As a result, you can focus on orchestrating front-end payments seamlessly, all from a user-friendly dashboard that requires no coding expertise. This simplicity allows you to efficiently manage your payments without getting bogged down by complex technical details. 

Top-tier POP Simplicity regardless of scale: After a single integration with your back-end systems, they get out of the way. Back-end plumbing, reporting functionality, and security updates are maintained in the background, enabling you to orchestrate front-end payments from a simple, code-free dashboard.  

A POP that not only provides payment infrastructure but also independent insights and assistance for optimizing that framework. Selecting POPs will help you increase conversion rates at both cart and checkout levels. They will provide agnostic and actionable, data-driven recommendations for improving transaction routing and reducing exchange rates and fees. And they will help you increase sales and decrease costs as your business grows and evolves.  

DS: What industry changes or trends do you see occurring over the next 2-3 years that will have a major impact on your business and/or your clients? 

ZV:We believe that there are a couple of key secular trends that will accelerate the need for payments orchestration and drive Gr4vy adoption.  

  • Shifting consumer behaviour: With the rise of digital wallet, BNPL (Buy Now, Pay Later), Open Banking, crypto payments and so on, businesses find themselves constantly on the back foot in offering customer choice at checkout. Having a tool that enables businesses to personalize and seamless A/B test and deploy new payment options ensures they maximize conversions. 
  • Evolving fraud landscape: As artificial intelligence (AI) gets smarter so are fraud schemes that are growing in sophistication, having the best anti-fraud and risk management system today is no guarantee to keeping fraud rates and costs down. Risk Management leaders are mindful of having a robust yet nibble risk management architecture that enables them to plug into the best-in-class systems without taking on tech debt.  
  • Regionalized approach to privacy and data regulation: Privacy, data, and commerce laws continue to change. In an extreme example, the Reserve Bank of India demands that payment system providers store all data in systems that are within the territorial jurisdiction of India, and we already see this approach being adopted by other countries as well. Tech leaders are challenged to enable a flexible infrastructure stack that not only keeps pace with evolving regional data regulations but also remains fully compliant with stringent data privacy standards such as GDPR, CCPA, Australian Privacy Act, and data protection requirements like PCI DSS and SOC2.  

The ability to navigate these complex challenges and ensure the utmost security and privacy of data is imperative in today’s digital landscape. Only by embracing this critical responsibility can tech leaders build a foundation of trust and reliability that empowers their organizations to thrive in an ever-changing regulatory environment. 


Author: Dean Sheaffer, Commercial Director, Reading, Payments Consulting Network 

Dean Sheaffer is a highly experienced leader in the US payments industry, with over 30 years of expertise. His extensive knowledge encompasses both traditional payment systems and emerging areas like BNPL, open banking (A2A), cryptocurrencies, and real-time payments. 


Gr4vy is a member of our Payments Orchestration panel.

If you found this article helpful and would like to read similar articles, please subscribe to our newsletter. 

To get notified of our latest posts, follow the Merchant Advisory company LinkedIn page, and click on the bell icon at the top right section of our company profile.