How PicPay Made Strict Compliance an Inline Feature of Frictionless Access

About PicPay

A Leader in Banking, FinTech, and Digital Commerce

 PicPay, founded in 2012, is a leading Brazilian fintech company that has grown from a digital wallet into a full-service financial platform with over 60 million users. Today, PicPay innovates like a tech company, but with the scale and reliability of a traditional financial institution. Their app hosts a broad range of data-driven services designed to improve the experiences of their customers. With thousands of resources spread across dozens of business units, their data is both an incredible platform to innovate with and their primary liability.

The PicPay Challenge

Effortless Compliance and Democratized Access to Optimize Operations

PicPay adheres to strict security standards and least privilege access controls to maintain compliance and minimize risk. However, this rigorous approach introduced bottlenecks when developers needed timely access to databases. As the company scaled and both headcount and infrastructure expanded, the burden of provisioning access fell disproportionately on a small group of Database Administrators (DBAs). Rather than focusing on strategic architecture and system design, DBAs were pulled into repetitive tasks, like manually writing access policies and running queries for teams without direct access.

• Regulatory Assurance. PicPay needed a secure access solution that could enforce centralized control, provide complete audit trails, and guarantee that the actions taken in their databases matched approved change documents, which is crucial to remaining compliant with financial regulation.
• Developer Velocity Without Risk. To accelerate development while maintaining security, PicPay turned to hoop.dev’s Zero-Config Data Masking. This feature neutralizes sensitive data exposure, allowing for safe, automated read-access sessions that eliminate delays while preserving compliance.
• Eliminating Operational Toil. PicPay sought to reduce the operational load on DBAs, who were spending valuable time running scripts for less technical teams. hoop.dev enabled safe, self-service access so DBAs could focus on long-term infrastructure design and optimization.

The hoop.dev Solution

Protect Sensitive Data. Automate Access. Block Dangerous Actions.

Hoop.dev is the only access and data governance solution that ends the organizational gridlock created by regulation, security provisioning, resource sprawl, and workforce growth, so that teams can innovate faster and more securely.

By masking data at the protocol level, hoop.dev enabled safe, read-only self-service access and cut the permissioning workload for DBAs by 60%, all while accelerating developer velocity. Write-access is reduced to single commands, which creates a direct bridge between the change documentation and the changes implemented. This simplifies the compliance process and and lightened the audit burden on DBAs and security teams.

Hoop's templated ‘Runbooks’ deliver ready-to-execute code, which eliminate ad-hoc scripting and empower non-technical teams to query data securely. The result was PicPay DBAs reclaimed 93.7% of the time once spent running scripts for other teams, while access requests were fulfilled almost instantly.

By implementing hoop.dev, PicPay achieved a secure, scalable solution that aligned with its compliance obligations and growth ambitions. hoop.dev not only reduced operational burden on DBAs but also unlocked faster, safer access to data across the organization. Developers now work with greater autonomy while maintaining strict privilege boundaries. Regulatory requirements are met with confidence, and DBAs are free to focus on high-impact architecture rather than repetitive permissions work.

As both a bank and fintech platform, PicPay operates under some of the world’s strictest regulatory standards, which often hinder innovation, but with hoop.dev, PicPay accelerated its progress in fintech, banking, and e-commerce without ever compromising on security. With no additional onboarding, PicPay grew their hoop.dev user base by an additional 850 developers, which brought them to over 1100 daily users and proved that speed and security can scale in tandem.