Please provide your contact details, and we will get back to you promptly.
A Digital-First Airline Built for Speed and Control
ZIPAIR Tokyo Inc. is a Japanese long-haul, low-cost carrier and a wholly owned subsidiary of Japan Airlines. Headquartered at Narita International Airport, ZIPAIR operates Boeing 787 Dreamliner aircraft on international routes connecting Japan with North America and Asia-Pacific.
More than an airline, ZIPAIR launched in 2020 with a deliberate mandate to rethink how airlines operate. ZIPAIR is a digitally native business built from the ground up to move faster, own its infrastructure, and commercialize that advantage. Where legacy carriers inherit technical debt, ZIPAIR invests in proprietary platforms, treating technology not as a cost center, but as a product asset.
To support this vision, ZIPAIR partnered with DataArt to build a cloud-native payment orchestration platform designed for secure, scalable airline commerce.
Challenge: From Payment Constraint to Platform Opportunity
As ZIPAIR expanded its international footprint and digital channels, payments evolved from a supporting function into a strategic constraint.
Like many airlines, ZIPAIR initially relied on tightly coupled, point-to-point integrations between booking flows and payment services. While common across the industry, this approach increased operational risk, expanded PCI DSS scope, and limited flexibility to introduce new payment methods or channels, slowing innovation. At the same time, these limitations highlighted a broader opportunity. According to IATA, airlines could unlock up to $40 billion in retail revenue through modern payment strategies, with an additional $14 billion directly linked to how payments are designed and controlled (IATA, citing McKinsey).
Rather than treating this solely as an internal challenge, ZIPAIR identified an opportunity to rethink how payment capabilities could be designed and delivered. To support its growth and operating model, the airline set out to move from integration-based payments to a centralized, secure, and scalable platform. This platform could support multiple channels, evolve with the business, and potentially serve as a foundation for broader commercial applications.
Solution: Building a Payment Orchestration Platform, Not an Integration
ZIPAIR partnered with DataArt to build POP (Payment Orchestration Platform), a cloud-native layer that centralizes transaction processing, tokenization, routing, and compliance controls across its digital commerce ecosystem. Built to support ZIPAIR’s long-term platform vision, POP reflects a joint effort to translate business ambitions into a scalable, production-ready solution.
POP sits between customer-facing channels and downstream payment services, providing a single, governed layer for transaction processing, tokenization, routing, and compliance controls.
From the outset, POP was treated as a product platform rather than a one-off project, with modular services, clear APIs, and a foundation designed to scale with the business.
Core Architectural Principles
The platform was built around the following key principles:
- Single integration point: Internal systems connect to payments through a single governed API, eliminating direct point-to-point integrations and simplifying the architecture as new channels are added.
- Modular extensibility: New payment methods, currencies, and regional providers can be added as self-contained modules, enabling market expansion without rebuilding the core platform.
- Configurable payment flow: Each client system defines the payment methods, locales, and session parameters presented to the shopper at checkout, enabling tailored experiences per channel or market without changes to the core platform.
- Intelligent payment routing: Transaction routing logic selects the optimal provider for each transaction based on geography, cost, and performance, supporting higher authorization rates and revenue optimization.
- Payment isolation & scope reduction: A dedicated layer separates payment handling from the broader system, designed to reduce risk and PCI scope.
- Tokenization-first design: Sensitive card data is replaced with tokens, minimizing exposure across services.
- Security-by-design: Identity control, encryption, secure pipelines, and auditability are built into the platform from the start.
- Compliance as architecture: PCI DSS requirements are embedded into system design rather than treated as a post-development step.
- Cloud-native foundation (AWS): Scalable infrastructure with centralized monitoring, logging, and security enforcement.
POP’s platform approach was validated by launching a virtual Point-of-Sale (vPOS) capability, integrated into the existing platform. vPOS is a purpose-built iPad point-of-sale solution for airport check-in and gate operations, designed to handle high-volume, custom workflows in ZIPAIR’s airport environment.
POP’s modular design brought ZIPAIR’s vPOS system live without requiring new payment infrastructure, enabling faster, lower-risk onboarding of new payment use cases.

Highlights: From Fragmentation to Scalable Payment Control
- Transitioning from fragmented integrations to a centralized payment orchestration platform.
- Designed to reduce payment risk and PCI scope through segmentation and tokenization.
- Enabling faster rollout of new payment capabilities, including vPOS.
- Establishing a scalable, reusable payment foundation supporting multi-channel growth.
- Improving visibility into payment operations through centralized monitoring and control.
- Creating a proprietary payment asset with potential to support ZIPAIR’s partners and commercial ecosystem.
- Advancing PCI DSS readiness and auditability, with POP and vPOS actively pursuing certification.
Technologies Used
- AWS: ECS, EC2, Lambda, S3, ECR, Cognito, IAM, KMS, WAF, Certificate Manager, SQS, SNS, API Gateway, CloudFront, Elastic Load Balancing, NAT Gateway, Internet Gateway, Systems Manager, SES
- Application: .NET, C#, Node.js
- Database: PostgreSQL
- Payment Integrations: Integrated with multiple global and regional payment service providers via the PSP adapter pattern, supporting flexible routing across acquirers and payment methods.
What This Means Beyond ZIPAIR
For years, airlines have built payments one integration at a time, rather than by deliberate design, optimizing to process transactions rather than to create commercial opportunity. As carriers expand digital channels and partner ecosystems, that approach increasingly limits how fast they can move and how much control they keep over their own commerce.
ZIPAIR has chosen a different path. By building its Payment Orchestration Platform (POP), it has begun turning payments from a constraint into owned infrastructure, and from owned infrastructure into a strategic asset. Where most carriers inherit fragmented systems and accept the limits that come with them, ZIPAIR is actively engineering a payment layer it controls, can extend, and can build on.
This is the real shift. Payments stop being a supporting function and become a platform the business can govern, scale, and grow with. For ZIPAIR, that platform is a starting point, not a ceiling.
With DataArt as its partner for progress, ZIPAIR has done more than solve a payments problem. It has built a proprietary platform and a genuine competitive advantage in a part of the business most airlines still treat as a cost. This is what it looks like when payments are designed as a product, and it sets a new benchmark for digital-first airline commerce.
