Reliability at heart of Lyft and Uber's tech, IPOs reveal

Rideshare users don't care whether Lyft or Uber use a specific cloud provider. They care which app will offer the safest, cheapest and fastest ride.

In order to do that, the cloud provider actually matters, along with security, hardware and personnel.

Reliable technology service providers set the foundation for optimal operations, trustworthy security and a five-star customer rating after drop-off.

Ube and Lyft filed an IPO within nearly a month of one another. Lyft revealed it not only uses Amazon Web Services, but has a multiyear $300 million deal with it. Uber on the other hand relies on a "combination" of a small number of third party cloud providers located in the U.S. and overseas, according to its SEC filing.

Both companies are expanding into bikes and scooters. But Uber's M.O. is slightly more diverse, dedicating its existing technologies to meal delivery service Uber Eats.

Lyft acknowledges the expansion of mobile services adds to the business' complexities, technical and regulatory. "If we are unable to successfully manage the complexities associated with our expanding multimodal platform ... operations could be adversely affected," the SEC filing stated.

Whichever rideshare application users prefer, the companies rely on their technologies, otherwise their businesses grind to a screeching halt.

CIO Dive broke down the similarities and differences based on the information provided in the IPOs. Here is what we found:

1. Data strategies

Uber and Lyft have international networks that contribute to the density and richness of their available user data. "Our network becomes smarter with every trip," according to Uber.

Lyft named its investments in proprietary technologies and predictive analytics as a key enabler for a quality customer experience. The company is able to pull personalized insights from the data curated on its platform.

Insights "drive our platform in real-time" from the millions of daily rides Lyft facilitates, including historical data, ride lifecycle, when drivers go online, when riders request a trip, and when drivers and users match. Machine learning is taught from this data and various use cases for more behavioral predictions. Data is further used for product development, which is how Lyft launched its subscription solution.

Uber uses similar data pools like historical trips, bookings, product mix, fares and other information provided by third party analytics firms. "Our technology platform and the platform user data it uses, collects, or processes to run our business is an integral part of our business model," and therefore complying with privacy regulation is of utmost importance, according to the filing.

2. Cloud selection

Lyft agreed to pay AWS an aggregate minimum of $300 million between January 2019 and December 2021. The No. 1 cloud provider is Lyft's primary third-party cloud vendor, which highlights Lyft's trust in AWS' reliability.

Because AWS owns the servers Lyft relies on, Lyft does not "have control over the operations of the facilities of AWS that we use," according to the filing. It also means Lyft may feel the pains of damages inflicted on AWS, like interruption in services, reputation hits, or data insecurity.

Uber's 2016 data breach revealed intruders accessed stored data on AWS, but the access controls were the burden of Uber, not AWS. The company currently uses "multiple third-party cloud computing services and have co-located data centers in the United States and abroad."

3. Infrastructure and workforce

Uber's current infrastructure was built "to be highly automated" and its platform was built to "handle spikes in usage," according to the filing. The use of third-party cloud providers allows the company to offset accruing additional upfront infrastructure costs during peak times.

A failure to update Uber's infrastructure can result in "unanticipated system disruptions," like slower response times. "In particular, we will need to improve our transaction processing and reporting, operational, and financial systems, procedures, and controls," according to the filing.

Uber boasts a 3,000-strong engineering and computer science workforce for building and innovating technologies. Its proprietary technologies like demand prediction, matching and dispatching, and pricing, are leading in the rideshare industry. Further investments in feature development, data management, personalization solutions, and a scalable infrastructure are in progress.

The aggressive growth from expanding into more markets, like food delivery with Uber Eats, has become a challenge for the company in "designing controls in response to evolving risks of material misstatement." Inadequate support of its systems or procedures could drive riders and drivers to a competitor's platform, like Lyft.

Lyft didn't reveal how many engineers it has but the company is investing "particularly" in engineers, data scientists, designers, product management and operations personnel. Its product teams are organized in a full-stack development model with product management, engineering, analytics, data science and design integration.

The rideshare company's software is "frequently" updated on a regular software release schedule and are similarly built on a scalable platform. The platform was designed with "multiple layers of redundancy" with "incremental backups" performed hourly.

Lyft takes it a step further by having "redundant copies of content" kept in "at least two separate geographic regions and replicated reliably within each region," according to the filing.

4. Cybersecurity

The revelation of Uber's 2016 data breach is the poster child for what not to do. The company's leadership used funds dedicated to its legitimate bug bounty program to pay off the intruders.

Uber outlined security incidents in its SEC filing, citing the 57 million-victim breach in 2016 and a breach in 2014 where driver personal data was accessed. "We currently are subject to a number of inquiries, investigations, and requests for information from the U.S. Department of Justice and other U.S. and foreign government agencies," the company said. It knows the impact of security incidents can have an adverse impact on its business and reputation.

Lyft also acknowledged unauthorized parties have "gained access" to its systems or the systems of its service providers, partners, or platform users "attempting to fraudulently induce" individuals, according to the filing. Lyft claimed that "breaches experienced by other companies may also be leveraged against us," like for credential stuffing attacks.

Both companies have a responsibility to protect the personal data their businesses rely on, including rider names, passwords, payment card information and the added information of frequented locations. Riders and drivers may also have bugs in the mobile devices that use the apps, furthering the companies' protection concerns, according to Lyft.

Companies going public are signaling the market is healthy and primed for their future. Both companies are growing their businesses into industries beyond their origins like meal delivery, scooters and bigger picture projects like autonomous vehicles. Still, the companies need to overcome some hurdles.

Uber has noted that its profitability may suffer for a time as it adds drivers and partners and Lyft, which went public about a month prior, has had a varied reception on the market. Lyft was the first rideshare company to go public and is valued at $19.3 billion.