How We Helped FSA/HSA Payments Company to Improve Existing Product 

# AWS infrastructure # Fintech # Web development
Discover more


  • Unlocking $140B Market: delivered infrastructure optimization and an AI-powered solution to help our client succeed in the health benefit-eligible product market.
  • ML, Cloud and DevOps Expertise Blend: the strategic technology selection (Terraform, GitHub Actions, AWS ECS) allowed for seamless integration of ML models, efficient infrastructure management, and automated deployment processes.
  • Accurate HIPAA/ SOC2 Compliance: ensured that the customer’s platform remains not only innovative but also complies with  the regulatory and security standards of the healthcare and financial industries.


The client is a Business-To-Business-To-Consumer (B2B2C) company working in the payments industry. The startup was founded in 2022 and quickly became popular among large businesses, allowing merchants to accept Flexible Spending Accounts (FSA) and Health Savings Accounts (HSA) as a form of payment.

The mission of this Fintech company is to build digital and analytical solutions designed to empower millions to save billions on healthcare, specializing in analyzing item-level purchasing data, authenticating FSA/HSA-eligible purchases, processing payments, and streamlining reimbursement.

Team Size:


The product automatically identifies and categorizes health benefit-eligible products using an AI-enabled platform and gives online merchants and their customers the flexibility at checkout to pay with FSA/HSA funds, maximizing their benefits.

Key components of the product include:

  • WooCommerce plugin
  • JavaScript SDK
  • Web forms.

Goals and objectives

  • Configure and Manage Infrastructure: Setting up and overseeing the infrastructure on Amazon Web Services (AWS) for various applications and teams, provisioning servers, configuring networks, setting up databases, and ensuring scalability and security.
  • Remediate Compliance Items Found by an External Security Auditor: Address and resolve compliance issues identified by an external security auditor to ensure that the software and infrastructure meet specified security standards, including updating access controls, encrypting data, patching software, and implementing the latest security best practices. 
  • Develop an AI Service Capable of Identifying Eligible Products: Create and train Machine Learning models to accurately detect the most suitable products based on defined criteria in the shortest amount of time.
  • Implement and Deploy Job for Data Synchronization: Set up a scheduled job to synchronize product data from an external service and notify customers of any updates, ensuring that the synchronization process does not negatively impact the system’s performance. 
  • Automate Product Classification: Work on a solution that will automate product classification based on eligibility using their names when their code is absent in the SIGIS (Special Interest Group for IIAS Standards) database by leveraging several AI/ML techniques for text classification.

Project challenge

  1. Managing Multiple AWS Accounts:
    Employ the Infrastructure as Code (IaaC) process, design hierarchical structure, and implement Role-Based Access Controls (RBAC) to streamline the management of multiple AWS accounts, each with subprojects and diverse teams.
  2. Handle Noisy Datasets:
    Work with noisy datasets during Machine Learning model training and eliminate any errors that may cause potential business risks. Data preprocessing techniques such as cleaning, normalization, and augmentation are required to deal with this challenge. 
  3. Comply With HIPAA/SOC 2 Requirements:
    Modify and enhance infrastructure to meet compliance standards. For HIPAA, this includes encryption of healthcare data, access controls, and audit trails. SOC 2 compliance involves implementing security, availability, processing integrity, confidentiality, and privacy (SAC-P) controls.


The team from SPD Technology included a DevOps Engineer and a Machine Learning Engineer. The collaboration started with infrastructure-related activities, as Terraform was used to deploy and manage Node.js serverless services and Single Page Applications (SPA) apps. This provided a consistent and repeatable way to deploy and manage infrastructure for the client.

In addition to Terraform, GitHub Actions was chosen as a CI/CD (Continuous Integration/Continuous Deployment) tool and was leveraged for automating the deployment process. Whenever changes are pushed to the repository, GitHub Actions trigger the Terraform scripts to deploy or update the AWS resources, ensuring a streamlined and automated deployment pipeline.

Regarding the AI/ML part of the project, we collected data for our models using 3d party APIs and data sources with manual labeling and data review. The AI eligibility classification tool was developed using Python. It involved the use of sentence transformers, which are models designed for encoding and transforming sentences into numerical vectors, and LightGBM, a gradient-boosting framework. The usage of sentence transformers allowed us to convert sentences into embeddings, capturing the semantic meaning of the text, while gradient boosting, an ensemble learning technique, allowed us to combine multiple weak models to create a stronger predictive model. Additionally, we used another Python-based backend element, Flask for the API to handle HTTP requests and responses.

The resulting AI eligibility classification tool was deployed as a stand-alone microservice on AWS ECS, a fully managed container orchestration service. ECS enables the deployment of containerized applications, providing scalability and resource efficiency. The AI model, in our solution, classifies health products into eligible and non-eligible categories, leveraging a combination of text analysis and Machine Learning techniques to accomplish this goal.

Tech Stack

  • React.js WebReact.js
  • Vue.js WebVue.js
  • PHP WebPHP
  • Node.js API Node.js
  • Express.js API Express.js
  • Python Flask API Python Flask
  • AWS Lambda InfrastructureAWS Lambda
  • MongoDB InfrastructureMongoDB
  • AWS S3 InfrastructureAWS S3
  • AWS CloudFront InfrastructureAWS CloudFront
  • JavaScript SDKJavaScript
Artificial Intelligence
  • Python Artificial IntelligencePython
  • Pytorch Artificial IntelligencePytorch
  • LightGBM Artificial IntelligenceLightGBM
  • Sentence Transformers Artificial IntelligenceSentence Transformers
Third Parties
  • Terraform  Third Parties Terraform
  • GitHub Actions Third Parties GitHub Actions
  • Vanta Third Parties Vanta

Our results

We have successfully delivered most of the planned functionality and are currently finishing the remediation of items for HIPAA/SOC 2 compliance. In the future, we plan to improve the accuracy of benefit-eligible categorization of health products and add more AI-powered features.

  1. Less-Than-1-Day Release Cycles: Implementation of the serverless infrastructure and fast CI/CD pipelines that were configured by our team resulted in short release cycles, which is critical for a startup. 
  2. 80%+ Accuracy of Our AI Solution: Achieved an impressive percentage of success in determining the eligibility of health-related products in our fully automated solution. 
  3. 200,000+ Eligible Healthcare Products In Sync: Developed an automated solution that keeps an item list of eligible healthcare products for the customers of our client in sync with the trusted third-party source. 
  4. Ongoing Optimizations of AI/ML models: Set a process for post-deployment improvement that includes retraining the AI models on new data, enhancing data quality, and extending the dataset to improve classification accuracy even further.
Next Project
# AWS infrastructure, # Web development
Helping to Develop a Powerful Merchant Settlement Platform for an eCommerce Leader

Highlights Client The client is BlackHawk Network Inc. (BHN), a U.S.-headquartered, globally leading provider of branded payment technology solutions,...

Explore Case