How We Helped FSA/HSA Payments Company to Improve Existing Product 

# AWS infrastructure # Fintech # Web development
Discover more

Highlights

  • Unlocking $140B Market: delivered infrastructure optimization and an AI-powered solution to help our client succeed in the health benefit-eligible product market.
  • ML, Cloud and DevOps Expertise Blend: the strategic technology selection (Terraform, GitHub Actions, AWS ECS) allowed for seamless integration of ML models, efficient infrastructure management, and automated deployment processes.
  • Accurate HIPAA/ SOC2 Compliance: ensured that the customer’s platform remains not only innovative but also complies with  the regulatory and security standards of the healthcare and financial industries.

Client

The client is a Business-To-Business-To-Consumer (B2B2C) company working in the payments industry. The startup was founded in 2022 and quickly became popular among large businesses, allowing merchants to accept Flexible Spending Accounts (FSA) and Health Savings Accounts (HSA) as a form of payment.

The mission of this Fintech company is to build digital and analytical solutions designed to empower millions to save billions on healthcare, specializing in analyzing item-level purchasing data, authenticating FSA/HSA-eligible purchases, processing payments, and streamlining reimbursement.

Country:
Industry:
Team Size:

Product

The product automatically identifies and categorizes health benefit-eligible products using an AI-enabled platform and gives online merchants and their customers the flexibility at checkout to pay with FSA/HSA funds, maximizing their benefits.

Key components of the product include:

  • REST API
  • WooCommerce plugin
  • JavaScript SDK
  • Web forms.

Goals and objectives

  • Configure and Manage Infrastructure: Setting up and overseeing the infrastructure on Amazon Web Services (AWS) for various applications and teams, provisioning servers, configuring networks, setting up databases, and ensuring scalability and security.
  • Remediate Compliance Items Found by an External Security Auditor: Address and resolve compliance issues identified by an external security auditor to ensure that the software and infrastructure meet specified security standards, including updating access controls, encrypting data, patching software, and implementing the latest security best practices. 
  • Develop an AI Service Capable of Identifying Eligible Products: Create and train Machine Learning models to accurately detect the most suitable products based on defined criteria in the shortest amount of time.
  • Implement and Deploy Job for Data Synchronization: Set up a scheduled job to synchronize product data from an external service and notify customers of any updates, ensuring that the synchronization process does not negatively impact the system’s performance. 

Project challenge

  1. Managing Multiple AWS Accounts:
    Employ the Infrastructure as Code (IaaC) process, design hierarchical structure, and implement Role-Based Access Controls (RBAC) to streamline the management of multiple AWS accounts, each with subprojects and diverse teams.
  2. Handle Noisy Datasets:
    Work with noisy datasets during Machine Learning model training and eliminate any errors that may cause potential business risks. Data preprocessing techniques such as cleaning, normalization, and augmentation are required to deal with this challenge. 
  3. Comply With HIPAA/SOC 2 Requirements:
    Modify and enhance infrastructure to meet compliance standards. For HIPAA, this includes encryption of healthcare data, access controls, and audit trails. SOC 2 compliance involves implementing security, availability, processing integrity, confidentiality, and privacy (SAC-P) controls.

Solution

The team from SPD Technology included a DevOps Engineer and a Machine Learning Engineer. The collaboration started with infrastructure-related activities, as Terraform was used to deploy and manage Node.js serverless services and Single Page Applications (SPA) apps. This provided a consistent and repeatable way to deploy and manage infrastructure for the client.

In addition to Terraform, GitHub Actions was chosen as a CI/CD (Continuous Integration/Continuous Deployment) tool and was leveraged for automating the deployment process. Whenever changes are pushed to the repository, GitHub Actions trigger the Terraform scripts to deploy or update the AWS resources, ensuring a streamlined and automated deployment pipeline.

Regarding the AI/ML part of the project, the AI eligibility classification tool was developed using Python. It involved the use of sentence transformers, which are models designed for encoding and transforming sentences into numerical vectors, and LightGBM, a gradient-boosting framework. The usage of sentence transformers allowed us to convert sentences into embeddings, capturing the semantic meaning of the text, while gradient boosting, an ensemble learning technique, allowed us to combine multiple weak models to create a stronger predictive model.

The resulting AI eligibility classification tool was deployed on AWS ECS, a fully managed container orchestration service. ECS enables the deployment of containerized applications, providing scalability and resource efficiency.

Tech Stack

Web
  • React.js WebReact.js
  • Vue.js WebVue.js
  • PHP WebPHP
API
  • Node.js API Node.js
  • Express.js API Express.js
  • Python Flask API Python Flask
Infrastructure
  • AWS Lambda InfrastructureAWS Lambda
  • MongoDB InfrastructureMongoDB
  • AWS S3 InfrastructureAWS S3
  • AWS CloudFront InfrastructureAWS CloudFront
SDK
  • JavaScript SDKJavaScript
Artificial Intelligence
  • Python Artificial IntelligencePython
  • Pytorch Artificial IntelligencePytorch
  • LightGBM Artificial IntelligenceLightGBM
  • Sentence Transformers Artificial IntelligenceSentence Transformers
Third Parties
  • Terraform  Third Parties Terraform
  • GitHub Actions Third Parties GitHub Actions
  • Vanta Third Parties Vanta

Our results

We have successfully delivered most of the planned functionality and are currently finishing the remediation of items for HIPAA/SOC 2 compliance. In the future, we plan to improve the accuracy of benefit-eligible categorization of health products and add more AI-powered features.

  1. Less-Than-1-Day Release Cycles: Implementation of the serverless infrastructure and fast CI/CD pipelines that were configured by our team resulted in short release cycles, which is critical for a startup. 
  2. 80%+ Accuracy of Our AI Solution: Achieved an impressive percentage of success in determining the eligibility of health-related products in our fully automated solution. 
  3. 200,000+ Eligible Healthcare Products In Sync: Developed an automated solution that keeps an item list of eligible healthcare products for the customers of our client in sync with the trusted third-party source. 
Next Project
# AWS infrastructure, # Data migration, # Fintech, # Legacy Application Improvement
How We Helped BlackHawk Network with Distributed Systems Unification and Integration 

Highlights Client BlackHawk Network Inc. (BHN) is a U.S.-headquartered, globally leading provider of branded payment technology solutions, whose history...

Explore Case