Six years running Spentra's AWS environment under PCI DSS
Riyex has run Spentra's full AWS environment for over six years (EC2, RDS, ElastiCache, Lambda, and API Gateway) with PCI DSS maintained continuously. Spentra's engineering team stays focused on Money Earned while we keep the platform underneath it patched, monitored, and on-call.
The problem
Spentra runs a real-time financial product. Money Earned® lets workers tap into earned-but-unpaid wages from a mobile app. The Spentra Payroll Card lands wages on a Mastercard debit. InstaPay handles same-day final pay for terminated employees. Each of those flows touches money in motion, and every one of them runs on AWS.
Running that kind of infrastructure full-time takes a capability most early- and mid-stage fintechs don’t want to staff internally: 24/7 monitoring, on-call rotation, patch management, security hardening, capacity planning, and the discipline to keep PCI DSS audits clean year after year. Spentra wanted their engineering team focused on Money Earned the product, not on the operational substrate underneath it.
What we do
Riyex runs Spentra’s full AWS environment as an extension of their team. EC2 fleets, RDS databases, ElastiCache for hosted Redis, Lambda functions, API Gateway. All of it patched, monitored, capacity-planned.
Every workload sits inside a security posture aligned to PCI DSS requirements: hardened images, audited access, encrypted-at-rest data stores, network segmentation, centralized logging, and the controls auditors need rather than the ones that just check the box.
We monitor 24/7 with on-call escalation and a documented incident response process. When something fails (and at scale, things fail), Spentra’s engineering team gets the postmortem and the fix, not the 3am page.
Patching, dependency updates, security advisories, AWS service deprecations, and IAM hygiene are all handled before they become incidents. The audit cycle is supported continuously rather than scrambled at the deadline.
Results
Over six years and counting, Spentra has run a financial-services product on infrastructure they don’t have to staff to operate. PCI DSS has been maintained continuously. Money Earned, the Payroll Card, and InstaPay all run on the same operational substrate, and Spentra’s engineering team gets to spend its hours on product rather than on standing up monitoring or chasing patches.
More importantly: the production environment is genuinely boring to operate. Not because nothing happens, but because everything that happens has an owner, a runbook, and a path back to normal that Spentra’s team doesn’t have to invent in real time.