Frontend Platform Builder - Software Requirements Specifications (SRS)
Product
Karat Card
Version No.
1.0.0
Document Owner
Date Created
12 Apr 2023
Revision History
Name
Date
Reason For Changes
Version
1 1. Introduction
1.1 1.1 Purpose
1.2 1.2 Document Conventions
1.3 1.3 Intended Audience and Reading Suggestions
1.4 1.4 Karat Platform Builder Scope
1.5 1.5 References
2 2. Overall Description
2.1 2.1 Product Perspective
2.2 2.2 Product Functions
2.3 2.3 User Classes and Characteristics
2.4 2.4 Operating Environment
2.5 2.5 Design and Implementation Constraints
2.6 2.6 User Documentation
2.7 2.7 Assumptions and Dependencies
3 3. External Interface Requirements
3.1 3.1 User Interfaces
3.2 3.2 Hardware Interfaces
3.3 3.3 Software Interfaces
3.4 3.4 Communications Interfaces
4 4. System Features
4.1 4.1 System Feature 1
4.2 4.2 System Feature 2 (and so on)
5 5. Other Nonfunctional Requirements
5.1 5.1 Performance Requirements
5.2 5.2 Safety Requirements
5.3 5.3 Security Requirements
5.3.1 5.3.1 Pentest
5.3.2 5.3.2 SOC
5.3.3 5.3.3 Database Encryption
5.3.4 5.3.4 2FA
5.4 5.4 Software Quality Attributes
5.4.1 5.4.1 Security
5.4.2 5.4.2 Reliability
5.4.3 5.4.3 Availability
5.4.4 5.4.4 Maintainability
5.4.5 5.4.5 Flexibility
5.4.6 5.4.6 Testability
5.4.7 5.1.7 Portability
5.4.8 5.1.8 Correctness
5.5 5.5 Business Rules
6 6. Other Requirements
6.1 Appendix A: Glossary
6.2 Appendix B: Analysis Models
6.3 Appendix C: To Be Determined List
1. Introduction
1.1 Purpose
Any information you have on the customer that can be used to pre-fill the application form
Your preferences/restrictions for this specific application (e.g. Individual vs Business application)
When the API call is received, Unit will create an application form resource, and generate an application form link. This link is returned in the response to the API call, along with an application form ID. This link is valid for 24 hours, and you can receive a fresh link that will allow the user to resume the application by calling the GET application form endpoint. It is up to you to manage the distribution of this link and manage all communication around the application form (sending emails, or redirecting the customers).
1.2 Document Conventions
<Describe any standards or typographical conventions that were followed when writing this SRS, such as fonts or highlighting that have special significance. For example, state whether priorities for higher-level requirements are assumed to be inherited by detailed requirements, or whether every requirement statement is to have its own priority.>
1.3 Intended Audience and Reading Suggestions
This document is intended for developers, project managers, testers, and installation staff. Contained in this document are the system requirements, constraints, and core features of the system. Efforts have been made to use as little jargon as possible for ease of reading. A listing of commonly used terms and their descriptions can be found in the glossary section. It is recommended that all readers of this document begin by reading the Overall Description and then to branch into other parts of this document as needed.
1.4 Karat Platform Builder Scope
The Karat platform builder reduces the time and resources needed to build a fintech platform by using a drag n drop style instance that allows partners to design and build their platform as easily as building a website using Webflow by allowing them to change the CSS, Fonts, and HTML without seeing any of the code themselves. Partners will be able to alter the code the same way that code can be altered in Webflow.
With our solution, the partner never handles SOC2 or PCI compliance directly; instead, they deal with e-Tokens and a number of pre-integrated JavaScript APIs. The platform will be hosted on a secure server and can only be exported once the partner proves they can take care of the compliance and security on their server by making a request directly to Karat.
1.5 References
Title
Author
Date
Source
Design System
12 Apr 2023
PRD
10 Apr 2023
Feasibility Study
13 Sep 2022
Business Case
2. Overall Description
2.1 Product Perspective
<Describe the context and origin of the product being specified in this SRS. For example, state whether this product is a follow-on member of a product family, a replacement for certain existing systems, or a new, self-contained product. If the SRS defines a component of a larger system, relate the requirements of the larger system to the functionality of this software and identify interfaces between the two. A simple diagram that shows the major components of the overall system, subsystem interconnections, and external interfaces can be helpful.>
The goal of the Frontend Platform Builder is to allow our partners to build a custom fintech platform using the already built Partner Platform to act as the access point to control the frontend platform look and feel.
2.2 Product Functions
<Summarize the major functions the product must perform or must let the user perform. Details will be provided in Section 3, so only a high level summary (such as a bullet list) is needed here. Organize the functions to make them understandable to any reader of the SRS. A picture of the major groups of related requirements and how they relate, such as a top level data flow diagram or object class diagram, is often effective.>
PF-1: Partners are able to design platform components including color, fonts, & typography
PF-2: Partners are able to switch out component variants (e.g. pie chart β graph)
PF-3: Partners custom made credit cards will appear in the cardholder platform
PF-4: Partners are able to export their platform code to host on their own server
PF-5: The platform builder shall operate as a drag n drop function similar to Webflow or Framer
PF-6:
2.3 User Classes and Characteristics
<Identify the various user classes that you anticipate will use this product. User classes may be differentiated based on frequency of use, subset of product functions used, technical expertise, security or privilege levels, educational level, or experience. Describe the pertinent characteristics of each user class. Certain requirements may pertain only to certain user classes. Distinguish the most important user classes for this product from those who are less important to satisfy.>
User Class
Information Required
Notes
Individual
Legal name;
Date of Birth;
Physical Address;
Government Identification Number:
For US Persons: Taxpayer Identification Number (TIN)
For Non-US Persons: Passport number (and country of issuance, date of issuance, and expiration date)
Copy of Passport and Address Verification is required for all Non-US Persons. Physical Address must be a US address.
Business
Legal Entity Name;
Taxpayer Identification Number;
Physical Address; and
Information listed for natural persons for each Beneficial Owner and Officer of the legal entity
Companies that are publicly traded in a major US stock exchange are subject to lighter onboarding requirements. If your customer base includes publicly traded companies, please reach out to Unit for additional information. Physical Address of the business must be a US address.
Partner End User
2.4 Operating Environment
The application will run on Chrome, Firefox and other popular web browsers. The operating environment and associated requirements of running the βFrontend Platform Builderβ on any smartphone or computer browser are as follows:
Operating system
Windows/Linux/Mac
Recommended
Windows 10/Ubuntu/Big Sur
Ram
4 GB (recommended)
Processor
Quad Core(recommended)
2.5 Design and Implementation Constraints
<Describe any items or issues that will limit the options available to the partners. These might include: corporate or regulatory policies; hardware limitations (timing requirements, memory requirements); interfaces to other applications; specific technologies, tools, and databases to be used; parallel operations; language requirements; communications protocols; security considerations; design conventions or programming standards (for example, if the customerβs organization will be responsible for maintaining the delivered software).>
CO-1: This application will only be available in English language for now as it is the first version of it. This language constraint will be eradicated in the upcoming versions.
CO-2: This application will not be limited to certain regions of the world. None of the services will have any geo-restriction inflicted upon them. Our partners from all around the world will be able to benefit from all the services equally.
CO-3: Color Constraints will initially start with the below mentioned colors however, partners will be able to use a color wheel to design their components in anyway they desire.
2.6 User Documentation
<List the user documentation components (such as user manuals, on-line help, and tutorials) that will be delivered along with the software. Identify any known user documentation delivery formats or standards.>
UD-1: API Documents -
UD-2: Online guides will be made available in a knowledge base online separate from the actual platform and made available on a public webpage.
2.7 Assumptions and Dependencies
<List any assumed factors (as opposed to known facts) that could affect the requirements stated in the SRS. These could include third-party or commercial components that you plan to use, issues around the development or operating environment, or constraints. The project could be affected if these assumptions are incorrect, are not shared, or change. Also identify any dependencies the project has on external factors, such as software components that you intend to reuse from another project, unless they are already documented elsewhere (for example, in the vision and scope document or the project plan).>
AD-1
MBanq APIβs
APIβs will include secured credit card, accounts, ledger, accounting, etc to be offered as services in the frontend and provide assistance for the backend
AD-2
package.json dependencies
AD-3
devDependencies
"@svgr/webpack": "^6.3.1", "eslint": "8.23.1", "eslint-config-next": "12.3.0", "@types/lodash": "^4.14.170", "@types/node": "^15.14.0", "@types/react-router-dom": "^5.1.7", "@types/react-router-hash-link": "^2.4.0", "@types/socket.io-client": "^3.0.0", "eslint-plugin-prettier": "^3.0.1", "prettier": "^1.16.4"
3. External Interface Requirements
3.1 User Interfaces
The Frontend Platform Builder supports two ways of controlling its look and feel. A Preset UI option, which allows you to select from a number of preset layouts, styles, and languages options (shown below) and a Custom Style UI option, which allows you to specify CSS and text to pass into the frontend via a color wheel. The preset UI options are great for partners who want to know that their Frontend Platform will look the same on across browsers. Whereas, the Custom Style UI is designed for partners who want more control over the Frontend Platform's look and feel.
With the Preset UI, a bootstrap styled Frontend Platform will appear. The appearance of this can be tweaked and tailored within certain boundaries to vary the appearance of the Frontend Platform using the following parameters - layout, input_width, label_width, show_placeholders, input_style, label_font_size, label_font_family, label_font_color, input_font_size, input_font_family, input_font_color.
However, the use of three other parameters - css , text , font - switches the Frontend Platform to the Custom Style UI. It can be styled exactly as the partners application itβs being embedded into, the text can be customized to the partner's wishes and custom fonts can be included in the styling options. Directions and examples on how to implement the Frontend Platform parameters are listed in subsequent sections of this document.
UI-1: Menu/Item/Inactive
UI-2: Input/Form
Sample Screens
3.2 Hardware Interfaces
The hardware interface, according to the IEEE 830-1998 is defined as, the logical characteristics of each interface between the software product and the hardware components of the system. These can be elaborated by specifying the hardware traits that make the compatibility and smooth functioning of the system successful.
The only hardware needed to connect the user to the software is a mouse (or mouse pad), a computer and monitor (or laptop). A mobile smart phone can also be used to access a highly limited version of the software.
3.3 Software Interfaces
The software platform will use a React based framework using Tailwind CSS and Typescript and it will be accessed by the partner platform which is written in PHP on the Laravel framework. The database used will either be MySQL or Postgresql. Karat uses Prettier to format code to adhere to the Airbnb style guide. The frontend platform builder will be powered by Amazon Cloudfront and hosted on TMD Hosting.
Frontend
Backend
Language
Tailwind CSS, Typescript
PHP, SCSS, Javascript
Framework
React
Laravel
Database
Postgresql
MySQL
3.4 Communications Interfaces
<Describe the requirements associated with any communications functions required by this product, including e-mail, web browser, network server communications protocols, electronic forms, and so on. Define any pertinent message formatting. Identify any communication standards that will be used, such as FTP or HTTP. Specify any communication security or encryption issues, data transfer rates, and synchronization mechanisms.>
4. System Features
Requirement ID
Description
REQ-1
Login/Sign up
REQ-2
Display each partners unique card design
REQ-3
An icon to decrypt the card information.
REQ-4
Option to generate a new card or replace existing card.
REQ-5
Drag n Drop components
REQ-6
Custom color on components
REQ-7
Custom upload and pre-installed fonts
REQ-8
Component Variants
4.1 System Feature 1
<Donβt really say βSystem Feature 1.β State the feature name in just a few words.>
Requirement ID
REQ-1
Requirement Type
Functional
Use Case #
1
Description
User will create an account if there is no existing account associated with user. User must sign up in order to use this app. This has to be the first page when user opens the application.
Rationale
Login in and if there is no account, the account creation is necessary to start using this application
Source
-
Source Document
-
Acceptance/Fit Criteria
The user must provide a valid email address. The password should also be at-least 6 characters.
Dependencies
The user must have an email account or some authentic third party (Google) account to sign up.
Priority
Essential
β
Conditional
-
Optional
-
Change History
-
4.1.1 Description and Priority
<Provide a short description of the feature and indicate whether it is of High, Medium, or Low priority. You could also include specific priority component ratings, such as benefit, penalty, cost, and risk (each rated on a relative scale from a low of 1 to a high of 9).>
4.1.2 Stimulus/Response Sequences
<List the sequences of user actions and system responses that stimulate the behavior defined for this feature. These will correspond to the dialog elements associated with use cases.>
4.1.3 Functional Requirements
<Itemize the detailed functional requirements associated with this feature. These are the software capabilities that must be present in order for the user to carry out the services provided by the feature, or to execute the use case. Include how the product should respond to anticipated error conditions or invalid inputs. Requirements should be concise, complete, unambiguous, verifiable, and necessary. Use βTBDβ as a placeholder to indicate when necessary information is not yet available.>
<Each requirement should be uniquely identified with a sequence number or a meaningful tag of some kind.>
REQ-1:
REQ-2:
4.2 System Feature 2 (and so on)
5. Other Nonfunctional Requirements
5.1 Performance Requirements
<If there are performance requirements for the product under various circumstances, state them here and explain their rationale, to help the partners understand the intent and make suitable design choices. Specify the timing relationships for real time systems. Make such requirements as specific as possible. You may need to state performance requirements for individual functional requirements or features.>
5.2 Safety Requirements
<Specify those requirements that are concerned with possible loss, damage, or harm that could result from the use of the product. Define any safeguards or actions that must be taken, as well as actions that must be prevented. Refer to any external policies or regulations that state safety issues that affect the productβs design or use. Define any safety certifications that must be satisfied.>
5.3 Security Requirements
The following security measures and restrictions must be taken into consideration when developing the frontend platform builder.
5.3.1 Pentest
Before launch, a pentest should be conducted on the platform to verify no security concerns such as data leaks are possible.
5.3.2 SOC
5.3.3 Database Encryption
The database should be 256 Bit AES (Advanced Encryption Standard) encryption as the standard across the entire platform.
5.3.4 2FA
5.4 Software Quality Attributes
5.4.1 Security
The frontend platform must be fully accessible to only authentic users and should require pin for entry to a new environment including 2FA with at least email authentication.
5.4.2 Reliability
Reliability should be top of mind next to security in terms of the correct components being generated for the end user using the actual frontend.
5.4.3 Availability
Any information about the account should be quickly available from any computer to the authorized user. The previously visited customerβs data must not be cleared.
5.4.4 Maintainability
The application should be maintainable in such a manner that if any new requirement occurs then it should be easily incorporated in an individual module.
5.4.5 Flexibility
The platform should be highly flexible to the partner user to give them ample room for design and functional customization, to allow them to integrate custom services, fonts, designs, etc at will when their chosen preference isn't available out of the box.
5.4.6 Testability
Testing should be straight forward and simple; security testing should automatically occur at the standard rate designated for secure banking systems, optimization testing should occur before partners publish any new changes and should alert them if there are optimization issues and where the issues are stemming from.
5.1.7 Portability
Each frontend should be mobile responsive for the frontend users but the platform builder for partners will only work on a desktop/laptop. Partners will be able to port their custom code to their own server only after proving they are compliant with various regulations and must put in the request to allow management to unlock their code for them.
5.1.8 Correctness
The platform should be self-correcting to not allow any regulatory or spelling mishaps to occur including typographical mistakes, using language or images not allowed on the platform, and Web Content Accessibility compliant issues. The platform should alert the partner to these kind of issues and lock them from updating their platform until the issues are resolved.
5.5 Business Rules
<List any operating principles about the product, such as which individuals or roles can perform which functions under specific circumstances. These are not functional requirements in themselves, but they may imply certain functional requirements to enforce the rules.>
6. Other Requirements
<Define any other requirements not covered elsewhere in the SRS. This might include database requirements, internationalization requirements, legal requirements, reuse objectives for the project, and so on. Add any new sections that are pertinent to the project.>
Appendix A: Glossary
<Define all the terms necessary to properly interpret the SRS, including acronyms and abbreviations. You may wish to build a separate glossary that spans multiple projects or the entire organization, and just include terms specific to a single project in each SRS.>
Appendix B: Analysis Models
<Optionally, include any pertinent analysis models, such as data flow diagrams, class diagrams, state-transition diagrams, or entity-relationship diagrams.>
Appendix C: To Be Determined List
<Collect a numbered list of the TBD (to be determined) references that remain in the SRS so they can be tracked to closure.>
Last updated
