Scan and go self-service platform with cryptocurrency support · 2018-09-10 · Scan and go...

Scan and go self-service platform withcryptocurrency support

Kristo Truu, Hans-Toomas Saarest, Hendrik Jaanre

Smarts OÜTartu mnt 53, 10115 Tallinn, Estonia

[email protected], [email protected], [email protected]

Abstract. Mobile based self-service platform The goal of this whitepaper is to provide a technological overview of the Smarts self-serviceplatform that would make self-service more convenient for end-users and more usable, cheaperand technologically easier to use for customers. Self-service systems have become part of people’s day-to-day operations in recent years. Often,self-services offered by institutions require a client account creation. Also, the quality of self-service systems varies greatly. In this whitepaper, we provide a solution that attempts to makeself-service offered by a self-service platform more standardized by using an end-user mobilephone.

Key words: blockchain, self-service, cryptocurrency

mailto:[email protected]

Self-service platform 2

1 OverviewAbbreviations

ESB Enterprise service bus MVC Model-View-Controller

HTML HyperText Markup Language MVP Minimum Viable Product

CSS Cascading Style Sheets POJO Plan Old Java Object

JIT Just In Time QR code Quick Response Code

AOT Ahead Of Time REST Representational State Transfer

SSD Solid State Drive Barcode European Article Number

DRAM Dynamic random access memory RPC Remote Procedure Call

API Application programminginterface

Smarts Smarts self-service platform

NoSQL No Structured Query Language SDK Software Development Kit

JSON JavaScript Object Notation SSDK Smarts SDK

HDD Hard Disk Drive MVP Minimal valuable product

XML Extensible Markup Language SCOM Smarts Communication

SOAP Simple Object Access Protocol RMI Remote Method Invocation

IIOP Internet Inter-ORB Protocol AMQP Advanced Message Queuing Protocol

M2M Machine to Machine SSP Self-service platform

EVM Ethereum Virtual Machine CPU Central processing unit

1.1 Overview of self-service strategies

The aim of self-service is to reduce the amount of human resources needed for providingthe service and put a partial responsibility on the customer. Another main purpose forimplementing self-service is cost savings. In addition, providing self-service opportunities isinnovative and attractive for the customer.

The most common self-service methods are terminal based self-service, web-based self-service and mobile-based self-service. In 2005 a study with 654 participants was done to evaluatethose three self-service strategies 1. Among other things the participants were asked about ease ofuse, usefulness, the need for communication and risk. The results of the study provided afundamental difference between the three self-services. The most useful self-services wereterminal and mobile based. Terminal-based self-service was the easiest to use, which was themain point of the study. The riskiest was internet banking, but considering that in 2005 web-based self-service was still a really new thing, the participants of the study did not yet have a firmopinion of it.

Smarts tries to develop it’s system on three main features which are: ease of use,availability and profitability.

1 Curran, J. M., & Meuter, M. L. (2005). Self-service technology adoption:comparing three technologies. Journal of Services Marketing, 19(2).


1.2 Example case of use

On the use case figure below, an example of a customer using the Smarts self-service platform isdescribed. The customer, we call her Alice, is a registered user of Smarts SSP. She enters thestore after logging in to the system by scanning the Stores specific QR code. From there, shegoes on to scan the products she wishes to purchase, adding them to the applications shoppingcart. This removes the need to visit the traditional or self-service check-out line. After finishingscanning the products she scans the stores QR code again to pay for her products with fiat orcryptocurrency and leaves the store.

Use case figure 1: Alice using Smarts self-service platform

By using Smarts self-service platform she saves a considerable amount of time whenever shegoes shopping by avoiding lines thanks to Smarts’ features. The wide-range use of Smarts isbeneficial also to vendors who can cut costs thanks to smaller need of traditional check-outs andredirecting employees from cashiers jobs to managing the products.


2 Frameworks, architecture and components

2.1 Architecture

The choice for the best suited architecture for the Smarts self-service platform was the result ofcomparing and analysing three styles of architecture which were: monolithic architecture,microservices architecture and service-oriented architecture (SOA/ESB). When analysing thosethree types of architecture to determine which was the most suitable for this type of platform, thefirst conclusion was that a monolithic architecture should be excluded from any seriousconsideration. The reason was that a monolithic architecture would have made the system toocomplex and expensive. The research resulted with microservices architecture being the mostsuitable for Smarts.

When using the microservices architecture, each main functionality is viewed as a smallapplication. This type of application works independently and those services can be put into use,updated and changed independently. Managing the application is not a part of the applicationitself but a completely different independent application. Also, the applications may be verydifferent or even written in different languages. On the downside, using microservices increasescomplexity, also in testing them. Developing a microservice demands more coordination fromthe developer-teams, which is why they are generally recommended to be used in project-basedassignments. Additionally, microservices increase the required memory capacity and a correctmechanism for the distribution of services might prove to be difficult. A CUBE distribution ishelpful with the distribution of services that are based on the microservice architecture.Replicating applications happens of the X-axis, distribution is done on the Z-axis, where eachcomponent is a duplicate responsible of a certain sub section. On the Y axis, the application isdivided into different smaller system components 2.

Creating this system is more suited for the approach of microservices, because thecomponents of the system are very different and require different amounts of resources. Thecomparison also showed that scalability of microservices (especially horizontally) is far moreflexible than on an SOA, therefore a microservices architecture meets the system requirementsfar better.

Figure 1: Microservice scale cube

2 D. Namiot ja M. Sneps-Sneppe, „On Micro-services Architecture,“ International Journal of Open Information Technology, kd. 2, nr 9, 2014.


2.2 Image-based barcode identification

Image-based object identification with mobile phones was made possible, when a processor wasadded to the devices with the main purpose of processing image and video codecs, among someother similar tasks. One of the algorithms researched for this platform were spiral algorithm andcorner detection algorithm for identifying QR codes.

2.2.1 The background of scanning barcodes

For the detection of one-dimensional barcodes, the barcode area is divided into 95 equal sections.Since a computer can only recognize binary code, all the areas reflecting light are encoded as 0’sand those which don’t reflect light are encoded as 1’s. After scanning those 95 sections, they aredivided into 15 groups. From twelve of those the number of the barcode is identified. Theremaining three are used for validation. The three groups of validation are the left half from thebeginning of the barcode, the middle of the barcode and the right half of the barcode. By dividingthe barcode in the middle, both of the barcodes halves represent different groups. An error can bedetected for both groups. First half of the barcode must start with a 0 and end with a 1. The otherhalf must start with a 1 and end with a 0. Based on those the scanner will recognize which way tostart reading the barcode. The first number of the barcode represents the type of the code, nextfive represent the producers code. Starting from the 7th number comes the five-digit product code.Last number is called the control number.

2.2.2 Spiral algorithm

The goal of the spiral algorithm is to identify a one-dimensional barcode from an image.Identifying a barcode consists of three stages. The first stage is pre-processing where a limitbetween the black and white intensity level is set. The second stage is for implementing the spiralsearch algorithm, which will commence the search in a spiral pattern from the centre of theimage towards the edges. In the third stage a line perpendicular to the black areas is calculated bywhich it is possible to calculate the value of the barcode 3.

Figure 2. Identifying a barcode

3 E. Ohbuchi, H. Hanaizumi ja L. A. Hock, „Barcode Readers using the Camera Device in Mobile Phones,“ %1 International Conference on Cyberworlds, 2004.


2.2.3 Corner detection algorithm

Corner detection algorithm is used to identify two-dimensional code. To identify the code fivecomponents are used: search pattern, timing pattern, format information, alignment pattern anddata element. Algorithm consists of five stages with the first one being pre-processing when ahistogram is identified to define the limit between the borders of black and white areas. Fromthere the image dimensions are adjusted and the location of the QR code is identified. In thesecond stage an attempt is made to locate three corners of the QR code. The third stage is forcalculating the fourth corner with the data gathered from the previous stage. In the fourth stagethe two-dimensional code is normalized and in the final stage the code is read using the patternsmentioned above ³.

Figure 3: Identifying a barcode with the spiral algorithm

Figure 4: Identifying a 2-dimensional code with the corner detection algorithm

2.2.4 Scandit scanning solution

Testing and research was done on three different solutions of scanners which were Zxing,Scandit and Expo. The solutions were tested by scanning one- and two-dimensional barcodes indifferent lighting environments – dark room, well-lit room and shadows partly covering the code.Scandit and Expo were the two that could work in all of the environments but Scanditsperformance was faster.

Since Scandit, unlike Expo, also supported all the frameworks needed for the Smartsplatform (Android, iOs, React Native and Xamarin) it was determined that Scandit algorithm isthe best at identifying image-based barcodes. Since using Scandit is not free a negotiation was


done with them and resulted in a free scanning license for 100 million devices which is why theiralgorithms were chosen for identifying barcodes and QR codes.

2.3 Message brokers

Message brokers are usually used in a M2M communication network, where devices/servicesexchange messages in a certain format among themselves. Message brokers generally usepublish/subscribe architecture. Sender’s device does not need to know where the message is sentto and receiver doesn’t know who receives it. This decreases the risk for sender and receiver butincreases it for the message broker. The brokers usually route, store and monitor the message.For the Smarts platform two of the most popular message brokers (Apache Kafka andRabbitMQ) were researched and analysed with the results showing the superiority of RabbitMQ.

2.3.1 RabbitMQ

RabbitMQ is based on AMQP protocol which was born out of a need for asynchronousmessaging, a need that synchronous protocols (IIOP, RMI, SOAP) were unable to fulfill. It isknown widely as an open source, scalable and dependable message broker. RabbitMQ usesErleng OTP implementation4.

RabbitMQ stores as much data as possible in DRAM. If it runs out of memory, thebroker start storing it on the storage disk without having a duplicate in DRAM.For routing, RabbitMQ provides many different possibilities of routing logic, it allows creating amessage brokering logic with it’s API. Additionally it allows managing messages that it wasunable to process.

On delivery assurance, a common message broker based on the AMQP protocol is ableto identify missing messages only when words are sent inside a transaction. That type oftransmission decreases the bandwidth of the message broker. RabbitMQ supplements the AMQPprotocol, allowing messages to be sent one by one, assuring that the whole messaging won’t belost. Also, RabbitMQ allows mirroring of the message sequence..

For queueing, RabbitMQ allows changing the sequence inside a channel but when usinga load balancer, It is unable to keep two different channels in sync since they are separated ⁴.

2.4 Databases

Since this self-service platform is built to be connected with more than one entities, the databasesmust be able to deal with high volumes of data, relatively cheap and have enough functionality todeal with scalability issues when volumes increase. Considering all that, relational databaseswere be omitted from the research and only NoSQL databases were considered. In total threeNoSQL databases were reseached and tested for Smarts self-service platform: MongoDB,Cassandra and Couchbase with MongoDB being chosen for the platform.

2.4.1 MongoDB

MongoDB may be viewed as a NoSQL database, which has some principles of operation of arelational database. The database uses bison data type. Compared to a relational database,MongoDB has the possibility to inherit data from a table (collection) and the database enginesupports indexing. When the data volumes exceed 50GB, then a MongoDB database could be10x faster than a MySQL database 5.

4 P. Dobbelaere ja K. S. Esmaili, „Industry Paper: Kafka versus RabbitMQ,“ Nokia Bell Labs, Barcelona, Spain, 2017

5 „The Transition from RDBMS to NoSQL. A Comparative Analysis of Three Popular Non-Relational Solutions:Cassandra, MongoDB and Couchbase,“ Database Systems Journal, kd. 5, nr 2, pp. 49 -59, 2014.


2.5 Frameworks

When choosing a framework for the Smarts platform, six different frameworks were researchedand analysed. Features such as performance, functions and simplicity were assessed. For theback-end development Spring Boot proved to be the most suitable, after comparing it to ApacheStruts 2.

Of mobile-based platforms research was done on React Native, Ionic and Xamarin alongwith their applications. Speed is a key factor for our platform, also having the option to use manyfunctionalities of a native application and the Facebook developed React Native framework waschosen to develop the platform.

2.5.1 Spring Boot

Spring Boot is a component of the Spring Framework, which allows initiating softwaredevelopment as quickly as possible. The framework offers many pre-made components, even fornon-functional purposes, such as a built-in server, security, monitoring, centralized configuration.Spring Boot does not require an XML configuration, which is required in most other frameworksfor setting up a workspace. Spring Framework uses controllers. The controllers are generatedonly once, stored in cache and divided between all queries. The downside with this framework isthat all components of Spring require the presence of Spring Core component 6.

2.5.2 React Native

React Native is a Javascript framework with which it is possible to write code on Android andiOS platforms. It itself is based of React Javascript framework, created by Facebook. Theplatform renders components written in Javascript into platform based native UI elements. ReactNative creates a bridge between the platforms API and Javascript with which its possible to useplatform components (such as a camera). Developing on the React Native platform is simple,since the framework offers many developer tools and as it is a Javascript framework, validatingevery change doesn’t require re-compiling the whole code. React Native allows for coding bothin Java and Swift/Object-C languages and the making of platform-based changes. As mentionedbefore, the framework compiles itself into a platform-based code, that increases the performanceand speed of the application. Considered to be the biggest downside is its young age and the factthat React Native doesn’t support all the functionalities of the platform. Also, finding an error ismade quite difficult for the developer 7.

3.Mobile-based self-service platform

This chapter describes the platform and how it works. Also, the developing methods and tools.

3.1 Method and development tools

For developing the self-service platform the method of agile software method is used. Anapplication called Jira is used for project management, Confluence is used to store the platformsdocumentation and Bitbucket is used to store the applications code. Jenkins, which is connectedto the Bitbucket application, is used as the integration tool. Code is written with Itellij, PhpStormand WebStorm. NoSqlClient is used for communicating with databases and Web3 javascriptlibrary and the nodeserver console is used for communicating with the Ethereum blockchain.

6 P. Webb, D. Syer, J. Long, S. Nicoll, R. Winch, A. Wilkinson, M. Overdijk, C. Dupuis, S. Deleuze, M. Simons, V. Pavić, J. Bryant ja M. Bhave, „Spring Boot Reference Guide,“ 2012 - 2018

7 B. Eisenman, Learning React Native, Gravenstein: O' Reilly, 2016


3.2 Microservices

According to the distribution CUBE and system requirements, the services were divided by theirfunctional tasks as so, that a future horizontal scaling would be as simple as possible. The systemwas divided into 10 different main services. This system is also the basis of another masters’thesis which may bring additional services to the system. The table below will describe theservices and their connections to each other.

Table 1: The description of the microservices

Teenus Kirjeldus

Configurationservice

Tsentraalne konfiguratsiooni haldus kõikidele teenustele.

Service registry Teenus, mis teab kõikide teiste teenuste asukohtasid. Samuti toimibtasakaalustajana ning võimalik kehtestada teenuste asukohale piiranguid(näiteks USA päringud suunatakse Auth

Service 1 teenusele, aga Euroopa päringud suunatakse Auth Service 2teenusele)

Gateway Ligipääsupunkt kogule süsteemile. Kõik teised teenused on sisevõrgusning nendele ligi pääsemiseks saab kasutada ainult Gateway teenust.Gateway kasutab Service registry teenust, et marsruutida päring õigeleteenusele.

Monitoringservice

Teenus, mis jälgib gateway liiklust ning tuvastab vigaseid päringuid.

DeploymentService

Teenus, mille ülesandeks on mikroteenuste uuendamise protsessiläbiviimine.

Auth Service Teenus, mis tegeleb autoriseerimisega ning uute kasutajate loomisega.Teised teenused on integreeritud autoriseerimise teenusega, etvalideerida ligipääsu õigusi. Auth Service kasutab OAuth 2.0 protokolli.

SubscriptionService

Teenus, mis tegeleb uute asutuste lisamise, uuendamise ningkustutamisega. Samuti otsitakse subscription teenusega vastavaidliidestatud asutusi.

Communication Kommunikatsiooni teenuse ülesandeks on suhelda liidestatud asutuste


service süsteemidega (näiteks küsida toodete informatsiooni).

Payment andbills service

Teenus, mis tegeleb maksete kinnitamisega ning arvete koostamise, -avamise ning sulgemisega.

Test CompanyService

Arenduse jaoks mõeldud näidis asutuse teenus.

RabbitMQ Teenus mis vahendab andmeid M2M suhtluses

Elastic Searchengine

Päringute kiiruse suurendamiseks kasutatakse Elastic searchotsingumootorit vältimaks iga kord välisliidese vastu pöördumist.

Figure 5: Smarts microservices

4.3 Main cases of use

4.3.1 Entering a store

Every store is given a unique code in the form of a QR code. To enter a store, you need to scanthe specific QR code assigned to it. To log in to the store, the user must first log into the system. The log-in request is depicted on the Figure below.


Figure 6: Entering a store

Figure 7: The applications view of entering a store

4.3.2 Scanning a product

The precondition to scanning a product is a users system-authorized log-in to a store. The productscan results with an invoice with the added product. Scanning is done with a smartphone usingthe scanning algorithms developed by Scandit. A deal was secured with Scandit that resulted alicense for allowing 1 billion devices to use scandit scanning algorithms. The scanning process isdepicted on the Figure below.


Figure 8: Scanning a product

Figure 9: The applications view of scanning a product

4.3.3 Paying the invoice

Ethereum cryptocurrency can be used to pay the invoice. A precondition for paying is anauthorized user who is logged-in to a store, owns an Ethereum wallet and has no less Ether thanis needed to pay for the invoice. The Figure below shows the process of paying. Signing thetransaction is done in the phone because for security reasons the platform may not have access tothe wallet. The signed transaction is being brokered by the systems Ethereum node server. Amore detailed depiction is on the Figure below.


Figure 10: Paying the invoice

Figure 11: The applications view of paying the invoice

4.3.4 Creating a user account

To create an account a new user must enter their full name, password, username and e-mail.When the account is created the application starts creating an Ethereum wallet in the users phone.Generating the cryptographic keys is done in the smartphone and the wallet itself is also kept inthe smartphone. Back-end system has no access to the wallet. Creating a user account in theback-end is depicted on the Figure below.


Figure 12: Creating a user

Figure 13: The applications view of creating a user

4.3.5 Authorization

To enter the environment the user must enter their username and password. The authorizationrequest is directed to the system access point which redirects the request forward to theauthorization server. Authorization server retrieves an expiring hash value to the user, with whichthe user is licensed to use all the other services the user needs. From then on the user doesn’tneed to resend their details to the system, each service can identify the user with the has valuegiven to them.


Figure 14: Authorization

Figure 15: The applications view of authorization

4.3.6 Language selection

The platform is available in English and Estonian. The default language is English. If the userslanguage is not found the default language will be used. Adding an additional language requiresthe creation of a new Javascript file titled according to ISO639 standard with the languages two-digit abbreviation. In that file the translation keys must be translated with the necessarytranslations.


4.3.7 Adding a subscription

To add a subscription a store representative must log in to the admin environment and add asubscription plan where an approximate daily number of system users must be noted. An optionto automatically allow updating the subscription is available. The cost of using the system iscalculated from the number of daily users entered into the subscription plan. This thesis does notdeal with the pricing.

Figure 16: Adding a subscription

4.3.8 Adding a store

Adding a store, which requires an active right of use, takes place in seven steps. Choosing a subscription – Choosing which subscription the store is added to Store details – Name, registration code, VAT tax code, address, opening hours and

public contact details Payment channels – Ethereum and Bitcoin addresses (in this thesis only Ethereum

address is used) Security strategies – Currently 3 strategies of security methods are available – Customer

numbers strategy, Strict strategy and Time-based strategy (the strategies can be enteredbut the strategy-based check-ups cant be finished for this thesis).

Integration – Store must enter the location of their node server with a password withwhich it is possible to access it. Creating a node server is the subject of another masters’thesis with the goal to develop an SDK that would help make creating a node fast andsimple.

Testing – Activating a store is not permitted before system has finished testing it.Automatic testing will be created for the system which will test the speed of the nodeand validate data objects and the correct use of SDK. (Unable to finish for this thesis,therefore the result will always be positive.)

Finishing – When the testing has a positive result the store can be activated.


Figure 17: Adding a store to a subscription

3.4 SDK and SCOM

Smarts is new mobile based self-service system that uses cryptocurrency as payment currency.This system must communicate with retail store’s infosystems for product and invoice exchangepurposes. For that reason, we needed to design, analyse and develop two communicationcomponents for Smarts platform that help Smarts to communicate with stores that are linked toSmarts system. Communication service (SCOM) is a web service that interacts with store’ssystem, it is also one of Smarts’ microservices. The second component is Smarts SDK (SoftwareDevelopment Kit). Smarts SDK is used in the store systems to help with linking into Smarts self-service platform.

3.4.1 The structure of the Interfacing software

The Smarts SDK Interfacing software is one of the subcomponents of the Smarts system.Its purpose is to ensure the readiness of the Store systems to communicate with the Smartssystem. The Interfacing software mediates the product info from the store with the productspricing info. When designing the interfacing software many standards have been taken intoaccount. Standardized approach is necessary so the interfacing would be easier and moreunderstandable to the stores. Additionally the standardized approach simplifies thecommunication between different parties and Smarts.

3.4.1.1 The Estonian E-Invoice format

The e-invoice was created by the Estonian Banking Association in 2014 to make billing moremodern and effective. The e-invoice is an XML document, which is both machine and humanreadable 8. It consists of three main components: a header for file information, invoice info andfooter for total billing and amount. Smarts self-service system uses the e-invoice format toprocess the billing info. This means, that the info moving between the Smarts platform andinterfaced store is based on the e-invoice format.

8 E. Pangaliit, „Eesti e-arve kirjeldus ver 1.2,“ 01 12 2013. Available: http://pangaliit.ee/images/files/E-arve/Eesti_e-arve_kirjeldus_ver1.2_est.pdf


3.4.1.2 ISO 639-1 standard

ISO 639-1 originates from 2002. It defines a two-letter abbreviation which references to the morepopular languages in the world9. There are in total five versions of that standard which differ bythe serial number. In addittion to ISO 639-1:2002 there is also ISO 639-2:1998, ISO 639-3:2007,ISO 639-4:2010, ISO 639-5:2009 ⁹. The reason to only include the version 1 of the standard isthe e-invoice language selection is also based on the ISO 639-1 standard.

3.4.1.3 Stores product field model

Designing the Stores product field model is based on the minimal e-invoice format. Additionally,GRASP patterns have been taken into account, which describe basic design patterns that belongto object-oriented programming10. In table 2 the stores product field model used in the SDK isshown. It describes different components of the field model and their necessity is explained. Theminimal e-invoice format is provided in the addendum 1.

9 „ISO/IEC 25010:2011,“ International Organization for Standardization, Available: https://www.iso.org/obp/ui/#iso:std:iso-iec:25010:ed-1:v1:en. [Kasutatud 02 04 2018].

10 C. Larman, Applying UML and Patterns: An Introduction to Object-oriented Analysis and Design and the Unified Process, Upper Saddle River, New Jersey: Prentice Hall Professional, 2002.


Table 2: Description of product data object data types

Data type Necessity

Product Product – the main object that includes all the other data types in tables 1 and2. It brings together the necessary product info on the basis of which Smartsdisplays the list of purchased products to its user and generates the invoice.

Price Includes the products basic price info with VAT info. Additionally it ispossible to add special pricing (discounts, mark-ups), When compiling theinvoice, a VatRecord object, known from the e-invoice format, with the pricinginfo from ItemEntry is created which is based on the Price object.

ExtraPrice Object for determining the special price which enables determining a specialprice with a numerical size (amount) and as a percentage on the basic price(rate). The field type points to the type of the special price.

ExtraPriceType Determines the type of the special price. Contains two values: DSC and CHRwhich result from the e-invoice format. DSC stands for discount (the specialprice is lower than the basic price) and CHR stands for mark-ups (the specialprice is higher than the basic price).

Translatable A universal translating component which includes one primary language(principalLanguage) and one primary text (principalText). The primarylanguage and text are also the default language and text, so when the name ordescription of a product is needed but the language is not specified then theprimary text in the primary language are displayed. The translations are in aseparate Map data structure where the key is the language code (LangCode)and the value is the text in the language corresponding to the language code.

LangCode Enum, which contains the two-letter codes corresponding to the ISO 639-1:2002 standard. In addition, it is possible to inherit the code corresponding tothe name of the language (for example English, Estonian, Russian).

Inspection The object of purchase check which enables the store to decide if a purchasecheck is needed with the given product or not. MinValue and maxValue arenumerical sizes, with which it is possible to assign the lower and upper limitswhich accompany the purchase check. The type field determines the type of thepurchase check (based on age, time or amount). One product can have multiplepurchase checks.

InspectionType Enum, which designates the type of the purchase check. It contains three typeof predefined values based on age, amount and times.

MeasurementPair Products measurement object which in its nature is a key-value type object.The key is a measurement unit and the value is a numerical valuecorresponding to the measurement. Since one product may have multiple


methods of measurement, it is possible to describe multiple methods ofmeasurement in an array. With the product it will be assumed that the firstmeasuring object in the array contains the main unit of measurement of theproduct with its value.

Unit Interface, which enables the describing of units of measurement. It defines therequirement that each unit of measurement must have its symbol. The reason inusing the interface comes from the necessity of adding units in the future.Therefore the descriptions of future measuring units must correspond to therequirements of this interface.

MetricUnit Unit- Interfaces realization enum in a shape describing metric measuring units.

ImperialUnit Unit- Interfaces realization enum in a shape describing imperial measuringunits.


Figure 18: Product field model

As shown on the table and Figure above the data object requesting the product must be able toconsider many important realities: regulatory constraints (age limits, time limits), limits set bythe store (amount limits during sales), the need for different (crypto)currencies as well as thepossibility of measuring products in different units. Based on that info, Smarts will be able tocheck if buying a product is allowed for a user. If needed, an employer will check the age of thebuyer by checking their physical document.


3.4.1.4 Elasticsearch search engine

Elasticsearch is an open source search engine software based on Apache Lucenel. The softwarecan also be used as a database, which allows for a fast text-based search 11. Considering the speedproperties of Elasticsearch (low latency – an added document can be searched for only after 1second after adding it), it is a reasonable choice for the Smarts self-service platform because aproduct added by the store is available in the search engine almost immediately. It holds thenumber 1 spot on the DB-Engines search engine ranking, at the moment of writing this paper 12.In addition, Elasticsearch working with Kibana offers an option to monitor the database 13. Thetable below offers a description of the main terms related to Elasticsearch, it is based on thedocumentation of Elasticsearch 6.2 14. Column “Use” describes the use of this termin in thecontext of Smarts self-service platform.

Table 3: Elasticsearch search engine termins and set-up

Term Explanation Use

Cluster The cluster consists of one or more nodes. Eachcluster must have a unique name, because thenames connect the nodes to the cluster. A cluster isrequired for searches, since it allows for a federatedsearch over nodes in the cluster, where each clustersends a query to each node, and then joins the resultof the nodes to one result15.

Configuring Elasticsearch acluster titles “smarts-products” is created. If aneed arises to useElasticsearch for anythingelse a separate cluster mustbe created.

Node The node forms one inner part of the cluster. Theremay be one or more nodes in a cluster. Node maybe a server meant for data processing. A node mustbe referred to the right cluster by name.

The cluster contains onenode. The node may have itsname but in this case it willbe defaulted to UUID.When adding nodes theyeach must have their ownname, for clarity.

Index The index consists of a set of documents withsimilar characteristics. The index is determined bythe name that must be given to it when defining it.Index name is used by Elasticsearch later to index,search, add, modify, and delete relevant documents.

In the cluster “smarts-products” an index titeled“product-nested” wascreated which referrs to a(stores) product. The“nested” implies that its thetype of document that inaddition to simple fields italso contains complexfields.

11 Rafal Kuc, Marek Rogozinski, Elasticsearch Server, Birmingham: Packt Publishing Ltd., 2013

12 „DB-Engines,“ solid IT, 04 2018. Available: https://db-engines.com/en/ranking/search+engine

13 „Kibana,“ Elasticsearch BV, 2018. Available: https://www.elastic.co/products/kibana

14 Rafal Kuc, Marek Rogozinski, Elasticsearch Server, Birmingham: Packt Publishing Ltd., 2013

15 Milad Shokouhi, Luo Si, „Federated Search,“ Foundations and Trends® in Information Retrieval, kd. 5, p. 120, 2011


Document A dataset in JSON-format which can be indexed,searched, added, edited and deleted.

A document in this case is aproduct under the “smarts-nested” index and is in turnin the “smarts-products”cluster.

Shard Since an index with its own documents can containso much data that it does not physically fit onto asingle node (server) (data cap is reached or thesearch becomes too slow), it is possible to dividethis index into smaller parts - shreds. Each coil hasits own characteristics similar to the index and isable to work on any one node. This provides theopportunity to disperse data operations betweendifferent nodes and to make work more parallel,thereby ensuring higher throughput of the system.

When creating the„product-nested“ index, theamount of created shred wasset on the default 5, becauseat this moment only theMVP version of Smarts in indevelopment.

Replica A replica is copy of a shard (shard replica). It isnecessary for ensuring the systems work in the casea node (with the shard) shoud get corrupted or stopfor any reason. In that case, with the help of thatcopy, the info in that shard would be activated inanother node. A replica is never kept in the samenode as the corresponding shard.

When creating the index“product-nested” theamount of copies to becreated was set as thedefault 1.


3.4.2 The process of requesting product info and updating the invoice

The process of requesting the product info is one of the central activities of Smarts. Withoutreceiving info from the store, Smarts self-service platform wont be able to fulfil the role put uponit. The interaction Figures in this chapter display the process of requesting products and thedifferent versions of it.Figures 19 and 20 visualize the process of requesting product info. The squence Figures showdifferent lifelines and actors 16:

The User – a user of the Smarts system Gateway – a microservice which is the only one accessible from the public web and

which communicates with the User Communication service (SCOM) – a microservice which is responsible of

communicating with the Store and the search engine Authentication service – a microservice which is responsible for security and

mikroteenus, mis vastutab turvalisuse eest ja jagab shares access tokens Redis – a service providing the functionality of cache memory which allows the

temporary storage of an invoice in the cache and fast request of it 17

Elasticsearch – a search engine that saves the products requested from the Stores system the Store (via the Interfacing software) – the stores system which is interfaced with the

Smarts self-service platformIn addition to the process of requesting info, the Figures 3 and 4 also show how theCommunication service handles the invoice. If a user searches for a product (scans the barcodeand wants to buy it), the Communication service requests the pending invoice from the cache bythe invoice ID. Thereupon after having received the invoice, the Communication service updatesit by adding the requested product. After adding the product the SCOM saves the invoice by thesame ID again into the Redis cache. After that the payment service can request the invoice fromthe cache for further processing.Figure 3 describes the process which determines the lack of necessity of turning to the storessystem if the products info is accessible on the Elasticsearch.

16 C. AS|, „STANDARDIPÕHINE TARKVARATEHNIKA SÕNASTIK,“ CYBERNETICA AS Available: https://stats.cyber.ee/

17 „Redis,“ Redis Labs. Available: https://redis.io/


Figure 19 The interaction Figure of requesting the product info without referring to the store

On the following Figure 20 a process is shown that displays the requirement of Smarts firstrefering to the Elasticsearch when requesting the product info and if the Elasticsearch does nothave it, the request will be done to the Stores system.


Figure 20: The interaction Figure of requesting product information with referring to the store

3.4.3 The Stores activities with a product in the Elasticsearch search engine

The Store (via the Smarts Interfacing software) is enabled to add, edit or delete its products fromthe Smarts search engine. This is necessary for enabling the stores to make correction in theprice, remove a product or add a new one. The Elasticsearch is used to speed up the purchaseprocess because if the request is done on a product already in the search engine database, therewill be no need to make a request to the stores system. Since the Elasticsearch is a component ofSmarts system, the stores must be able to edit the containing info when a need arises. On thefollowing Figure 5 the process of adding or updating a product from the stores side is shown. TheStore gives a list of products to Smarts which then validates the list and adds the products into thesearch engines database by the Store identifier and barcode. The products not found from thesearch engine are added and the ones that were found will be deleted and then added again (wereupdated).


Figure 21: Adding or updating product info in the search engines database

ElasticsearchLüüs Suhtlusteenus

Pood (SDK vahendusel)

Autentimisteenus

[saveSuccess]:successMessage()

*[allAreValid]:saveProduct

(product, storeId)

insertOrUpdateProducts(products, storeId)

authorize()

[saveSuccess]:successMessage()

validateProducts(products)

insertOrUpdateProducts(products, storeId)

The Figure 22 below describes the deleting of a product from the database. The differencebetween it and adding or updating a product is that only one item can be deleted at a time. Whendeleting it the received info is validated and after the process is done a message will be returnedthat confirms it.

Figure 22: Deleting a product from the search engine database

Pood (SDK vahendusel)

Lüüs Suhtlusteenus ElasticsearchAutentimisteenus

deleteProduct(barcode, storeId)

[deleteSucceeded]:successMessage()

authorize()

[isValidDeleteRequest]:deleteProduct(barcode, storeId)

validateDeleteRequest(barcode, storeId)

[deleteSucceeded]:successMessage()

deleteProduct(barcode, storeId)


3.4.4 Component security

Ensuring the security of the Interfacing software and the SCOM (Communication service) isdone in many ways. First, the SCOM can be accessed only through the gateway which meansthat the SCOM along with the other services is accessible only in the intranet which is protectedwith a firewall. Second, the transport layer uses the SSL (Secure Sockets Layer) encryption which ensures theencryption of network packets in the transport layer (HTTPS). With that a possible datainterception in the public web is avoided (between the store and Smarts).Third, access tokens which are only shared by the authentication service are used in all thecommunications between the services. All other services must turn to the authentication serviceto get the access token validated. On the application level the security is ensured with the Oauth2.0 protocol which is based on sharing access tokens. In addition, all the critical data isencrypted. Critical data includes the store connection info (address), seller-buyer contact info,access tokens. In the encryption the public key cryptography is used.

3.4.5 Communication between the microservices

The Smarts self-service system is based on the microservice architecture. That means that everymicroservice is independently developable, manageable, installable, updatable and observable.To make the system work as a whole, the micreservices need to communicate with each other.The communication between microservices is based on REST (Representational State Transfer)architecture which uses HTTP protocol for data transfer. Figure 7 shows the REST-basedcommunication over HTTP protocol.

Figure 23 REST architecture using HTTP

REST architecture was chosen because it is one of the easier and simpler means ofcommunication available, which allows for a better scalability and performance compared to theordinary RPC-style (Remote Procedure Call) web services (Soap) 18. Stateless communicationbetween web services means that the web service itself holds no info about the customer whichmeans that the customer must give all the info with every request so that the server wouldinterpret the request correctly. This allows for a better scalability since the whole system is builtstateless.

18 Xinyang Feng, Jianjing Shen, Ying Fan, „REST：An Alternative to RPC for Web Services,“ %1 First International Conference on Future Information Networks, 2009.


3.5 Managing, monitoring and developing the system

To manage and monitor the system, Smarts creates different microservices. Serviceregistry monitors the status and conditions of the service machines. Monitoring the traffic is donein the gateways. To manage logs Elasticsearch with the Kibana interface is used.The systems microservices are hosted and managed with the help of Docker. In addition,Kubernetes is used.To deploy new releases means of continuous integration are used. For projectmanagement, documentation and storing the code Jira, Bitbucket and Confluence are used.

3.6 Testing the system

Before publishing a new release, Smarts system is tested thoroughly which includesautomatic testing, stress testing, security testing, regression testing, testing the black box; whitebox and smoke testing. In the development of business-critical components TDD (test-drivendevelopment) methodology is used. If an error gets through the testing phase, it will be toppriority and gets fixed as soon as possible.

4. Conclusions

Hendrik will put on his mad writing pants and kick a great deal of conclusions out of hiskeyboard.


References

1. Curran, J. M., & Meuter, M. L. (2005). Self-service technology adoption: comparing three technologies. Journal of Services Marketing, 19(2)

2. D. Namiot ja M. Sneps-Sneppe, „On Micro-services Architecture,“ International Journalof Open Information Technology, kd. 2, nr 9, 2014.

3. E. Ohbuchi, H. Hanaizumi ja L. A. Hock, „Barcode Readers using the Camera Device inMobile Phones,“ %1 International Conference on Cyberworlds, 2004.

4. P. Dobbelaere ja K. S. Esmaili, „Industry Paper: Kafka versus RabbitMQ,“ Nokia Bell Labs, Barcelona, Spain, 2017

5. „The Transition from RDBMS to NoSQL. A Comparative Analysis of Three Popular Non-Relational Solutions:Cassandra, MongoDB and Couchbase,“ Database Systems Journal, kd. 5, nr 2, pp. 49 -59, 2014.

6. P. Webb, D. Syer, J. Long, S. Nicoll, R. Winch, A. Wilkinson, M. Overdijk, C. Dupuis, S. Deleuze, M. Simons, V. Pavić, J. Bryant ja M. Bhave, „Spring Boot Reference Guide,“ 2012 – 2018

7. B. Eisenman, Learning React Native, Gravenstein: O' Reilly, 20168. E. Pangaliit, „Eesti e-arve kirjeldus ver 1.2,“ 01 12 2013. Available:

http://pangaliit.ee/images/files/E-arve/Eesti_e-arve_kirjeldus_ver1.2_est.pdf9. „ISO/IEC 25010:2011,“ International Organization for Standardization, Available:

https://www.iso.org/obp/ui/#iso:std:iso-iec:25010:ed-1:v1:en. 10. C. Larman, Applying UML and Patterns: An Introduction to Object-oriented Analysis

and Design and the Unified Process, Upper Saddle River, New Jersey: Prentice Hall Professional, 2002.

11. Rafal Kuc, Marek Rogozinski, Elasticsearch Server, Birmingham: Packt Publishing Ltd., 2013

12. „DB-Engines,“ solid IT, 04 2018. Available: https://db-engines.com/en/ranking/search+engine

13. „Kibana,“ Elasticsearch BV, 2018. Available: https://www.elastic.co/products/kibana14. Rafal Kuc, Marek Rogozinski, Elasticsearch Server, Birmingham: Packt Publishing

Ltd., 201315. Milad Shokouhi, Luo Si, „Federated Search,“ Foundations and Trends® in Information

Retrieval, kd. 5, p. 120, 201116. C. AS|, „STANDARDIPÕHINE TARKVARATEHNIKA SÕNASTIK,“

CYBERNETICA AS Available: https://stats.cyber.ee/17. „Redis,“ Redis Labs. Available: https://redis.io/18. Xinyang Feng, Jianjing Shen, Ying Fan, „REST：An Alternative to RPC for Web

Services,“ %1 First International Conference on Future Information Networks, 2009.

http://pangaliit.ee/images/files/E-arve/Eesti_e-arve_kirjeldus_ver1.2_est.pdf

https://redis.io/

https://stats.cyber.ee/

https://www.elastic.co/products/kibana

https://db-engines.com/en/ranking/search+engine

Scan and go self-service platform with cryptocurrency support · 2018-09-10 · Scan and go...

Documents

Transcript of Scan and go self-service platform with cryptocurrency support · 2018-09-10 · Scan and go...