Software Requirements Specification

Version 1.2
April 24, 2005
Team 10: eWallet

Brittney Brown
Zack Douglas
Jenny Greenwood
Shannon Whitaker

Team Silent Mission Homepage

1.0 Introduction

1.1 Purpose of this Document

This document is the Software Requirements Specification for the eWallet project. The purpose of this document is to convey the functional and performance requirements of the product. This document ensures that the software requirements are properly understood. Also, the details of this document provide guidelines for future use and development of the product.

1.2 Scope of the Development Project

This project implements an electronic wallet. A smart card is used to electronically implement various functions of a normal wallet. It can contain driver's license information, credit card account information (so that credit card purchases may be made with it), an electronic cash purse that functions similar to the University of Utah ID card, medical insurance information, and more. In order to view information on the eWallet or use the eWallet to make a purchase, the cardholder will first need to authenticate via a biometric or PIN.

Along with consolidating all your cash, credit cards, drivers license, medical insurance cards, etc onto one card - all of the functionality is now protected with a fingerprint or PIN number. If the eWallet is lost or stolen, the theif will not be able to gain access to any of the stored information. This is a huge advantage to carrying a conventional wallet where cash, credit card numbers, and personal information (ssn, address) are easily aquired when the wallet is lost or stolen.

1.3 Definitions, Acronyms, and Abbreviations

Term Definition

eWallet Electronic Wallet

Java programming language designed to develop applications, especially ones for the Internet, that can operate on different platforms

POS A business or place where a product or service can be purchased.

Smart Card A plastic card containing a computer chip and enabling the holder to purchase goods and services, enter restricted areas, access medical, financial, or other records, or perform other operations requiring data stored on the chip.

SRS Software Requirements Specification

SSN Social Security Number

1.4 References

Henderson, Tom - CEO; professor for CS 4500 Software Engineering Laboratory
Henderson, Tom - CS 4500 SRS Outline, 27 January 2005. Available WWW: http://www.cs.utah.edu/classes/cs4500/guidelines/SRS.html
Team Silent Mission, BID Version 1.0, 21 January 2005. Available WWW: http://www.cs.utah.edu/~zdouglas/4500/bid1.htm

Team Silent Missoin, Project Plan Version 1.0, 14 January 2005. Available WWW: http://www.cs.utah.edu/~zdouglas/4500/ProjectPlan.html

1.5 Overview of Document

This is the Software Requirements Specification for eWallet by Team Silent Mission.

Section 1.0 of the document introduces the purpose of the document, presents terminology and references that will be used in the project documentation, and defines the scope of the project.
Section 2.0 of the document describes the project's target audience, as well as presenting examples of possible users.
Section 3.0 of the document describes the technical requirements of the project. Requirements, as well as functional and performance requirements will be discussed in the section. The section will describe the hardware and software required to view run the project. In short this section will provide a technical design of how the requirements laid out in section 2.0 will be met.

Back to Table of Contents

2.0 General Description

2.1 User Personas and Characteristics

Persona Label Persona Description/Characteristics

Cardholder User and owner of eWallet card. Uses eWallet to hold personal information such as driver's license, credit cards, cash balance, and more. Manages credit cards and cash balance using eWallet. Makes purchases using eWallet (credit cards and cash balance).

Merchant Accepts purchases with eWallet. May accept either or both credit card feature or cash balance.

Card Information Reader Reads information off of the Cardholder's eWallet card. Such information might include driver's license information or medical information.

Card Issuer Issues eWallet card to Cardholder. Validates eWallet transactions.

2.2 Product Perspective

This project will have multiple parts. Some parts of the project will be implemented for the internet, so that the user can modify information. Other parts of the product will depend on other items such as credit card authorization software or hardware, Point-Of-Sale software or hardware or linking into a central server of information.

The product will have many pieces of hardware that will be integrated into the system. This hardware includes a digital camera, a finger print scanner, smart card reader and a printer will be used. These will all interface to a computer running our software. The software will be developed using Java.

2.3 Overview of Functional Requirements

eWallet Functions:

Enrollment: store photo, personal information, fingerprint on eWallet
User can authenticate to eWallet with a fingerprint or PIN number
Make purchases with electronic cash (stored value) or credit card account stored on the eWallet
Store / read back insurance & medical information
Store / read back drivers license information
Add / Modify credit cards saved onto eWallet
Transfer funds to and from bank account and eWallet via the Internet

2.4 Overview of Data Requirements

The eWallet can store the following data on the microprocessor chip: compressed digital photo, fingerprint image, text data including name, driver’s license, birthday, address, expiration date, medical insurance plan information, credit card numbers and exp dates, and a numeric amount representing how much cash is available/stored on the card.

Assuming a user has correctly authenticated him/herself via a fingerprint scan or PIN, the eWallet will read back any of the previous data.

The eWallet card system will also maintain a backup database of issued cards and their current states (cash value stored, personal information, etc) to allow for replacement of lost / stolen / deactivated cards.

2.5 General Constraints, Assumptions, Dependencies, Guidelines

The interactions between the eWallet and a banking system and credit card system will be simulated (we do not have real access to these systems or their standards of communication). Adding checking account funds to the eWallet must be done via a Web-based interface. It is assumed that card issuance is done in a networked environment so that data may be backed up, as well as electronic cash transactions so that the current stored value amount can be constantly backed up. Assuming appropriate drivers are available for the various hardware pieces, the system can run in either a Windows or Linux environment.

2.6 User View of Product Use

A Cardholder is issued an eWallet card by a Card Issuer. The eWallet card is a smart card which can contain personal information such as driver's license, credit cards, cash balance, and more. The Card Issuer puts the corresponding information onto the Cardholder's eWallet card. The Card Issuer assists the Cardholder with future information additions, detractions, and any problems with the card. The Card Issuer uses a smart card printer to create these eWallet cards for each Cardholder.

The Cardholder can use web applications to manage their eWallet. The Cardholder can adjust cash balances, as well as keep track of other personal information on the cards.

The Cardholder uses the eWallet card to purchase things from the Merchant. The Merchant has a smart card reader to read the eWallet card. The Merchant also has a method of validation, such as acceptance of a PIN number, or hardware for fingerprint scanning. The Merchant has a point of sale system that accepts the eWallet card for transactions. The Merchant submits transactions, such as credit card transactions, from the eWallet card to the Card Issuer for validation. The Card issuer validates the eWallet transactions.

The Card Information Reader uses the information on the Cardholder's card. The Card Information Reader would not use the card to accept purchases or other transactions, but might need important information off the card. Such information might include driver's license information or medical information. The eWallet card would provide a single source of this information for the Cardholder.

Stored data on the card might include driver's license information, credit card information, cash balance, medical information, and more. This data would be entered into the card by the Card Issuer for the Cardholder. The Card Information Reader and the Merchant would read this information from the card and use it for transactions.
Back to Table of Contents

3.0 Specific Requirements

3.1 External Interface Requirements

Since this product involves a lot of hardware, there are many external interfaces. The main piece will be the software that will be running on a standard computer. The user will interact with this software with a mouse and keyboard, as well as our special hardware. The main piece of special hardware will be the smart card reader. The user would have a card that looked like a credit card that stores all their information on it. The card would then be inserted into the smart card reader. This would send the desired information to the software. In order to prevent misuse of this card, the second piece of hardware would act as security. This piece of hardware is a finger print scanner. Whenever a card transaction takes place the card holder would place their finger print on the scanner and their identity would be validated. Another security measure would be to have a picture of the user on the card. By integrating a digital camera into the pieces of software used to input data, the user's picture could be easily taken and stored on the card. The final piece of hardware would be a printer, where the user could print out data from the card, or a receipt of transactions could be printed for the user.

3.2 Detailed Description of Functional Requirements

This section describes in greater detail the specific functional requirements that eWallet System must fulfill.

3.2.1 Template for Describing Functional Requirements

purpose a description of the functional requirement

inputs which inputs; in what form/format will inputs arrive; from what sources input will be derived, legal domains of each input element

processing describes the outcome rather than the implementation; include any validity checks on the data, exact timing of each operation (if needed), how to handle unexpected or abnormal situations

outputs the form, shape, destination, and volume of the output; output timing; range of parameters in the output; unit measure of the output; process by which the output is stored or destroyed; process for handling error messages produced as output

[Return to Top]

3.2.2 Card Enrollment Manager

purpose Performs initial card member enrollment. Generates a basic eWallet for the card holder to begin using.

inputs
Digital photo of cardholder taken with a digital camera. Photo is displayed on the enrollment screen. Text data including full name, address, phone, and social security number are entered by the cardholder via a form on the enrollment screen. A text field representing the card expiration date, type, number and ccv will capture card info. Card holder enters, via the form, a PIN number, username, and password to use. This is a text input as well. A fingerprint scan is also input as cardholder captures a digital image of their fingerprint via a fingerprint scanner at the enrollment station. A "Create Card" button will begin the processing. Card will be inserted into reader. Info will also be stored in Database

processing Files generated by the previous inputs (photo, biometric, text) are written onto the smart chip. If no card is present in the reader a prompt appears to insert the card. If chip is bad a prompt appears to insert a new/different card.

outputs A window is displayed stating whether card creation was successful or not. If there was no problem the user is prompted to remove the card. If there was a problem a cooresponding error and problem fix is displayed.

[Return to Top]

Add Stored Value (eCash)

purpose Allow cardholder to transfer funds from their bank account to their eWallet via the web after they have authenticated with a fingerprint or PIN.

inputs Cardholder authenticates by a fingerprint or PIN when prompted and are connected to their checking account over the Internet. Cardholder designates amount of money they wish to transfer.

processing If the designated amount of money is available - it is debited from the cardholder's bank account and credited to the eWallet stored value cash purse.

outputs The cardholder is shown their new stored value balance on their eWallet and their new bank account balance.

[Return to Top]

3.2.4 Add / Remove Credit Card Accounts

purpose Allows the cardholder to add new credit card account information to their eWallet as well as remove existing credit card accounts from their eWallet after they have authenticated with a fingerprint or PIN.

inputs Cardholder can either select from a list of existing credit card accounts to delete or select to add a new account. If a new account is chosen the user is then prompted to enter the account number, expiration date, and select from a list of card types.

processing The account selected for deletion is deleted from the eWallet and removed from the list of available accounts, or the card holder is prompted to verify the information entered and the new credit card account information is stored on the card.

outputs The new credit card account appears in the list of available accounts, or the deleted account no longer appears in the list of avaliable credit cards accounts.

[Return to Top]

3.2.5 Stored Value Purchase

purpose Cardholder can pay a merchant using the electronic cash/Stored Value on their eWallet after they have authenticated with a fingerprint or PIN.

inputs The merchant POS system inputs the total sale amount. The cardholder designates the amount of their eWallet stored value to pay the merchant.

processing The POS system deducts the designated amount from the eWallet and that amount is transfered to the merchant system.

outputs The POS system presents the user with the balance due (typically $0.00 and possibly the remaining stored value on their eWallet. It outputs a completed transaction message as well.

[Return to Top]

Adding Drivers License

purpose Cardholder can store drivers license data on the card which can then be read back by law enforcement, etc.

inputs Possibly a new digital photo from a digital camera, and then DMV issuer inputs name, address, license expiration, license number and any restrictions into a form as text input.

processing Driver's License applet is added to the card, and then photo and text file containing above information is stored onto the card.

outputs Drivers License information is read back off the card for verification.

[Return to Top]

3.2.7 Viewing Driver's License

purpose To allow a person (most likely law enforcement) to view driver's license data on the eWallet to issue a ticket, verify identification, etc. A fingerprint scan can be used to prevent using someone else's license

inputs Law Enforcement simply inserts driver's eWallet card into a reader, and cardholder may be prompted to scan their finger.

processing Law Enforcement application reads the drivers license data off the eWallet to display on screen.

outputs Driver's license number, photo, name, address, height, eye and hair color, restrictions, and license expiration date are displayed on the screen. A warning window appears for issues like suspended license or expired license.

[Return to Top]

3.2.8 Adding Medical Insurance

purpose Store a cardholder's medical insurance information on the eWallet to be viewed at hospitals, dr offices, and other medical facilities.

inputs A form containing inputs for medical insurance plan name, group number, copay amount, deductible, claims contact information, etc for cardholder to fill out.

processing The Medical Insurance applet is added to the card and the above data is stored in it.

outputs The new medical data is re-read back off the card and displayed on the screen for verification.

[Return to Top]

3.2.9 Viewing Medical Insurance

purpose Allow a medical office to retrieve a cardholder's medical information off of their eWallet and print it (if desired) for paper records.

inputs Cardholder's eWallet is inserted into reader, and office personnel can input a print command with a button click.

processing Medical information is retrieved off the card. If the print button is clicked a print job is sent to the printer containing all the pertinent medical information from the eWallet.

outputs Medical information retrieved off the card is displayed on the screen. If the print button was clicked the data is printed out.

[Return to Top]

3.3 Performance Requirements

Each component of the system can accept and work with only one card at a time. Internet access is required for adding funds via a user's bank account and ideally a merchant pos/card system will have network access to back up various transactions.

3.4 Quality Attributes

The security of the eWallet is one of it's most important attributes. The fact that any data stored on the card can be kept safe from unauthenticated view makes stealing personal information almost impossible. Use of a biometric for authentication strengthens the card's security even more because it is such a difficult authentication to crack. Having all of your important data (credit cards, social security numbers, etc) essentially "locked" behind your fingerprint makes losing your wallet less of a personal and financial risk.

Managability and maintainability are other good attributes of the eWallet. Since the separate functionalities are divided up among separate applets on the eWallet each piece is easily added / edited by applications. Each application will only talk to one applet so there is no concern for munging data not related to a certain functionality.

3.5 Other requirements

None at this time.

Back to Table of Contents

Change history of this document:

January 28, 2005	Initial version	v1.0
March 1, 2005	Updated Users View of Product	v1.1
April 24, 2005	Updated Specific Requirements	v1.2

Term	Definition
eWallet	Electronic Wallet
Java	programming language designed to develop applications, especially ones for the Internet, that can operate on different platforms
POS	A business or place where a product or service can be purchased.
Smart Card	A plastic card containing a computer chip and enabling the holder to purchase goods and services, enter restricted areas, access medical, financial, or other records, or perform other operations requiring data stored on the chip.
SRS	Software Requirements Specification
SSN	Social Security Number

Persona Label	Persona Description/Characteristics
Cardholder	User and owner of eWallet card. Uses eWallet to hold personal information such as driver's license, credit cards, cash balance, and more. Manages credit cards and cash balance using eWallet. Makes purchases using eWallet (credit cards and cash balance).
Merchant	Accepts purchases with eWallet. May accept either or both credit card feature or cash balance.
Card Information Reader	Reads information off of the Cardholder's eWallet card. Such information might include driver's license information or medical information.
Card Issuer	Issues eWallet card to Cardholder. Validates eWallet transactions.