0
Platform Overview
Key metrics and scope for Phase 1 deployment
Portals
2
Learning Portal · Operations Portal
User Roles
6
Admin · Treasurer · Staff · Tutor · Parent · Student
User Base
Many
Few tutors · large student base (TBC)
Session Delivery
In-Person
Tutor visits student location
Attendance Check-in
QR / GPS
Start & end only · foreground only
1
System Architecture Overview
Two portals · six roles · shared backend, core modules, and technology stack
Two Portals · Shared Backend
Operations Portal
Admin · Treasurer · Accountant / Staff📋 Student inquiries & subscriptions
💰 Tutor payouts (bank transfer / cash)
📊 Financial reports & reconciliation
⚙️ Platform settings & dispute resolution
🔍 Attendance flag review & audit trail
Learning Portal · Tutor
Core tutor team · in-person teaching📅 Session calendar & student roster
📲 Check-in — scan QR / "Start Session"
💵 Earnings summary & payout history
📢 Promote own classes (public listing)
📜 Issue & endorse student certificates
Learning Portal · Student & Parent
Parent holds account for ages ≤16 · 16+ self-account🧑🏫 Choose tutor, enrol & pay
🗓 My Schedule & learning packs
📲 Confirm attendance (show QR / GPS)
🏅 Badges, certificates & Tasmik
👨👩👧 Parent: manage multiple children
↕
Core Platform Modules
AuthCore
Multi-role auth, JWT, RBAC
TutorEngine
Profiles, availability, assignment
StudentManager
Enrolment, progress, subject lock
ScheduleHub
Sessions, rescheduling, calendar
SessionVerify
QR or GPS check-in, fraud detection
PaymentGateway
TarusBN, bank transfer, cash
PayoutManager
Tutor payouts, batch processing
CertificateSystem
Digital certs, Tasmik, badges
CommunicationHub
Push, SMS, announcements
PublicDirectory
Tutor listings, class promotion
ReportingCenter
Analytics, financial exports
AuditTrail
All actions logged & reviewable
↕
Technology Stack (Recommended)
Frontend PWA
Vue 3
Vite
Tailwind v4
Pinia
Leaflet.js
QR scan/gen
Backend Edge
CF Workers
D1 (SQLite)
R2 Storage
KV Cache
Queues
Integrations
TarusBN
BIBD/Baiduri
Progresif SMS
Web Push
2
Session Attendance Verification
Privacy-first proof that tutor & student were together — captured only at start & end, only in the foreground. Two methods: rotating QR (no GPS) or GPS proximity.
Method A — Rotating QR Check-in (recommended · no GPS)
1
Student/Parent dashboard shows a unique, time-limited QR
2
Tutor scans the QR at start → start time stamped
3
At end, a fresh QR appears → tutor scans again
✓
Tokens server-validated → session verified
→
Session logged. Payout queue triggered.
or
Method B — GPS Proximity (optional · families who consent)
1
Tutor opens app → taps "Start Session"
2
App captures tutor GPS (foreground only)
3
Student/Parent notified → taps "Confirm Arrival"
✓
System checks proximity (see rules)
→
Verified → session begins; end-confirm repeats
GPS Proximity (start & end only)
Proximity Rules (GPS method)
≤ 150m — Verified
Session proceeds. Payout queued on completion.
150m – 300m — Soft Flag
Session pends admin review — not auto-paid.
> 300m — Hard Flag
Session not counted. Admin notified immediately.
GPS off / denied
Use QR check-in instead — no location needed.
3
Payment Architecture
Student inbound payments and tutor outbound payouts through the platform
Student / Parent Payments (Inbound)
🇧🇳
TarusBN QR
Brunei national payment — Phase 1
🏦
Online Bank Transfer
BIBD, Baiduri — manual reconcile
💵
Cash (in-person)
Admin logs + receipt generated
💳
Card Payment
Phase 2 — to be scoped
→
Platform
Al Huffaz
→
Treasurer approves payout
Tutor Payouts (Outbound)
🏦
Online Bank Transfer
BIBD / Baiduri — individual or batch
💵
Cash
With signed acknowledgement slip
⚡
Payout Trigger
Verified sessions + Treasurer approval
🔄
Frequency
Weekly or bi-monthly (configurable)
4
Certificate & Tasmik System
Four types of recognition from tutor-issued to Al Huffaz-verified Tasmik certificates
Completion Certificate
Tutor → endorsed by Al Huffaz
On finishing a full learning pack
Tasmik Verification
Al Huffaz — official assessment
Passed official recitation test
Milestone Badge
System auto-issued
Session count & progress goals
Achievement Badge
Tutor-issued (discretionary)
Special recognition from tutor
Tasmik Assessment Flow
Student/Parent applies
→
Admin assigns assessor
→
Dedicated session scheduled
→
Recitation assessed
→
Certificate issued ✓
5
Anti-Fraud Measures
Controls to prevent session inflation, GPS spoofing, and payment manipulation
| Risk | Severity | Control Measure |
|---|---|---|
| Fake session completion | High | SessionVerify: rotating QR scan, or dual-party GPS confirmation within ~150m, required before a session counts |
| QR forwarding / reuse | High | Codes rotate every session, are single-use and server-validated (token + timestamp) — a screenshot is useless |
| GPS coordinate spoofing | High | Foreground-only capture + velocity check (impossible-travel flag); QR fallback when GPS is untrusted |
| Student-Tutor collusion | High | Soft-flagged sessions pend review (not auto-paid); audit trail + anomaly detection on recurring flag patterns |
| Session time inflation | Medium | Max session duration enforced per pack type; timer auto-stops; tutor cannot reopen closed session |
| Unauthorised payout approval | High | Treasurer-level role required before any payout is released; all payouts logged with approver name + timestamp |
| Account sharing / proxy attendance | Medium | Session device binding; re-authentication required on new device; photo confirmation optional for key sessions |
| Duplicate subject enrolment | Low | System-level subject lock; enrolment API rejects duplicate subject assignment per student |
6
Privacy & Data Protection
The platform handles children's personal data — privacy is designed in, not bolted on
Parental Consent
For learners aged ≤16 the parent/guardian consents at enrolment to data, attendance & messaging. Consent is versioned; changes require re-consent.
No Background Tracking
Location is captured only at session start & end, only in the foreground when the user taps confirm. No routes, no idle tracking — or skip GPS entirely with QR.
Data Minimisation & Retention
Collect only what each role needs; defined retention windows with periodic purge. Aligned with Brunei PDPO direction (lawful basis, consent, retention).
Least-Privilege Access
Strict RBAC across both portals — tutors never see finance, learners never see other learners. All sensitive access logged in AuditTrail.
7
Development Phases
Phased rollout from core MVP to full national platform
Phase 1
Core MVP
Multi-role auth (incl. parent accounts)
Learning Portal: choose tutor, enrol, pay
Student/Parent + Tutor dashboards
Session scheduling
Attendance check-in (QR primary, GPS optional)
TarusBN payment + Treasurer payout UI
Certificate PDF generation
Phase 2
Full Platform
Full admin dashboard
Reporting & analytics
Tasmik assessment module
Batch payout processing
Tutor public directory
Class promotion listings
Badges & push notifications
Phase 3
Optimisation
AI-assisted tutor matching
Learning progress analytics
Mobile app (Capacitor)
Multi-district expansion
Advanced fraud anomaly detection
National platform support
8
Open Questions for Client Meeting
Resolved: brand spelling · parent accounts for ≤16 · QR/GPS attendance · two-portal split. Still to confirm below.
1
What is the current tutoring rate per session? (drives the payout model)
2
Are group sessions charged differently from one-on-one sessions?
3
Is there a platform commission or service fee deducted from tutor earnings?
4
How are tutors currently onboarded and background-checked?
5
Should tutor ratings or reviews be visible to students?
6
Preferred payout frequency — weekly, bi-weekly, or monthly?
7
Is there an existing student database to migrate? (size + format)
8
Approximate number of active students? (sizing data + reporting)
9
Preferred attendance method — QR only, GPS only, or hybrid?
10
Should Tasmik be bookable by any student, or require tutor nomination?
11
Multiple curriculum tracks (children vs adult pace) with different pricing?
12
What should the working demo show first for the next meeting?