Features

From Cyclos4 Wiki
Jump to: navigation, search

Introduction

Cyclos is a feature-rich online banking solution that is easy to use and maintain, flexible, secure and highly customisable. Cyclos comes with a range of banking and payment options, a complete e-commerce system and high and low end mobile access channels. The mobile channel offers a scalable and cheap opportunity for banks to enlarge their outreach and to offer branchless banking. Cyclos is used by local banks, C3 networks, MFI’s, barters, community currencies and time banks. The dynamic structure of Cyclos allows organisations to ‘build’ a dedicated payment system from scratch just by changing the configuration (without the hassle to make code changes).

This document provides you with an in-depth look at Cyclos feature sets:

Cyclos 4 feature list Provides a detailed overview of the many features of Cyclos 4. An asterisk is placed after the feature to indicate: * Planned features ** Research in progress

Cyclos 4 system information Information about structural issues concerning Cyclos (architecture, security, testing, interoperability and hosting)

Feature list

User interfaces

  • Web Interface
  • Plugin for wordpres integration
  • Mobile App (Android, iOS)
  • Mobile POS (Android, iOS)
  • Web POS
  • SMS operations
  • API connectivity
  • POS & Cards (NFC supported)
  • IVR *
  • USSD *

User functions

  • Register user
  • Update profile
  • Multiple pictures per profile
  • Multiple addresses
  • User defined language
  • Geo-location per address (Google Map)
  • Multiple phones
  • Enable phone for SMS banking
  • Manage passwords
  • Insert & manage custom images
  • Upload & manage documents
  • Notification preferences (per channel)
  • Manage contacts
  • User directory search
  • Show users/business on Map
  • Search users by distance
  • Search users by group / branch
  • Business referrals
  • Custom user forms
  • Custom user operations

Usability

  • Easy navigation
  • Personal dashboard page
  • Quick operation icons
  • Quick search (users, contacts, adverts)
  • Status overview (balances, last login, etc.)
  • Real time notifications
  • Login with userID, phone number or e-mail
  • Picture viewer with navigation
  • View help file

Payments

  • Banking payments
  • Multiple user identifiers (e.g. account number, mobile number, email)
  • Internal payment (between own accounts)
  • Bulk payments
  • Pay external (non registered) user. By email or mobile phone number.
  • PINless payments (optional tresholds, e.g. max payment amount and daily limit)
  • Multi level transaction approval (authorizations)
  • View authorisation flows
  • Show transaction details
  • Cash-in cash-out
  • Qualify transactions
  • View qualification of other users
  • Roll-back payments
  • Scheduled payments (installments)
  • Loan repayment *
  • Payments requests
  • Web-shop payments

Banking

  • Multiple currencies
  • Account numbers (own format or standard, e.g. IBAN)
  • Loans *
  • Demurrage
  • Interest
  • Transaction fees
  • Set custom conditions for fee applicability
  • Scheduled fees (contribution)
  • Brokering fees
  • Loyalty programs
  • Group credit limit
  • Individual credit limit
  • Credit limit change log
  • Credit overview & search
  • Savings accounts *
  • Minimum payment amount per payment / day
  • Maximum payment amount per payment / day
  • Restrict destination of payments (accounts, users)
  • Access rules per payment types
  • Payment requests
  • Unique transaction ID per transaction
  • Create custom payment fields
  • Unique payment settings per channel (SMS, etc.)
  • System accounts (debit, community, etc.)

Account information

  • View account summary
  • View current balance
  • View charges & fees
  • View payment history
  • Print & export payments
  • Search payments (user, date, description, etc.)
  • View payment details
  • Print payment details
  • Dynamic payment filters
  • View average age of account balance
  • View average maturity of account balance

Account operators

  • Create manage operator groups (by business type user)
  • Define permissions for individual operators or operator groups
  • Operators overview
  • Show transactions per operator
  • Disconnect operator

System configuration

  • Multi network setup (shared instance)
  • Define branches (groupsets)
  • Define URL (domain name) for networks and branches
  • Set group and branch visibility
  • Localisation (language, formatting, timezone) per group / branch
  • Set permissions
  • Create local account administrators
  • Customised filters for users and advertisements searches
  • Create new access channels
  • Define generated login name

Agents / Brokers

  • Multiple broker per user
  • Set main broker
  • Register new users
  • Manage user data (profiles, adverts)
  • Perform operations as user
  • Define broker permissions
  • Send mailing to ‘my users’
  • View connected users
  • Receive notifications about users
  • Manage passwords of user
  • Manage user access
  • Broker commission

User management

  • Register user
  • Disconnect user
  • Block / unblock user
  • Disable / enable user
  • Delete user
  • Change group
  • Give individual permissions (product)
  • Perform actions in behalf of user
  • Activate ‘pending’ users (public registration)
  • Send message to user
  • Send message to group
  • View connected users (per user role)
  • Show member activities
  • Filter by branch region
  • CRM features (user records)
  • User comments, history search
  • Define registration agreement
  • View user agreement history
  • Manage documents
  • Upload documents
  • Show agents/brokers
  • Show users of agent/broker

Online market place

  • Create / edit advertisement
  • Multiple pictures per advertisement
  • Rich text for advertisement editing
  • Schedule advertisement
  • Select address per advertisement
  • Custom search filters (e.g. offers / demands)
  • List new advertisements
  • Category browsing
  • Multiple advertisement categories
  • Create advertisement categories
  • Geolocation search (distance filter)
  • Contact seller
  • Public advertisment questions/answers
  • Notification on advertisement status change
  • Custom advertisement fields
  • Advertisement matching notifications

Gift vouchers / Loyalty points

  • Create & manage vouchers types
  • Set voucher redeeming options (e.g. possible weekdays)
  • Define voucher layout (logo)
  • QR code generation
  • Print & export vouchers
  • Buy & print voucher by user
  • Vouchers overview & search by admin
  • View my vouchers by user (Web and Mobile)

Content management

  • Intuitive site design (color pickers)
  • Multiple websites (per group / branch)
  • Create new menu items
  • Manage content pages
  • Create & manage banners
  • Manage footers/headers
  • Manage message board
  • Upload logos
  • Define logo/header for pdf pages (e.g reports)
  • Create new themes (styles, colors and images)
  • Import / export themes

Translations

  • Multiple translations (languages) per system
  • Incremental translation keys (only save customisations)
  • Online translation management
  • Category browsing
  • Search for translation keys / values
  • Update translation keys / values

Analytics & Reporting

  • Data on expenditure
  • Data on income
  • Number of logins
  • Groups/branches numbers of users
  • Percentage of users not trading
  • Account information
  • Advertisements
  • References

System management

  • Create networks
  • Create system administrators
  • Create multi network administrators
  • Fully indexed searches
  • Set session timeout
  • Create new (custom) access channels
  • Create & manage document categories
  • Import users from file
  • Create new credential (password) types
  • Search engine submission (SEO)

Messaging

  • Send rich text message to user
  • Send bulk messages (mailings) by admin or agent
  • Define message categories (per user group)
  • Forward internal messages to e-mail
  • Message history (inbox, sent, trash)
  • Purge messages in trash after period (automated task)
  • Member to member email messages

Shopping cart

  • Multi-store management
  • Stock management
  • Out of stock warning
  • Product number management
  • Define delivery address
  • Define shipping methods / prices
  • Define estimated delivery time
  • Promotional price
  • Price negotiation process
  • Display available quantities
  • Product comments
  • Order tracking
  • Add comments to order
  • Display cart content
  • Place order (checkout)
  • Accept / reject order
  • Order number generation
  • View purchases history
  • Notifications on order status changes
  • Saved shopping cart (in the database)

Passwords & authentication

  • Login password
  • Transaction password
  • Verification code (OTP)
  • Change PIN
  • CAPTCHA input on public forms
  • Complete virtual keyboard (optional)
  • Smart secure virtual keyboard (optional)
  • Recover password (optional)

SMS banking

  • Register new user by SMS
  • Retrieve account information
  • Retrieve payment details
  • Make payment
  • Activate phone via SMS (confirmation code)
  • Receive notifications by SMS

Mobile app

  • Android & iOS app
  • Make payment
  • View businesses on Map (GPS / Geo-location)
  • View account balance, credit limits
  • View account history
  • Make payment (to user, to system)
  • Search users
  • Add user to contact list
  • Customizable layout
  • Customizable entry page / logo
  • Add menu item (quick access icon)
  • Add custom pages in app
  • Enable POS mode (see directly below)

Mobile POS (Point of Sale)

  • Android & iOS app (enable POS mode in main mobile app)
  • Receive payment
  • Various user identifiers (QR/barcode, userID, NFC card)
  • NFC card will start up the app in POS mode and open receive payment page with the user identified by NFC card
  • Format NFC card
  • Assign NFC card to customer
  • Make payment (cash-out)
  • Interface for integration with third party POS or ATM networks

Alerts & Logging

  • Verbose error logging
  • Search errors by period
  • Search errors by user
  • View error details (complete stack trace)
  • Generate notifications on error (email, SMS)

Barter network features

  • Find users with low balances
  • Match high balances to low balances on google maps
  • Alert when a users balance is below zero for a certain time *
  • Alert when a users balance is above a certain amount for a certain time *
  • Procurement/quotes **
  • Payment wall

Architecture

Cyclos 4 has been built on Java enterprise technologies. The client connects to a Google Web Toolkit (GWT) front end application or trough one of the interfaces (see below). The application server is protected by a solid security layer and uses the Spring Framework. The services on the application server uses JPA (aided by Querydsl) to communicate with a PostGres Database server. All transactions are stored as double entry bookings in the accounting system. Cyclos can run as stand alone system indepently from other currency systems.
A page with an overview the tools and frameworks used for the Cyclos project can be seen at this page.
Business partners and Cyclos customer can ask access to a in-depth architectural page.

Interoperability (interfaces)

The entire services layer in Cyclos is available as web services API. This will make all Cyclos features available to third parties. Native Java clients can connect directly via Java remoting over HTTP(S). Clients in other languages can use an API with JSON messages over HTTP(S). There is also a PHP client library available which mirrors the services API, which makes integration much easier.
More information about the API, Web services and scripting can be seen at the Cyclos documentation page.

Security

Since the beginning the Cyclos development team followed the security guidelines defined by the ISO 27002 standard. The code is constantly tested by an advanced set of automated security tests. Permissions and roles are checked on every request at the internal services level. The following security areas / points have been addressed:

  • Confidentiality, integrity, authenticity are guaranteed by security checks in combination with http secure (https)
  • Resistance to attacks as XSS, CSRF, SQL injections
  • All passwords hashed with ‘salted’ SHA2
  • All identifiers are ciphered when sending to client (browser)
  • Use of cookies limited to user session
  • Security alerts for administrators
  • Verbose logging including operation data, users, timestamp
  • IP whitelist
  • URL restriction per group

For detailed information please view the security page

Testing

Before any programming are done the specifications are written. The Cyclos development works according a 'test driven development' process. The developer will first write (JUnit) test cases and after that the implementing code. The Junit test cases cover integration and functional tests, as well as the exceptions. We use the Maven and Jenkins framework to run the tests and to built & deploy Cyclos automatically three times a day. If any issue occurs both programmer as coordinator are notified by Jenkins.

An online built test environment is available at https://test.cyclos.org, various partners have their own environment (network) within that instance so that they can test the complete Cyclos functionality with the latest code commits. Jenkins also provides reporting tool for testing coverage which helps us to improve the test cases.

All common configurations are tested by our testers. Also the testers try to test difficult configurations in which problems could arrise. After everything is tested carefully we publish a new version first on our community instance, where more then 1000 communities can benefit from the new features. But on the other hand if there is a bug we didn't encounter yet we often find them there. After Cyclos has been running smoothly on the communities instance for about a week we publish our new version for download. Since there are so many possible configurations we always recommend clients to test everything carefully when upgrading to a new version.

We use Loadsophia for the performance testing. This service allows comparing performance test results over time which helps us to fine tune the performance.

Depending on the project we outsource the grey and black box testing to external security companies. The mobile app and mobile browsers are tested on all mobile phones we can get our hands on. Various partners and external test users test the mobile phone app. We generally encounter few phone specific errors. Because the use of GWT the client side generated code works well with all known Web browsers.

Hosting requirements

Cyclos can run on a web container such as Apache Tomcat and Jetty, or application servers such as Glassfish, JBoss, IBM Websphere and Oracle Weblogic. The database for Cyclos is the Open Source database PostgreSQL. The minimal memory space requirements to run a single Cyclos instance is 500 Mb. The installation manual will guide you through the installation.

Scalability & availability

The Cyclos database database has been optimized to support database clustering and synchronous replication. There are different approaches for high availability and fail-over solutions for Cyclos4.

Synchronous replication 
We currently use for our hosting a solution that uses both synchronous and asynchronous replication. It offers fail over but no load balancing, but with a powerful main database server it can serve high loads.
Amazon cloud with RDS 
Cyclos can be deployed to Amazon cloud services with postgres clustering.
Docker swarm 
We are planning to support docker swarm which offers built-in clustering. Since version 4.5 Cyclos can be deployed as a container for the Docker platform.
Pgpool-II 
We are also working on a full database clustering solution with pgpool.

Note: As from Cyclos version 4.5 all images/pictures, documents and files can be stored at an external file server or Amazon S3 storage service (by default they are stored in the database)