KhunThong From Zero To One

Transcript

1. KhunThong From Zero to One ex-Delivery Manager & ex-Advanced Innovation

   Engineer, KBTG Chayakorn Pamonratthanakul Worakrit Louwitawas Advanced Innovation Product Manger, KBTG Kannapon Pakdeewattanakul Advanced Innovation Engineer, KBTG

2. From Zero to One KHUNTHONG DEVELOPMENT by

3. The social chatbot that helps friends settle expenses in a

   LINE group KHUNTHONG

4. From Garage to Production KHUNTHONG

5. Our First Version!

6. POC Within 2 Weeks and Zero Budget

7. Actualize with Customers

8. Alpha Phase Beta Phase Public Launch Now 3.5K 34K 380K

   1K KHUNTHONG USERS #Number of Members in All Groups

9. KHUNTHONG STATS 4M Messages Monthly 190k Added Friends 70k Groups

10. AGENDA • Why LINE APIs? • Architecture Design • OCR

    Technique • Security Practices • KhunThong 2.0

11. LINE LOGIN 3 GREAT THINGS Enhanced by LINE APIs Instant

    Onboard Zero-Baht Initial Cost

12. REQUESTER: Create Bill Reading Receipt (OCR) Daily Auto-Reminder Create Scheduled

    Bill NEW! Dummy Account NEW! KHUNTHONG FEATURES

13. KHUNTHONG FEATURES PAYER: E-Slip Verified with QR Link Acc. with

    KhunThong

14. #Medal Campaign Center KHUNTHONG FEATURES

15. #Covid19 Donate with Share Target Picker KHUNTHONG FEATURES

16. LINE API REFERENCE - Token Verify - Push/Reply Message -

    Get Group Members - Get Member Profile - Get Image - Leave Group - LINE Login - Open/Close Window - Get AccessToken - Send Message - Get OS - Get Context - Share TargetPicker(#Covid19) #LINE FrontEnd Framework (LIFF V2) and LINE Login #LINE Messaging API

17. KHUNTHONG TECHSTACK LINE API PROGRAMING LANGUAGE CLOUD & SERVICES DEPLOYMENT

    ANALYTICS SUPPORT SERVICES • ReactJS + LIFFv2 • OATH2.0 • Encrypt + Decrypt Request And Response WEB • GIN Gonic framework • ECHO Labstack framework • CI/CD deployment • OCR Formatter engine. APP • NO-SQL Database Structure • Encrypt/Decrypt DB DATABASE Bot and OCR Engine

18. DB Replicas EC2 Medium MQM EC2 Large OCR/Formatter AWS EKS

    Cluster SYSTEM ARCHITECTURE K8S Pods Bot LINE Application K8S Pods Web K8S Pods OCR K8S Pods api-service Cloudfront ELB VPC Network KBank OpenAPI

19. OCR Technique KHUNTHONG

20. OCR Working with Customized Formatter

21. OCR Working with Customized Formatter

22. OCR Working with Customized Formatter

23. OCR X CUSTOMIZED FORMATTER 2. Run in the OCR Engine

    3. Return Array of Items and Prices 1. Get Message ID (Image) Google Vision S3 Image Extract the data Template Matcher

24. Security Practices in LIFF KHUNTHONG

25. 2. Encryption / Decryption 3. Local Storage in Device SECURITY

    PRACTICES IN LIFF 1. LINE Login and OAuth2.0

26. SECURITY PRACTICES IN LIFF var token string if strings.HasPrefix(c.Request.Header.Get("Authorization"), "Bearer")

    { //Handle Permission Denied return } //Send Request to Validate token With LINE OATH2.0 LINE Login and OAuth

27. KHUNTHONG ENCRYPT/DECRYPT DIAGRAM Start Session - Verify Token by OAUTH2

    - Generate Dynamic ShareKey and Salt - Verify Token by OAUTH2 - Validate HMAC - AES Decrypt request data - AES Encrypt (ShareKey + request data) - HMAC(AES + SALT) - Send Request

28. SECURITY PRACTICES IN LIFF Encryption / Decryption //update every time

    when open LIFF bodyEncryptString := string(req.Data) decodedMsgWithHmac, err := base64.StdEncoding.DecodeString(bodyEncryptString) //Handle error hMacCli := decodedMsgWithHmac[:BlockSizeHmac] decodedMsg := decodedMsgWithHmac[BlockSizeHmac:] statusHMac := ValidMAC(decodedMsg, hMacCli, []byte(salt)) //Validate HMAC iv := decodedMsg[:NONCESIZE] msg := decodedMsg[NONCESIZE:] //decrypt Body bodyDecryptString, err := DecryptAES([]byte(key), msg, iv)

29. SECURITY PRACTICES IN LINE Local Storage in Device LINE Device#1

    With Authenticated Local Key Storage Validate pass LINE Device#2 (New) Without Authenticated Local Key Storage *Require New Authentication with K PLUS

30. Scheduled Bill Multiple Bill Trip Mode Let’s Split the Bill!

    LINE OA: @Khunthong