Statement of work - Moldova
Project description
The overarching objective of this project is to adjust openIMIS to manage the voucher program within the Republic of Moldova. The primary aim is to reduce unreported employment by implementing a voucher system. In this project's context, a "voucher" represents a form of compensation for labor carried out by agricultural workers.
Terms of reference
The goal is to have a digital voucher system that is web-based and integrated with relevant government system and payment facilities.
Employers will be the prime user of the system and the system should ease their workload as much as possible through the usage of existing systems and information, alas the link to e.g., MPass . Day labourers and labour inspectors should be able to access some of the information from the system in close to real-time. This will be dealt with below.
The employer can either assign a specific voucher to a specific day labourer on a specific day or purchase generic vouchers valid for one month. This former will be done by entering the day labourer's national ID into the system and assigning a voucher for that specific day. This can be pre-filled in advance (e.g., by simple file-merger of workers ID numbers and the relevant dates) or entered directly into the system but must be done at the beginning of the working day (or a pre-defined time of day) to reduce the instances of fraud. The voucher numbers will be systems generated and unique. Employers can retroactively assign vouchers to individuals that they have failed to assign in the first place. However, they cannot retroactively revoke vouchers assigned to an individual.
To minimize the administrative burden on employers to comply with the demands under the law it has been the working hypothesis that after the employer had logged into the system (using MPass) only two pieces of information was needed for the system to operate: The workers identification number, and the date. Everything else should be built in functionalities in the system (including link with MPay).
The funds from the employers’ purchase of vouchers will be placed in an escrow account and transferred to the social insurance budget and the state budget in the day labourer’s account when a voucher is assigned to the individual.
The day labourer must be able to see that a voucher has been assigned to them for that day and labour inspectors will be able to check in the field whether a worker present have been awarded a voucher for that specific day by their employer.
High level goals & requirements
Web application with user friendly interactive interface. System design and modules are going to be compatible with those, currently existing in openIMIS system and extended by modules which will handle the demanded Voucher scheme
Appropriate databases to keep the data of Employers, Workers and Vouchers.
Integration with MPass to handle employers authorization and authentication
QR codes system (generated for Workers and Labour Inspectors)
Integration with eGOV system to send the labour assignment to the Worker
Voucher generating, purchasing and assignment including the integration with MPay
Funds transfer process (which is going to be handled externally with proper MPay integration) - managing the process on the escrow account is not the part of the project scope
Project scope
openIMIS setup for Moldova
Data structure for Voucher Business Flow
Authorization and authentication
Employer Authorization using MPass
Data integration
Worker registration
QR Code
QR Code generation
Mobile App development
Secure login from QR Code
Introduction the possibility to read/scan QR Code
MNotify Adaptor for the notifications
Voucher
Voucher generation request
Online payments for voucher via MPay
Payment via bank transfer (Maximum One-Week Deadline)
MPay integration for Escrow Account
Voucher generation after successful payment
Voucher assignment
Voucher send into MCabinet system
Employer authorization and authentication
Use cases
Employer regisitration - using MPass integration
Employers are required to select on behalf of which specific economic unit they intend to carry out their activities within the system. (on openIMIS side)
Employer shouldn’t have any other option to log into the system than MPass (no username/password)
Employer data in openIMIS has to be verified with MPass data every time, they log into the system
Roles between openIMIS and MPass are consistent
Unsucessful login via MPass (Can it be handled only on the MPass side?)
Mandatory Employer data in OpenIMIS
Tax number
Name
Location
User stories
As an Employer I want to register in openIMIS using my MPass account
As an Employer with multiple assignments to different economic units on MPass, I want the capability to select which economic unit I represent when performing actions within the system. This will enable me to accurately conduct activities on behalf of the specific economic unit I am assigned to.
As an system administratior, I want my data in openIMIS to be verified with MPass data every time I log into the system for enhanced security and accuracy.
As an employer, I want roles and permissions between openIMIS and MPass to be consistent to ensure seamless access to the system
As a User attempting to log in via MPass, I want to be redirected to openIMIS with clear information, In the event of an unsuccessful login attempt through MPass
As an system administrator, I want certain mandatory data fields to be collected during Employer registration in openIMIS, including Tax number, Name, and Location
Funcional requirements
Exclusive MPass Authentication
Employers should only have the option to log into the system using MPass authentication, and no alternative username/password authentication method should be available.
Real-time Data Verification
Employer data in openIMIS must be verified with MPass data in real-time every time they log into the system.
Consistent Roles and Permissions
Roles and permissions between openIMIS and MPass must be consistent to ensure seamless access to the system.
Handling Unsuccessful Login via MPass
In the event of an unsuccessful login attempt via MPass, the system should provide clear information to the user. Handling of unsuccessful login attempts can be coordinated with MPass if necessary.
Mandatory Employer Data Collection
During Employer registration in openIMIS, certain mandatory data fields, including Tax number, Name, and Location, must be collected.
Employer Registration via MPass
Employers must have the capability to register in openIMIS using their MPass account.
Employer Selection of Economic Unit
Employers must be able to select the specific economic unit they intend to represent within the system during registration and subsequent actions.
Worker registriation
Use cases
Employer creates Worker account
Worker mandatory fields
National ID
Name
Last name
No option to create an account if National ID is already assign to another account - validation
QR code is generated once new Worker is created
Integration with MConnect to validate the National ID
Name and Last name should be filled automatically after National ID is filled
User stories
As a Employer I want to be able to create an account for a Worker, to properly assign the voucher later on
As an Employer I can’t have the possibility to create a Worker account once his National ID number was already used to create another account in the system
As an employer, I want the system to validate the uniqueness of the National ID before allowing the creation of a Worker account.
As a system administrator I want the QR code to be generated for each Worker, once his/her account is created. The QR code will be used later on for Worker verification
As an employer, I want the Worker's "Name" and "Last name" fields to be automatically filled after entering the National ID
Funcional requirement
Worker Account Creation
Prevent Duplicate National ID
National ID Validation
QR Code Generation
Integration with MConnect for National ID Validation
Automatic Population of Name and Last Name
Non-funcional requirement
Performance testing
Performance measurement using Lighthouse when funcionality is developed
Providing lighthouse reports at the final state of the project
Comparison of performance measures at the end of the project to identify potential regression in performance matter
Example of lighthouse measurement https://developer.chrome.com/docs/lighthouse/performance/first-contentful-paint/
Security testing
Security testing should be performed according to this document https://docs.google.com/document/d/1tmZ5dxltWsB7npMHmNTS_jaV7dJqfWVJDFbWFLFC2a8/edit?usp=sharing
Installation and configuration of SonarQube ?
Reliability and scalability
Installation and configuration tool for monitoring users errors (i.e. sentry) ?
Scalability partially tested during Lighthouse reports review to identify potential weak spots
Reliability - up to 1-3% downtime
Implementing a monitoring tool for downtime alerts
Implementing tool for uptime reports (i.e. cloudwatch)
QR Code/Mobile App
The primary objective of this feature is to enable Inspectors to use the mobile app to scan a QR code, facilitating the identification of Workers and the verification of whether they have an assigned voucher for the given day.
QR code generation will be integrated into the Worker creation process. When a new Worker account is established, an automated QR code generation system will create the code and dispatch it to the Worker through SMS or email. This functionality is already available in OpenIMIS. FAQ - How are QR codes used in openIMIS? . QR code is used for Insuree Number (CHFID) and are send by email and SMS
QR Code generation
Use cases
QR code is generated once new Worker is created (Shall be done within Worker creation process)
QR code is sent to Worker via SMS/e-mail
User stories
As a system administrator I want the QR code to be generated for each Worker, once his/her account is created. The QR code will be used later on for Worker verification
As a Worker, I expect to receive my unique QR code through either SMS or email as soon as my account is created. This will help me quickly access the OpenIMIS Mobile App and facilitate efficient verification processes.
Mobile App development - we’re dropping this part since we will be utilizing the existing OpenIMIS Mobile App
Introduction the possibility to read/scan QR Code
Use cases
Ability to read/scan QR Code with existing OpenIMIS Mobile App - verify if any adjustment needed
QR Code adjustment (accessable data once QR code is scanned)
Worker details (Name, Surname, National ID)
Voucher information
to be clarified with Moldova Team
User stories
As an Inspector I want the ability to scan QR codes with the app to quickly and efficiently verify the identity of Workers and check if they have a voucher assigned for the current day.
As an Inspector I want the QR code scanning functionality to be adjusted so that, upon scanning a Worker's QR code, I can easily access and view essential Worker details, including their Name, Surname, and National ID.
MNotify Adaptor for the notifications - this is going to be part of voucher related epic
Vouchers
Voucher generation request
Online payments for voucher via MPay
Payment via bank transfer (Maximum One-Week Deadline)
MPay integration for Escrow Account
Voucher generation after successful payment
Voucher assignment
At the very begining we need to create a module in which Vouchers are going to be handled. As discussed, we will create a new entity to handle that scheme.
New module shall contain the following submodules:
List of all vouchers with search criteria (available only for Inspector role)
Voucher acquirement
Voucher acquirement page:
What is shall include?
place to search for the Worker to whom the voucher shall be acquired
calendar view to chose to voucher assignment date (to include the limitation for the purchase date - ithe voucher can be purchased only before the day of assignment OR in the very begining of that day - is that feasible?)
What shall voucher have?
purchase date
assignment date
uniqe id
Employer purchased data
Worker data
Did you encounter a problem or do you have a suggestion?
Please contact our Service Desk
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. https://creativecommons.org/licenses/by-sa/4.0/