MVP Build - QR & SMS Integration need Mobile App Development

Contact person: MVP Build - QR & SMS Integration

Phone:Show

Email:Show

Location: Saskatoon, Canada

Budget: Recommended by industry experts

Time to start: As soon as possible

Project description:
"OVERVIEW
I’m hiring a senior full-stack developer to build a small, production-capable MVP. A visitor opens a mobile page via a single QR, opts in, and later a team member triggers an SMS alert to those specific opt-ins by scanning/entering a code (ID). There is NO integration with external POS/ERPs in MVP. The industry, wording, and workflows will be disclosed ONLY after a short mutual NDA is signed.

STEALTH CONSTRAINTS (READ BEFORE BIDDING)
• Do not ask for domain/industry details until NDA is signed.
• All code, copy, and identifiers must use neutral terms (“entry/label/code/ID”), not domain-specific names.
• No portfolio use or public posts about this project without written permission.

MVP SCOPE (FEATURES)
A) PUBLIC QR PAGE (no login)
• Mobile-first page opened from one QR per location.
• Search/select a “label” from a list (fuzzy across name/synonyms).
• “Can’t find it?” fallback (short text + optional photo).
• Phone capture with explicit consent checkbox.
• Confirmation SMS on success.
• Basic abuse protection (per-IP throttle and/or lightweight CAPTCHA).

B) TEAM PAGE (PIN-PROTECTED)
• PIN keypad → short-lived session token.
• Camera “code/ID” scan (browser BarcodeDetector) with JS fallback; manual ID entry as backup.
• Show selected label, number of subscribers waiting, last send timestamp.
• One-tap “Send alerts” with rate-limit and de-duplication.
• Write audit log (who/when/how many).

C) MINI ADMIN (OWNER LOGIN)
• CSV upload to create/edit labels (fields: code, name, synonyms, active).
• View counts per label + basic send logs (timestamp, count, sender).
• Manage team PINs (create/rotate/disable).
• Map free-text “requests” from the public page → a real label (ties old opt-ins to that label).

MESSAGING & COMPLIANCE
• SMS provider (Twilio/Vonage/etc.) with inbound webhook for STOP/HELP.
• Consent text displayed on opt-in form (compliance basics).
• STOP immediately unsubscribes and suppresses future sends to that number.
• Templates editable in admin (Signup/Notify/STOP/HELP).

DEPLOYMENT
• Live on my domain with SSL (Vercel or similar), staging + production.
• Minimal monitoring/logging (e.g., error capture + webhook failures).
• Private repo, clean READMEs, `.[login to view URL]`, seed data.

NON-FUNCTIONAL REQUIREMENTS
• Privacy-first: store minimum PII (phone only for MVP); mask numbers in dashboards.
• Role separation: Owner vs Team (PIN); team cannot export subscriber PII.
• Idempotent “send”, duplicate suppression, configurable rate-limit (default 3h per label).
• Performance: search results under ~300 ms for ~2–5k labels.
• Accessibility basics (labels, contrast), mobile-first UX.
• Error paths handled (failed SMS, invalid webhooks, expired PIN sessions).

PREFERRED STACK (OPEN TO A JUSTIFIED ALTERNATIVE)
• Frontend: React/[login to view URL] (mobile-first; PWA-ready is fine).
• Backend: [login to view URL] API routes (Node/TypeScript).
• DB/Auth: PostgreSQL (Supabase or similar) with basic row-level separation.
• SMS: Twilio (primary) with STOP/HELP webhook endpoint.
• Hosting: Vercel (app + API) + managed Postgres.

DELIVERABLES
1) Deployed MVP (staging + production) on my domain (SSL).
2) Private repo with documented source, migration scripts, seed data, `.[login to view URL]`.
3) Short test plan + passed acceptance checklist (below).
4) Minimal runbook: rotating PINs, safe re-send of failed SMS, backup/restore basics.

ACCEPTANCE TESTS (BLACK-BOX — REQUIRED)
Public flow
• Open QR page → search/select label → enter phone + check consent → confirmation SMS is received.
• “Can’t find it?” creates a request entry; once mapped to a label in admin, existing opt-ins attach to that label.

Team flow
• PIN login → scan code or enter ID → ONLY subscribers for that label receive ONE SMS.
• Rate-limit: cannot send again for the same label/location within configured window (default 3h).
• De-duplication: the same phone cannot join the same label twice; dedupe respected on send.
• Audit log row is written (timestamp, sender, label, count_sent).

Admin flow
• CSV import creates/updates labels; labels appear in public search.
• Mapping “requests → label” works and moves those subscribers under the label.
• Counts per label update correctly after alerts; phone numbers are masked in UI.

Compliance & safety
• STOP/HELP: replying STOP unsubscribes immediately; future sends are blocked.
• Abuse controls active (IP throttle/CAPTCHA); secrets not committed; HTTPS enforced.

OUT OF SCOPE (FOR MVP)
• Paid subscriptions/billing.
• Multi-org HQ analytics/impersonation.
• Email digests/advanced analytics.
• Live spreadsheet sync, recommendations, images.

TIMELINE & MILESTONES
Target 2–4 weeks with weekly demos (propose your plan).

Milestone 1 — Core (60%)
• Public opt-in + confirmation SMS.
• Team PIN login + scan/ID send.
• Rate-limit + de-duplication.
• STOP/HELP webhook handling.
Deliverable: end-to-end demo on staging; code in repo; initial docs.

Milestone 2 — Admin & Deploy (40%)
• CSV import; counts/logs; requests→label mapping.
• Abuse controls; masked numbers; README/runbook.
• Production deploy (SSL) + seed data + final acceptance tests.

BUDGET
Fixed fee for MVP. Please propose your price with a milestone split aligned to M1 (60%) / M2 (40%). Typical ranges are welcome.

HOW TO APPLY (SHORT ANSWERS)
1) 1–2 links to similar builds (camera/scan, SMS, small admin).
2) Proposed stack (and why).
3) How you’ll implement STOP/HELP, rate-limits, timezones, and error handling.
4) Fixed price + days for M1 and M2.
5) Confirm you’ll sign a one-page mutual NDA before receiving the private spec and wireframes.

LEGAL / CONFIDENTIALITY
• Work-for-hire; all IP/code transfers to me on final payment.
• No portfolio use, screenshots, or repo publicity without written permission.
• NDA required before any private materials (domain, copy, industry) are shared.

APPENDIX
Sample CSV (first import)
code,name,synonyms,active
A001,Item Alpha,"alpha, a-one",true
B002,Item Beta,"beta, b-two",true
C003,Item Gamma,"gamma, g-three",true

Env sample (.env)
APP_URL=[login to view URL]
JWT_SECRET=change_me
DATABASE_URL=postgres://user:pass@host:5432/db
SUPABASE_URL=...
SUPABASE_SERVICE_ROLE=...
SMS_PROVIDER=twilio
TWILIO_ACCOUNT_SID=...
TWILIO_AUTH_TOKEN=...
TWILIO_MESSAGING_SERVICE_SID=...
RATE_LIMIT_HOURS=3

Minimal data model (neutral terms)
• locations(id, name, slug, timezone)
• users(id, email, name, role)
• team_pins(id, location_id, pin_hash, active)
• labels(id, location_id, code UNIQUE, name, synonyms, active)
• requests(id, location_id, text, image_url, created_at, matched_label_id, status)
• optins(id, location_id, label_id, request_id, phone_e164, created_at, status['active','alerted','unsub'], UNIQUE(location_id, label_id, phone_e164))
• sends(id, location_id, label_id, sent_at, count_sent, sender_user_id)" (client-provided description)


Matched companies (4)

...

April Innovations

April Innovations is one of the leading Enterprise Software Development companies in Mumbai, with clients being serviced in the USA, UK, and India. T… Read more

...

SJ Solutions & Infotech

SJ Solutions & Infotech is a team of highly experienced and dynamic professionals who have an enormous passion for technology. In this fast changing … Read more

...

Knowforth Tech

Empowering Businesses with Tailored Software & AI Solutions.

...

Mobiweb Global Solutions

Mobiweb Global Solutions is a full-service IT company specializing in web development, mobile app development, blockchain, AI, IoT, and game developm… Read more