Digital Membership Platform with Real-Time QR Verification & Subscription Management

We approached this project as a full product build — not just a technical delivery. We mapped every user journey, identified every failure point in the existing system, and designed a unified platform that addressed each problem at its root. The result was a single, cohesive product serving three user roles across iOS, Android, and Web — built on a secure, real-time, scalable infrastructure.

1. Unified Role-Based Architecture

The first decision we made was to build one unified application with role-based access control rather than three separate products. When a user logs in, the system identifies their role — Member, Business Scanner, or Admin — and routes them to a completely different interface within the same codebase. This eliminated fragmentation, reduced maintenance overhead, and ensured that all three user types were working from the same live data source at all times.

Firebase Authentication handled user identity and session management securely. Firestore security rules enforced role-based data access at the database level, meaning a business scanner could never access member financial data, and a member could never access admin controls — not through the UI, and not through a direct API call.

2. Dynamic QR Security Engine — The Core of the Platform

This was the most technically critical component of the entire build, and we invested significant architectural thought into getting it right.

Every active member's card displays a QR code that is cryptographically regenerated every 30 seconds. The QR does not contain static membership information — it contains a short-lived signed token that is mathematically tied to the member's ID and the current timestamp. When a business scanner reads the QR, the app does not attempt to decode it locally. Instead, it sends the raw token to our Node.js backend for server-side validation.

The backend performs several checks in sequence: it verifies the cryptographic signature, confirms the token was generated within the last 30 seconds, checks the member's current subscription status in Firestore, and confirms the token has not already been used (replay protection). Only when all checks pass does it return a success response. If any check fails — whether the token is expired, the membership is locked, or the token has already been scanned — it returns a detailed failure response.

This architecture made screenshot sharing completely useless. A screenshot taken 31 seconds ago produces an expired token. A token sent over WhatsApp and scanned by someone else is rejected by the replay protection layer. The security model is sound even against technically aware bad actors.

Rate limiting was added at the API level to prevent brute-force token guessing, and all tokens are invalidated immediately if a member's account is locked due to payment failure.

3. Stripe Subscription Lifecycle — Fully Automated

We integrated Stripe as the complete payment and subscription engine. Members choose between a monthly or annual plan during onboarding and complete payment through a Stripe Checkout session. From that point forward, the entire subscription lifecycle is managed automatically through Stripe webhooks connected to our Node.js backend.

We built webhook handlers for every critical event in the subscription lifecycle. When a payment succeeds, the backend immediately updates the member's status to Active in Firestore, which propagates in real time to their membership card. When a payment fails, the membership status is set to Locked within seconds of Stripe sending the failure event — the QR becomes invalid, the card shows a locked state, and the member receives an email and push notification with instructions to update their payment method. When a member cancels, their status remains Active until the end of the current billing period, after which an automated expiry process marks the card as Expired. No human intervention is required at any stage.

Grace period behavior was implemented for payment failures — members receive a short window to resolve billing issues before the lock is applied, reducing involuntary churn without compromising platform integrity.

4. Member Portal — Premium Mobile Experience

The member-facing app was designed with a fintech-inspired aesthetic using a Deep Indigo and Electric Cyan palette, Inter typography, and glassmorphism card effects. The goal was for the digital membership card to feel as premium and credible as a high-end physical card — something members would feel proud to show at a business.

The membership card screen is the home screen for members. It displays their name, profile photo, current membership status with a clear visual indicator (Active in green, Locked in red, Expired in grey), and the live rotating QR code with a 30-second countdown timer so members always know when the next rotation is happening.

Beyond the card, members can browse the full deals and locations directory — searching and filtering businesses, viewing deal terms and validity windows, and checking location addresses and opening hours. Profile management, subscription status, payment history, and invoice access are all available through a clean self-service portal that eliminated the support burden on the admin team.

Push notifications are delivered for payment reminders before renewal dates, failed payment alerts, expiry warnings, and new deal announcements — keeping members engaged and informed without requiring them to open the app.

5. Business Scanner Interface — Fast, Clear, Reliable

The business scanner interface was designed around one principle: a business owner or staff member standing at a counter needs an instant, unambiguous answer. There is no room for confusion or slow loading.

When a business user opens the scanner, the camera activates immediately. Scanning a QR code triggers the server-side validation in real time. The result screen is deliberately bold and binary: a full-screen green display showing the member's name and photo on success, or a full-screen red display with a clear reason (Expired, Locked, Invalid Token) on failure. The large member photo displayed on success adds a crucial identification layer — the business can confirm the person presenting the card matches the member on file.

Every scan is automatically logged to Firestore with a timestamp, the member's ID, the business location, and the result status. Businesses can view their complete scan history, filtered by date range or member, giving them an audit trail for reconciliation and reporting.

6. Admin Dashboard — Complete Operational Control

The React web admin dashboard was built as the operational nerve centre of the entire platform. We structured it around the core workflows the admin team performs daily.

The analytics overview gives a real-time snapshot of total members, active versus inactive breakdown, monthly and annual revenue figures pulled directly from Stripe, scan volume over time, and membership growth trends displayed in clean charts. This alone replaced hours of weekly manual reporting.

Member management allows admins to search and view any member profile, see their full subscription history and payment events, and apply manual status overrides — activating, deactivating, or locking a card directly from the dashboard. Payment failure investigation is streamlined with a clear view of the Stripe event timeline for each member.

Business management covers the full business onboarding workflow — creating business profiles, adding multiple locations with addresses and hours, creating and managing deals with validity windows and active/inactive status, and creating business scanner accounts with controlled access. Admins can disable a business scanner account instantly if needed.

The reporting module allows CSV export of the full member list, business directory, and scan history — filtered by date range, status, or business — giving the admin team clean data for external reporting and compliance needs.