KhunThong From Zero To One

KhunThong From Zero to One
ex-Delivery Manager &
ex-Advanced Innovation Engineer,
KBTG
Chayakorn
Pamonratthanakul
Worakrit
Louwitawas
Advanced Innovation
Product Manger, KBTG
Kannapon
Pakdeewattanakul
Advanced Innovation
Engineer, KBTG

View Slide

From Zero to One
KHUNTHONG
DEVELOPMENT
by

View Slide

The social chatbot that helps friends settle
expenses in a LINE group
KHUNTHONG

View Slide

From Garage to Production
KHUNTHONG

View Slide

Our First
Version!

View Slide

POC
Within 2 Weeks
and Zero Budget

View Slide

Actualize
with Customers

View Slide

Alpha
Phase
Beta
Phase
Public
Launch
Now
3.5K 34K 380K
1K
KHUNTHONG USERS
#Number of Members in All Groups

View Slide

KHUNTHONG STATS
4M
Messages Monthly
190k
Added Friends
70k
Groups

View Slide

AGENDA
• Why LINE APIs?
• Architecture Design
• OCR Technique
• Security Practices
• KhunThong 2.0

View Slide

LINE LOGIN
3 GREAT THINGS
Enhanced by LINE APIs
Instant
Onboard
Zero-Baht
Initial Cost

View Slide

REQUESTER:
Create Bill
Reading Receipt (OCR)
Daily Auto-Reminder
Create Scheduled Bill NEW!
Dummy Account NEW!
KHUNTHONG FEATURES

View Slide

KHUNTHONG FEATURES
PAYER:
E-Slip Verified with QR
Link Acc. with KhunThong

View Slide

#Medal
Campaign Center
KHUNTHONG FEATURES

View Slide

#Covid19
Donate with Share Target
Picker
KHUNTHONG FEATURES

View Slide

LINE API REFERENCE
- Token Verify
- Push/Reply Message
- Get Group Members
- Get Member Profile
- Get Image
- Leave Group
- LINE Login
- Open/Close Window
- Get AccessToken
- Send Message
- Get OS
- Get Context
- Share TargetPicker(#Covid19)
#LINE FrontEnd Framework
(LIFF V2) and LINE Login
#LINE Messaging API

View Slide

KHUNTHONG TECHSTACK
LINE API PROGRAMING LANGUAGE CLOUD & SERVICES DEPLOYMENT
ANALYTICS
SUPPORT SERVICES
● ReactJS + LIFFv2
● OATH2.0
● Encrypt + Decrypt Request And
Response
WEB
● GIN Gonic framework
● ECHO Labstack framework
● CI/CD deployment
● OCR Formatter engine.
APP
● NO-SQL Database Structure
● Encrypt/Decrypt DB
DATABASE
Bot and OCR Engine

View Slide

DB Replicas
EC2 Medium
MQM
EC2 Large
OCR/Formatter
AWS EKS Cluster
SYSTEM ARCHITECTURE
K8S
Pods
Bot
LINE
Application
K8S
Pods
Web
K8S
Pods
OCR
K8S
Pods
api-service
Cloudfront ELB
VPC
Network
KBank OpenAPI

View Slide

OCR Technique
KHUNTHONG

View Slide

OCR Working
with Customized
Formatter

View Slide

OCR X CUSTOMIZED FORMATTER
2. Run in the OCR Engine
3. Return Array of Items and Prices
1. Get Message ID (Image)
Google
Vision
S3
Image
Extract the data
Template
Matcher

View Slide

Security Practices in LIFF
KHUNTHONG

View Slide

2. Encryption / Decryption
3. Local Storage in Device
SECURITY PRACTICES IN LIFF
1. LINE Login and OAuth2.0

View Slide

var token string
if strings.HasPrefix(c.Request.Header.Get("Authorization"),
"Bearer") {
//Handle Permission Denied
return
}
//Send Request to Validate token With LINE OATH2.0
LINE Login and OAuth

View Slide

KHUNTHONG ENCRYPT/DECRYPT DIAGRAM
Start Session
- Verify Token by OAUTH2
- Generate Dynamic ShareKey and Salt
- Verify Token by OAUTH2
- Validate HMAC
- AES Decrypt request data
- AES Encrypt (ShareKey + request data)
- HMAC(AES + SALT)
- Send Request

View Slide

Encryption / Decryption
//update every time when open LIFF
bodyEncryptString := string(req.Data)
decodedMsgWithHmac, err := base64.StdEncoding.DecodeString(bodyEncryptString)
//Handle error
hMacCli := decodedMsgWithHmac[:BlockSizeHmac]
decodedMsg := decodedMsgWithHmac[BlockSizeHmac:]
statusHMac := ValidMAC(decodedMsg, hMacCli, []byte(salt))
//Validate HMAC
iv := decodedMsg[:NONCESIZE]
msg := decodedMsg[NONCESIZE:]
//decrypt Body
bodyDecryptString, err := DecryptAES([]byte(key), msg, iv)

View Slide

SECURITY PRACTICES IN LINE
Local Storage in Device
LINE
Device#1
With Authenticated
Local Key Storage
Validate pass
LINE
Device#2
(New)
Without Authenticated
Local Key Storage
*Require New Authentication
with K PLUS

View Slide

Scheduled Bill
Multiple Bill
Trip Mode
Let’s Split the Bill!
LINE OA: @Khunthong

View Slide

KhunThong From Zero To One

KhunThong From Zero To One

LINE Developers Thailand

More Decks by LINE Developers Thailand

Other Decks in Technology

Featured

Transcript