Uber Script is an extension of Uber and Uber Eats, designed to fill a gap in their current services by allowing users to upload e-prescriptions and receive their required medication without leaving their homes. The primary success of Uber and Uber Eats lies in their ability to provide an immediate solution to in the moment inconveniences. Uber Script follows the same principle, addressing a critical need for secure and convenient prescription medication delivery for those who are unable or uncomfortable to acquire it independently. To ensure the service aligns with Uber’s existing high standards, security, reliability, and interoperability must be prioritised at an exceptional level.
Name: Ashwin Harikrishna
Student number: 47511891
Users create an account by providing essential details such as name, email, phone number, and address. Identity verification is enforced to prevent fraud, requiring users to upload a valid form of ID. Location data is used to associate addresses with verified pharmacy partners. User credentials are securely stored with hashed passwords, and authentication is managed using JWT and MFA to ensure robust protection against unauthorised access.
Once registered, users securely upload their e-prescription through an encrypted interface. The system cross references it with real time pharmacy inventory to verify availability, through API’s like HL7 FHIR to ensure accurate, quick, up-to-date inventory checks. Once confirmed, the pharmacy prepares the order using the digitally transmitted QR code e-prescription. If a user uploads a scanned prescription, it is converted to a PDF and manually reviewed for accuracy. All prescription data is encrypted both in storage and transit to ensure compliance with privacy regulations. The pharmacy will receive an associated code linked to who will pick up the delivery.
Uber drivers are assigned pickup requests based on proximity and availability. Upon accepting, they proceed to the pharmacy and on arrival present the code for verification by the pharmacist who securely packages the medication in a closed bag to the driver. This transaction is logged in the system for tracking.
Upon reaching the user’s address, delivery confirmation is completed via photo verification at the drop off location. The user receives a notification and can rate the service for quality assurance. Throughout the process, all sensitive data, including prescriptions, user details, and delivery records, are encrypted using AES-256 for storage and TLS 1.2+ for transmission. API endpoints for pharmacies and drivers ensure seamless integration, while system monitoring tracks uptime, error rates, and overall performance. The user payment is processed after a driver picks up the package.
User Registration- Registration process will collect basic personal information such as name, email, and delivery address. Firebase Authentication will be used for secure and easy user sign in, especially for mobile applications. The user details will be stored securely using PostgreSQL for database management.
E-Prescription Upload- When required for delivery, the user will have a section to upload their e-prescription(which will be a link to QR code sent by doctor previously). For simplicity, only e-prescriptions are eligible for now.
Pharmacy Search & SMS Contact- After the prescription is uploaded, the system will search for the nearest pharmacies using the Google Maps API with a filter for chemists with SMS communication enabled(for e-prescriptions) currently. This API will calculate the proximity from the user’s address and determine which pharmacies are closest. Once a pharmacy is found, the system will send the e-prescription via Twilio SMS API to the pharmacy with a 6-digit verification code.
Pharmacy Confirmation- The pharmacy will manually confirm or decline availability for now. If the first pharmacy declines, the system will automatically move to the next closest pharmacy, using the Google Maps API and repeat the process. This process will continue until a pharmacy confirms the prescription availability.
Security ensures that sensitive data (prescriptions, user details) is protected from unauthorised access, ensuring compliance with privacy laws like HIPAA and GDPR. As it is very personal confidential data, security is key for building user trust and avoiding legal consequences. The delivery process enforces protocols to ensure the pharmacist is the only person to view the user prescription medication. Measurable aspects include encryption of data both in transit, using TLS 1.2 and at rest using AES-256 encryption. Furthermore the system’s ability to rapidly detect/respond to potential threats, and compliance with established privacy standards are also prioritised.
Scalability ensures the system can maintain increased data load from increased an increased user base, without significant performance degradation. As Uber Script scales to support more users, the system must be able to handle increased traffic load efficiently to prevent slow response times negatively impacting user experience. Measurable aspects involve the system’s ability to support a defined number of concurrent users, while maintaining acceptable response times under peak load and effectively employ dynamic resource scaling.
The evaluation of Uber Script will be conducted through a multitude of testing and analysis methods to ensure the MVP meets the defined quality attributes. Functionality testing will verify that all core features operate as intended, encompassing unit, integration, and user acceptance testing, with a 95% pass rate as the success benchmark before release.
Security assessments will identify and mitigate potential security vulnerabilities, including penetration testing using tools like OWASP ZAP, encryption validation, and third party security audits, ensuring no high risk vulnerabilities are identified as a success rate and compliance with GDPR and HIPAA standards implementing access controls and audit trails.
Performance and scalability analysis will evaluate system performance under varying load conditions, utilising load testing tools such as Apache JMeter to simulate high user traffic, with success criteria being the ability to handle 10,000 simultaneous users with 5 second response times maximum, and validation of autoscaling functionality.
Interoperability testing will validate seamless integration with external APIs and services, employing API testing tools such as Postman and end to end system verification, with the passing criteria being 90% success rate in API communications and successful data flow from user input to delivery completion.
Real world testing will assess usability and user experience through beta testing, with successful workflow being with 80% user satisfaction rate. Finally, continuous monitoring will track system performance in the production environment, looking for 90% uptime and system error resolution within 48 hours.