project-proposal-2025

SubBuddy: Online Service Subscription Manager

Abstract

In recent years, the software industry has strongly shifted from one-time payment softwares to service subscriptions. This allows premium users to access features that free users cannot, as services like Netflix, Youtube Premium, Canva Premium, etc. Most of these services provide free trials to users but automatically renew the paid subscription once the trial period ends, often without sending a prior notice. Consequently, many users forget to cancel the trial and end up wasting their money on paying for services they do not intend to continue using.

SubBuddy offers a comprehensive solution for managing subscription services. It provides a user-friendly dashboard to monitor subscriptions, prompts renewal alerts, and identifies underused services to help save user money. Moreover, SubBuddy provides a clear breakdown of monthly subscription spending, helping users understand and control their spending. By preventing unnecessary charges, SubBuddy gives users the full control over their subscriptions and avoid unwanted auto-renewals.

Author

Name: Tri Nhan Pham

Student number: 48268213

Functionality

Features

Log in/Sign up

• New users can sign up using emails and password through SubBuddy Web/Mobile application, followed by email verification via a link and finally complete their profile with basic details like name, avatar, etc. then users can log in with registered email and password. Alternatively, users can sign up and login with their current Google account to save time from registering and verifying.
• For password recovery, users can request a one-time use reset link sent to their email to reset password, enhancing security and privacy.

Profile

• Users can view and edit their profile details such as name, avatar, or password in their Profile.
• Password changes, same as password recovery are processed through a one-time link sent to the user’s email, enhancing security without requiring users to remember the current password.

Dashboard

• Dashboard displays all user subscriptions, including service name, monthly cost, and renewal date.
• Subscribed services can be automatically recognized through emails, however users can also add them manually in case they have security or privacy concerns.
• A visualization of monthly expenses on subscriptions helps users understand their spending and which services are charging most.

Subscription Reminder

• SubBuddy sends reminders two days prior to renewal dates and trial period endings. Users are able to choose notification options via app or email, or both to manage unwanted charges.
• an AI-driven feature which detect and alert users about underused services, and suggests them possible cancellations to save money.

Financial Analysis

• Data visualizations show monthly subscriptions trends, which helps users to keep track of their spending over months and spot unusual charges.

Privacy and Security

• Two-factor authentication is required for logins from new devices, with an option to save the device for quicker future access.
• All User data, including email access needed to identify subscription services, is encrypted to protect user privacy; even SubBuddy cannot view this information.

Potential flows in SubBuddy

• Sign up for new users: Sign up -> Verification -> Information Form -> Dashboard -> Complete
• Add services: Sign in -> Two-Factor Verification -> Dashboard -> Add subscription service -> Complete
• Change password: Sig nin -> Dashboard -> Profile -> Change Password -> Verification via email -> Fill in new password -> Complete
• Financial Analysis: Sign in -> Dashboard -> Financial Analysis

Scope

• User Account:
  • Users are able to sign up/log in using email or their existing Google accounts through a single-page web application
  • One-time use links are used to verify emails
• Dashboard:
  • Display added subscription services and a visualization on user monthly expenses
• Subscription Reminders:
  • Reminders can be sent to users based on provided renewal dates
  • Flag some services as underused and users should be sent alerts about those services
• Analysis:
  • Users should be able to see their spending on subscriptions over months
• Security:
  • Users are able to use two-factor authentication

Quality Attributes

Modularity

A modular architecture, where components such as user authentication, subscription reminders, financial analysis and others are designed to be distinct and independent modules. This is prioritized in SubBuddy because of several reasons:

• Development Efficiency: it will be easier to manage the process of development as services can be developed in different teams, which enhances productivity and reducing complexity.
• Error Isolation: errors from one service do not affect others and can be easily tested and identified to fix. This is especially important when SubBuddy has to work with external services (for example mailboxes), which may create errors easily.
• System Reliability: This ensures that the entire system remains operational, even if one module fails.

Availability

With a software that provides real-time updates and alerts like SubBuddy, it is really important that the system is always available. Continuous availability is critical to prevent missed notifications that could lead to unwanted charges, affecting user trust in the system. As a result, the system should be available whenever users need to check for alerts or their spending. Availability for SubBuddy can be managed and measured by having performance metrics, such as uptime (percentage of time the system is operational and available to users), error rate, or response time, etc.

Testability

SubBuddy prioritizes testability as it also enhance availability and functionality by detecting errors or malfunctions early even in development process or in production. High testability means fewer bugs and issues, leading to higher user satisfaction and trust. The system supports automated testing, including unit tests, integration tests, and system tests. Moreover, given that SubBuddy handles sensitive user data and financial information, being able to test compliance with data protection regulations is really important. Testability can be managed and measured by automated test proportion, or test execution time, etc.

Security

Security is a must in terms of architecture considerations for SubBuddy, as the software accesses and handles sensitive information. For SubBuddy, security is ensured by using two-factor authentication for new and unrecognized device logins. Moreover, all user data, including sensitive email access, is encrypted. Even with cyber attacks, user data is still protected, as SubBuddy may have access to sensitive information of users, such as personal information or emails. SubBuddy needs to have strong security in order to maintain user trust and compliance with data protection regulations

Evaluation

Evaluation for selected attributes can be conducted through methods and/or metrics given below:

Modularity

• Module Testing: Perform regular automated testing for each Sign up/Log in, financial analysis, dashboard, etc module to make sure each works independently and as expected, meaning that each module is only designed for a single purpose.
• Code Analysis: Conduct regular code review in order to make sure that each module is independent, not overlapping each other and has a well-defined interface. While doing code review, the degree of dependency between modules and the degree of how closed elements within a module work together can also be analyzed to measure if the system is currently modular.

Availability

• Simulate Scenarios: Try simulating scenarios that the system may fail and record the metrics, such as uptime, error rate, response time, etc using tools. For example, a simulation of high traffic load can be conducted using tool like JMeter. We can simulate the number of subscription reminders sent simultaneously and number of users currently logged in to be 10x to see if the system can handle and record metrics on how it would respond. Set expected numbers prior to simulations and check if SubBuddy meets the expectation, if the system does, it can be considered to have achieved availability.

Testability

• Automated Tests: Set an expectation on how much tests should be automated to be considered large proportion. If the expected percentage of tests is automated, the system can be considered to achieve testability.
• Test Case Analysis: Make sure test cases are reviewed regularly to improve coverage for all features, modules, etc and also different levels of testing.
• Monitor Bug Rates: Manage the rates of bugs discovered and fixed to measure the effectiveness of testing processes.

Security

• Security features checking: Besides automated testing, verify two-factor authentication success rates, one-time use links time expiration, record and set expectation numbers. Check if the recorded numbers are lower than expectations and aim to keep authentication failures as low as possible to maintain system integrity.
• System Analysis: Conduct regular system audits to find vulnerabilities and analyze the system security, making sure the system complies with security standards (for example ISO/IEC 27001), financial reports as well as user subscriptions from Dashboard are not exposed to unauthorized users.
• Simulate attacks: On the other side, we can simulate penetrations to also look for vulnerabilities and try to fix them before they are exploited.