d-card-prototype

Security & Trust Model

Identity Verification

• Users submit personal details and a photo
• Admin manually verifies compliance (prototype scope)

Access Control

• Role-based rules engine
• Explicit allow / deny decisions
• Location-aware validation

Audit Logging

• Each terminal tap is logged
• Includes timestamp, location, decision, and reason

Prototype Limitations

• No biometric storage
• No real NFC encryption
• No university SSO integration

The prototype demonstrates security architecture patterns, not production enforcement.