| Sprints | Teams | Modules | Product features |
|---|
| S2 | TnG | Mob | Multilingual - PART 1: Injection and mobile app https://jira.secutix.com/browse/TIX2-1769 As organizers, we want to inject multilingual for events and display it on mobile app. PART 1/3 → other 2 PARTs will be deployed in next upcoming sprints (c.f. PART 2: update multilingual for events directly on AdminTool, Transaction pending, PART 3: export events multilingual from AdminTool). - Organizers to inject their tickets from S-360 (API), or by CSV file on AdminTool with multilingual support.
- Elements: Event name, Event website, Event address (site, line1, line2, line3, city), Group name, Group image, Master event name, Ticket details.
- Languages code (ISO 639-1:2002): Arabic (ar), Catalan (ca), Czech (cs), Dutch Flemish (nl), English (en), French (fr), German (de), Hungarian (hu), Italian (it), Portuguese (pt), Spanish (es), Turkish (tr).
    
- In case an event does not support a spectator’s app language, let display the event’s default language (English) (including its tickets label).
- If an event is supporting a spectator’s app language, let display event information by the app language of this spectator (including its tickets label).
- JSON format example.txt
|
| S2 | TnG | BO | Search and troubleshoot spectators stuck in the registration process https://jira.secutix.com/browse/TIX2-190 As an organizer, I can search and troubleshoot Spectators, who did not complete the registration process (for instance to retrieve registration code). - Goal is for organizers to troubleshoot cases:
- Retrieve users' registration code, when registration process has not been completed,
- Retrieve users, who created an account without tickets (never had + already had tickets),
- Retrieve users, who have tickets in pending transfer from another user,
- Retrieve users, who have tickets in pending download (injection).
- Test scenarios
- Spectators that did not complete registration process → search for this spectator in the AdminTool and see the Pincode.
- Inject a ticket to user A which never registered in the system (injection pending) → search for this spectator in the AdminTool with status inactive (similar to user did not complete registration process).
- User A transferred a ticket to user B, who has never registered in the system (transfer pending) → search for this spectator in the AdminTool with status inactive (similar to user did not complete registration process).
|
| S2 | TnG | BO | Ticket's Target Group (TG) Sub-Target Group (STG) - PART 1: Ticket List screen → Deployed in Pre-Production. Deployment in Production pending on S-360 dependency. https://jira.secutix.com/browse/TIX2-641 As an organizer, I can search by STG in the Ticket List screen. PART 1/3 → other 2 PARTs will be deployed in next upcoming sprints (c.f. PART 2: search by STG in the Transaction list, Transaction pending, PART 3: search by STG in Reports). |
| S2 | TnG | Mob | Ticket transfer disabled after Bluetooth beacon activation https://jira.secutix.com/browse/TIX2-1760 Following time activation (online or offline), disable transfer only after ticket check (via beacon or manually). - If a ticket get time-based activated, but the spectator has a last-minute blocker and cannot go to the event, the spectator can still transfer to somebody else. However, if the ticket has been already activated at the event location through a Bluetooth beacon (or manually), the ticket cannot be transferred.
- The organizer can allow/disable the ticket transfer after the Bluetooth activation by setting parameter transferRules.allowTransferAfterActivationByBT to TRUE/FALSE per ticket level (default = TRUE).
- New endpoint from backend:
- POST /spectator/tickets/secondary-activations: Inform the backend that a ticket was activated for the second time on the spectator side (mostly Bluetooth beacon). → Mobile use this flag to hide the "Transfer" button.
- New parameter work for all injections from S-360 injection (via the S-360 Ticket Template Editor) and TIXNGO CSV Injection and TIXNGO single injection.
- The Backoffice AdminTool 2.0 Console has been adapted accordingly.
- On the Edit Event (screenshot), Support ticket screen, Ticket Detail pop-up.
- The new rule of Allow transfer after activation belongs to each group transfer Id.
- Under transfer rules of each ticket, rule (Allow transfer after Bluetooth activation) is updated with the value ON/OFF respectively.
- On Support page, organizer can edit the rule to ON/OFF as other transfer rules.
- If rule is not mentioned during injection, Backend to set the default TRUE.
|
| S2 | TnG | Mob | Ticket deletion push notification with invalidation reason https://jira.secutix.com/browse/TIX2-1770 As an organizer, I want to send a push notification with a specific reason while deleting a ticket. - When an organizer deletes a ticket in S-360 (or directly from TIXNGO), the TIXNGO backend triggers a configurable push notification to the user.
- Backoffice AdminTool 2.0 Console > Settings > Multilingual Settings > 32+ new keys added
|
| S2 | TnG | Mob | Screenshot and screen recording protection (native) https://jira.secutix.com/browse/TIX2-1809 [Screenshot/recording protection] As TIXNGO, I replace ScreenShieldKit existing solution by implementing flutter library screen_protector (available on https://pub.dev/). Related to the previous delivery in 2022 Weisshorn V2 all organizers: https://jira.secutix.com/browse/TIX2-2 Screenshot and screen recording protection. - The screenshot/recording feature works as p
- Organizer can enable/disable the feature under Backoffice AdminTool 2.0 Console > application features > screen.protect.shot.record.
  
|
| S2 | TnG | Mob | Secure offline activation mode with the device's trueTime https://jira.secutix.com/browse/TIX2-1755 [All Branded SDK-based App] Secure offline activation mode. Currently, the offline activation is based on the device date-time. So some users can change the phone time and trigger the offline activation before the actual configured time. The main purpose of this new feature is to implement a more secured offline activation to avoid those cheat cases, and to always keep offline activation at the correct date-time by leveraging the device boot and actual local true date-time. Important edge cases: In case the user reboot his/her phone, and then opens the app again, the user will be asked though a pop-up message to connect to the internet (online) at least once. In case the user removes and reinstalls the app, the function should work as normal. 
|
| S2 | TnG | BO | Bluetooth beacon identifier in the Backoffice AdminTool 2.0 Console https://jira.secutix.com/browse/TIX2-183 TIXNGO Beacon Identifier not in separate column in the mobile logs in the TIXNGO console. |
| S2 | TnG | BO | Assign (keep) data missing fields (Nationality + ID passport number) + data feedback to S360 https://jira.secutix.com/browse/TIX2-1962 Assign (keep) data missing fields (Nationality + ID passport number) + data feedback to S360. |
| S2 | TnG | Mob | Ticket activation green & blue screens automatic disappearance after X seconds https://jira.secutix.com/browse/TIX2-2137 Ticket activation / green & blue screen don't disappear by themselves if no click. 
|
| S1 | TnG | Mob | More flexibility on in-app Promos https://jira.secutix.com/browse/TIX2-383 As an AdminTool user, I have more flexibility when setting Promos in the app. 
|
| S1 | TnG | Mob | My Profile mandatory information with asterisks * https://jira.secutix.com/browse/TIX2-1987 As a wallet user, I see an asterisk ("*") next to mandatory fields. |
| S1 | TnG | Mob | Registration code: 5 tries and same code for 5 times https://jira.secutix.com/browse/TIX2-181 As a wallet user, I receive by email the same registration code 5 times in a row, AND I can try to enter the registration code at a maximum 5 times. As a wallet user, I receive by email the same registration code 5 times in a row (i.e. first email, and then if tapping up to 4 times on "I did not receive my registration code: Resend"), then the registration code changes for the next 5 "Resend" requests, and so on. Sending 5 times the same registration code will help in case of bad network, we want to make sure the end user will enter the correct registration code. As a wallet user, I can enter and confirm a registration code 5 times max, then the wallet will request me to ask for a new registration code. This is a security measure to avoid brut force attack on the backend through API while registering, the backend should grant only 5 tries. After that, the end user will have to ask for a new registration code. The mobile app properly displays and explains the 5 unsuccessful tries and that a new code is required.
|
S1 | TnG | BO | 2FA to access the AdminTool https://jira.secutix.com/browse/TIX2-1157 As a AdminTool 2.0 user, I have to pass a Second Factor Authentification (2FA) - In the way to increase the security of the system, the organizer admin-user (AU) can enable/disable a Second Factor Authentification (2FA) on the AdminTool for the users (i.e. support-user (SU), basic-user (BU), moderator (Mod)). The feature is disabled by default. If the organizer also wants to activate the 2FA for the AU, they should contact TIXNGO as an additional service.
- Experience
 - At the first login, a QR-Code is displayed to set the secret tokens (e.g. in Google Authenticator mobile app).
- After a first successful login, at the next logins, the user inputs the real time 6-digit secret code (3 attempts max).
- The AU can force the display of a new QR-Code at the next login if needed (which invalid the previous one).
- A comprehensive manual is available in the Backoffice manual / 2-Factor Authentication.
|
