- Users submit personal details and a photo
- Admin manually verifies compliance (prototype scope)
- Role-based rules engine
- Explicit allow / deny decisions
- Location-aware validation
- Each terminal tap is logged
- Includes timestamp, location, decision, and reason
- No biometric storage
- No real NFC encryption
- No university SSO integration
The prototype demonstrates security architecture patterns, not production enforcement.