# System Architecture Interview KYC = know your customer — it is a regulatory requirement for companies to do due diligence on who their customer is and, depending on how much they are transacting, have differing levels of verification and due diligence. ## Context Users can have up to 4 documents: ID front ID back Proof of address Selfie If all 4 documents are verified, user is verified else user is unverified. User can resubmit for documents that have been rejected. ## Database Design Design tables to store user documents ``` Custumer - Id (pk, auto inc) - Name (varchar) - Email (varchar) Kyc - Id (pk, int, auto inc) - CustomerId (fk, int) - Status (enum, Pending, Approved, Rejected) KycDocuments - Id (pk, int, auto inc) - KycId (fk, int) - DocumentUrl (varchar) - DocumentType (enum, IdFront, IdBack, ProofOfAddress, Selfie) - Status (enum, Pending, Approved, Rejected) - SubmitDate (date time) ``` ## API Endpoint Design Design APIs for clients to query for user statuses Design APIs for clients to submit user documents ``` - GET /customer/kyc -> get status Request Header: x-auth-token: "12345" Response Body: { "id": 123, "name": "cust name", "email": "custemail@gmail.com", "kyc": { "status": "pending", "documents": [ { "id": 1234, "document_type": "IdFront", "url": "https://s3.com/kyc/abcd/abcd123.jpg", "status": "pending", "submit_date": "2022-01-01T00:00:00" } ] } } Response code: 200 / 40x - POST /customer/kyc/documents Desc: single api call upload only a single document Request Header: x-auth-token: "12345" Request Body: { "document_type": "IdBack", "data": "base64encodedstring" } Response code: 201 / 40x ```