[Tracker] QR-Based Digital Business Card Sharing

[Harxhit]

Summary

Implement QR-based digital business card sharing with a privacy-first approach. Users should be able to generate, share, scan, and revoke QR-based business card access without exposing personal information directly in the QR payload.

---

Context

The application needs a secure mechanism for exchanging digital business cards during networking and professional interactions.

Privacy baseline requirements:

• QR codes must contain a secure share token, not profile data.
• Sharing must be revocable.
• Shared information must respect user privacy settings.
• DPDP Act compliance should be considered from the beginning.

This issue serves as a progress tracker for all work required to deliver the feature.

---

Tasks

Backend

• Design share token model and database schema
• Create QR share token generation endpoint
• Create token validation/resolution endpoint
• Implement token revocation functionality
• Add token expiration support (if required)
• Add authorization and security checks
• Add audit logging for share actions
• Write unit tests
• Write integration tests

Shared

• Define shared DTOs/types for QR sharing
• Define API contracts and validation schemas

Mobile

• Add QR scanner integration
• Implement token resolution flow
• Display shared business card
• Handle invalid/revoked/expired tokens
• Add mobile-specific UX improvements

Privacy & Compliance

• Verify QR payload contains no personal information
• Review data-sharing consent flow
• Ensure revocation immediately blocks access
• Verify DPDP compliance requirements
• Update privacy documentation if necessary

---

Acceptance Criteria

• User can generate a QR code
• QR code contains only a secure share token
• Scanning a valid QR displays the correct business card
• Revoked tokens can no longer be used
• Invalid tokens return proper errors
• Privacy requirements are satisfied
• Backend tests added
• Frontend/mobile flows verified
• Documentation updated

---

Area

backend mobile shared

[github-actions]

Hi @Harxhit,

Thanks for opening this issue.

Please reply with one of the following areas so the issue can be routed to the appropriate team member:

- /backend
- /web
- /mobile
- /devops

Once an area is selected, the corresponding label will be added automatically.

[Harxhit]

/backend

[github-actions]

The issue has been classified as backend.

@Harxhit, please review and triage this issue when available.

The backend label has been applied and the issue has been routed accordingly.