Customer profile & settings¶
| ID | MOD-072 |
| System | SD08 |
| Repo | bank-app |
| Build status | Deployed |
| Deployed | Yes |
| Last commit | c98d4214fd3e613d6a3c873f68551d129ff1a485 |
Customer profile and settings is the self-service interface for managing the non-transactional aspects of the customer's relationship with the bank. It covers personal details (name, address, contact information), security settings (trusted devices, session history, 2FA preferences), notification preferences, language, and linked external accounts.
Changes to regulated fields — email address, phone number, residential address — are gated behind a re-verification step: the customer must confirm their identity before a change takes effect. The previous value is retained and an alert is sent to the old contact point on any change, providing a defence against account takeover. Changes are logged with timestamp and session identity for audit purposes.
The module surfaces data held by the bank about the customer in plain language, fulfilling the access and correction rights obligations under the Privacy Act (NZ) and Privacy Act 1988 (AU). Customers can view their profile data, submit a correction request, and track its status without calling the contact centre.
Module dependencies¶
Depends on¶
| Module | Title | Required? | Contract | Reason |
|---|---|---|---|---|
| MOD-068 | Authentication & session management | Required | — | Profile updates require a valid authenticated session to attribute changes to the correct customer identity. |
| MOD-010 | CDD tier assignment engine | Required | — | Changes to regulated identity fields emit bank.app.profile_updated which bank-kyc subscribes to; MOD-009/010 re-runs CDD downstream. |
| MOD-104 | AWS shared infrastructure bootstrap | Required | — | AWS shared infrastructure provisioned by MOD-104 (EventBridge buses, S3, KMS, Kinesis, Cognito) is required before this module can be deployed. |
| MOD-103 | Neon database platform bootstrap | Required | — | Neon database and schema provisioned by MOD-103 must exist before this module can read or write Postgres. |
Required by¶
(No modules in this wiki currently declare a dependency on this module.)
Policies satisfied¶
| Policy | Title | Mode | How |
|---|---|---|---|
| PRI-001 | Privacy Policy | AUTO |
Customers can view and correct all personal information held about them — the profile module provides a self-service interface for data accuracy rights. |
| CON-001 | Customer Fairness & Conduct Policy | AUTO |
All profile changes are confirmed and acknowledged by the customer before being applied — no silent updates to contact or identity details. |
Capabilities satisfied¶
| Capability | Title | Mode | How |
|---|---|---|---|
| CAP-058 | Notification preferences (granular) | AUTO |
Stores and applies the customer's per-notification-type channel preferences, read by the notification orchestration module on every outbound communication. |
| CAP-059 | Language preference | AUTO |
Stores the customer's language preference and passes it to the app shell so all content is rendered in the selected language. |
| CAP-115 | Self-service personal details update | AUTO |
Allows the customer to update their contact details, address, and marketing preferences — changes trigger a re-verification step for regulated fields. |
| CAP-116 | Linked external account management | AUTO |
Allows the customer to link, view, and unlink external bank accounts for balance visibility and payment initiation. |
| CAP-056 | Custom card design | AUTO |
Lets the customer choose a card design from the available palette or upload a custom image, persisting the selection and passing it to card manufacturing on the next card issue cycle. |
| CAP-057 | App theme & display preferences | AUTO |
Stores the customer's chosen app theme (light, dark, system) and accent colour preference, applied across the app shell on every session load. |
Part of SD08 — Customer App & Back Office Platform
Compiled 2026-05-22 from source/entities/modules/MOD-072.yaml