Ministry of Industry
Employee Purchase System via Access Card & Self-Service Vending Machines
A complete IoT ecosystem that automates employee meal entitlements at the Saudi Ministry of Industry. Employees use their existing workplace NFC/RFID access cards to purchase juices, meals, and snacks from smart vending machines — no cash, no apps, just tap and go.
Deployed at Ministry of Industry — Riyadh
Ministry Lobby Signage
خدمة مكائن الوجبات المجانية
Afen Smart Vending Machine
Touchscreen + NFC Card Reader
Branded Machine
المذاق مو طبيعي — صناعة سعودية
How It Works — Tap & Go
From card tap to product dispense in under 1 second
Employees already carry NFC/RFID access cards to enter the building. We repurposed the same card as a meal entitlement card — no new cards, no cash, no apps. Just walk up to the vending machine and tap.
Select Product
Employee browses the touchscreen and picks a juice, meal, or snack from the vending machine.
Tap Access Card
Employee taps their existing workplace NFC/RFID badge on the reader. The machine sends card ID, slot, machine ID, and price to the backend.
Instant Validation
Backend verifies identity, checks daily quota by classification, validates product category, and confirms balance — all in under 1 second.
Dispense & Enjoy
Product is dispensed, points are deducted, and the transaction is logged. If validation fails, the machine shows the rejection reason.
Access Card as a Meal Card
Repurposing existing NFC/RFID badges for the meal system
The key innovation is that the system uses the employee's existing workplace access card — the same badge they use to enter the building, open doors, and access restricted areas. No separate meal card, no app download, no cash handling. The NFC/RFID card is linked to the employee profile in the admin panel, and from that moment the card works as a meal entitlement card at every vending machine in the building.
Virtual Points — Not Real Money
The system operates on a virtual daily points balance— not real currency. Points are allocated automatically each day based on the employee's classification. Unused points expire at midnight. This prevents hoarding and ensures fair daily distribution.
Dual Period Recharge
Optional two-period recharge: Breakfast (7:00–10:00 AM) and Lunch (12:00–3:00 PM). Balance resets before each period. For example, a regular employee gets 150 pts for breakfast + 150 pts for lunch, preventing someone from spending their entire allowance in the morning.
Classification-Based Quotas
Role-based daily points and product limits
Every employee belongs to a classification that determines their daily points and product limits. The rule engine automatically enforces these quotas on every transaction.
| Classification | Daily Points | Juices | Meals | Snacks |
|---|---|---|---|---|
| Manager | 500 pts | 3 | 2 | 2 |
| Supervisor | 400 pts | 2 | 2 | 1 |
| Regular Employee | 300 pts | 1 | 1 | 1 |
| Technician | 300 pts | 1 | 1 | 1 |
Slot Category Mapping
The Vending Machine
Afen refrigerated smart vending machine specs
The deployed machine is an Afen refrigerated smart vending machine branded with the Ministry of Industry's identity and the "صناعة سعودية" (Saudi Industry) logo. It features:
Refrigerated Cabinet
Temperature-controlled storage for fresh meals, dairy, and cold drinks across 5 shelves.
15" HD Touchscreen
Interactive display showing product catalog with photos, names, prices in points, and availability.
NFC/RFID Card Reader
Integrated card reader on the green panel — reads the same badge employees use for building access.
Spring Motor Dispensers
Per-slot spiral springs push products off the shelf. Infrared drop detection verifies delivery.
4G/LTE + WiFi
Always-on connectivity for real-time API calls to the backend for validation and transaction logging.
LED Interior Lighting
Illuminated product display behind glass door for clear visibility of available items.
Admin Dashboard
Centralized web dashboard with role-based access control
HR and IT administrators manage everything from a centralized web dashboard with role-based access control. Six core modules cover the entire lifecycle:
Employee Management
- Add/edit/delete profiles
- Link access card to employee
- View individual purchase history
Classification Management
- Define roles (Manager, Employee, Supervisor)
- Set daily points per classification
- Configure product access rules
Balance & Recharge
- Daily or dual-period recharge modes
- Auto-recharge at midnight or per period
- View current balances across employees
Vending Machine Registry
- Register machines and locations
- Monitor online/offline status
- Remote configuration
Slot Category Mapping
- Map slot numbers to product types
- Juices (1–10), Meals (11–30), Snacks (31–40)
- Bulk slot configuration
Reports & Analytics
- Daily/weekly/monthly transaction reports
- Most consumed products ranking
- Rejection reasons and balance usage stats
System Architecture
End-to-end data flow from card tap to product dispense
┌──────────────────┐ ┌───────────────────────┐ ┌──────────────────┐
│ EMPLOYEE │ │ VENDING MACHINE │ │ BACKEND API │
│ │ │ │ │ │
│ ┌────────────┐ │ │ ┌─────────────────┐ │ │ ┌────────────┐ │
│ │ NFC/RFID │──┼────>│ │ Card Reader │ │ │ │ Validation │ │
│ │ Access │ │ tap │ │ (NFC/RFID) │──┼────>│ │ Engine │ │
│ │ Card │ │ │ └─────────────────┘ │ API │ │ │ │
│ └────────────┘ │ │ ┌─────────────────┐ │ │ │ • Identity │ │
│ │ │ │ Touchscreen │ │ │ │ • Quota │ │
│ Same card for: │ │ │ Product Select │ │<────┼──│ • Balance │ │
│ • Building │ │ └─────────────────┘ │resp │ │ • Category │ │
│ • Doors │ │ ┌─────────────────┐ │ │ └────────────┘ │
│ • Meals ✓ │ │ │ Spring Motors │ │ │ ┌────────────┐ │
│ │ │ │ Drop Sensors │ │ │ │ Rule │ │
│ │ │ │ Dispenser │ │ │ │ Engine │ │
└──────────────────┘ │ └─────────────────┘ │ │ │ │ │
└───────────────────────┘ │ │ • Points │ │
│ │ • Recharge │ │
┌───────────────────────┐ │ │ • Logging │ │
│ ADMIN DASHBOARD │ │ └────────────┘ │
│ │ │ │
│ Employees │ Machines │<───>│ REST APIs │
│ Balances │ Reports │ │ Database │
│ Rules │ Slots │ │ Analytics │
└───────────────────────┘ └──────────────────┘Windows Server Infrastructure
Dual-server deployment with Kerberos authentication
┌──────────────────────┐ Kerberos ┌──────────────────────┐ │ WEB SERVER │ Delegation │ DATABASE SERVER │ │ │ ◄──────────────► │ │ │ Windows Server │ Windows Auth │ Windows Server │ │ IIS 10+ │ │ MSSQL Server │ │ │ SPN configured │ │ │ ┌────────────────┐ │ for constrained │ ┌────────────────┐ │ │ │ Custom AppPool │ │ delegation │ │ Database │ │ │ │ • Dedicated │ │ │ │ • Employee DB │ │ │ │ service acct │ │ │ │ • Transaction │ │ │ │ • Least priv │ │ │ │ logs │ │ │ │ • Isolated │ │ │ │ • Stored procs │ │ │ └────────────────┘ │ │ └────────────────┘ │ │ │ │ │ │ Backend API (.NET) │ │ Encrypted conns │ │ Admin Dashboard │ │ Role-based access │ └──────────────────────┘ └──────────────────────┘
Custom IIS Application Pool
Dedicated service account with least-privilege permissions. Isolated process identity prevents cross-application attacks. Follows Microsoft security best practices for web hosting.
Kerberos Delegation
Windows-integrated authentication between IIS web server and MSSQL database server. Constrained delegation with SPN configuration — no passwords stored in connection strings.
MSSQL Server Security
Role-based database access with stored procedures. Encrypted connections (TLS). Transaction logging and audit trails for all employee purchases.
Active Directory Integration
Both servers joined to Active Directory domain. Group Policy for security hardening. Service accounts managed centrally with password rotation policies.
API Transaction Flow
What happens in the 1-second window between card tap and dispense
Every card tap triggers a single API call from the vending machine to the backend. The entire validation and response cycle completes in under 1 second.
User ID: Employee card identifier
Machine ID: Vending machine identifier
Slot Number: Selected product slot
Product Price: Price in points
Timestamp: Time of request
Success: Dispense product, deduct points
Failure: Reject + reason (quota exceeded, unauthorized category, insufficient balance, invalid card)