Master Product Blueprint & Development Prompt

SaaS ISP Management System / ISP Dashboard / Retailer & Reseller Billing Platform

Working product name: NetBillX / FiberLedger / ISPFlow
Primary stack: Laravel SaaS application
Target market: Small and medium ISPs, local cable internet sellers, area-wise retailers, resellers, sub-resellers, field collection teams, and network operators.
Business model: 7-day free trial, then subscription-based tiered SaaS in PKR.
Core promise: One affordable system to manage customers, retailers, resellers, areas, packages, billing, payment collection, service status, router credentials, IP allocation, inventory, support, compliance, and reporting.

---

1. Product Vision

Build a modular SaaS platform for ISP and cable internet businesses that acts as the operational backbone of the company.

The platform should help an ISP owner manage:

• Customers
• Retailers / resellers
• Area-wise internet sales
• Monthly billing
• Manual and online payments
• Active / inactive / suspended users
• Router and network credentials
• Static and dynamic IP management
• Packages and bandwidth plans
• Payment collection agents
• Complaint and support tickets
• Inventory and devices
• Legal compliance records
• Reports and analytics
• Multi-tenant subscriptions
• Super admin controls
• Enterprise-grade security

The system must support both simple local operators and advanced ISPs with MikroTik, PPPoE, Hotspot, RADIUS, OLT/ONU, router API, and payment gateway integrations.

---

2. Main User Types

2.1 SaaS Super Admin

The platform owner who manages the whole SaaS business.

Responsibilities:

• Manage tenant companies / ISP accounts
• Approve, suspend, or delete ISP accounts
• Configure SaaS subscription plans
• Configure 7-day free trial
• Manage billing for SaaS customers
• View SaaS revenue reports
• Configure global payment gateways
• Configure global SMS, WhatsApp, and email providers
• Manage system modules
• View platform-wide audit logs
• Manage white-label settings
• Manage legal pages
• Configure maintenance mode
• Handle tenant limits
• Monitor system health
• Manage support tickets from ISP companies

2.2 ISP Owner / Company Admin

The owner of an ISP business using the platform.

Responsibilities:

• Manage company profile
• Manage branches and areas
• Manage retailers, resellers, sub-resellers
• Manage staff roles
• Add customers
• Assign packages
• Generate bills
• Collect payments
• Monitor network status
• Manage devices, routers, OLTs, ONU devices
• Manage customer active / inactive / suspended status
• View financial reports
• Handle complaints
• Configure integrations

2.3 Branch Manager

Manages a specific branch or area.

Permissions:

• Add and manage customers in assigned branch
• View assigned area reports
• Manage local collection agents
• Approve manual payments if permitted
• Handle branch complaints
• Cannot access full company finance unless allowed

2.4 Retailer / Reseller

A person or small business selling cable internet area-wise.

Permissions:

• Add customers under own area
• View own customers only
• Collect payment manually
• View own commission
• View pending and paid bills
• Request customer activation / suspension
• Generate customer receipts
• View package list assigned by ISP
• Cannot see other retailers’ data

2.5 Sub-Reseller

A smaller reseller under a main reseller.

Permissions:

• Limited customer management
• Limited payment collection
• View only own assigned customers
• Commission based on parent reseller rules

2.6 Collection Agent

Field staff who collects cash.

Permissions:

• View assigned unpaid customers
• Mark payment as collected
• Upload proof
• Generate receipt
• GPS/location check-in optional
• Cannot delete payments
• Cannot edit package pricing unless allowed

2.7 Network Engineer

Technical staff.

Permissions:

• Manage routers
• Manage IP pools
• Manage PPPoE credentials
• Manage MAC binding
• Diagnose online/offline status
• Restart / disable / enable user sessions if integrated
• View technical logs
• Cannot see sensitive finance unless allowed

2.8 Support Agent

Customer support role.

Permissions:

• Create and manage tickets
• View customer basic profile
• View payment status
• Add complaint notes
• Escalate technical issues
• Cannot collect money unless allowed

2.9 Customer Portal User

End customer.

Features:

• Login by phone/customer ID
• View invoices
• View payment history
• Pay online
• Download receipts
• Submit complaints
• View package details
• Request package change
• Receive notifications
• See service status

---

3. SaaS Subscription System

3.1 Trial Model

• 7-day free trial for every new ISP company
• No credit card required option
• Optional paid onboarding
• Trial starts after email/phone verification
• Trial countdown visible in dashboard
• Trial expiry warnings:
  • Day 1 welcome
  • Day 3 reminder
  • Day 6 final reminder
  • Day 7 expiry
• Trial account enters grace mode after expiry
• Grace mode:
  • Read-only dashboard
  • No new customer creation
  • Billing generation disabled
  • Payment history still visible
  • Upgrade prompt displayed

3.2 Suggested PKR Pricing

These are starting SaaS prices for Pakistan-focused small and medium ISP operators. Adjust after competitor testing and customer interviews.

Starter Plan — PKR 1,499/month

For small retailers and local cable sellers.

Limits:

• Up to 150 customers
• 1 branch
• 1 router integration
• 2 staff users
• Manual payment collection
• Basic invoices and receipts
• Basic reports
• Customer status management
• SMS/WhatsApp manual template support
• Email support

Growth Plan — PKR 3,499/month

For growing ISPs and multi-area operators.

Limits:

• Up to 750 customers
• 3 branches
• 5 routers
• 10 staff users
• Retailer/reseller module
• Online payment gateway support
• Automated reminders
• Complaint/ticket system
• IP pool management
• Package management
• Advanced reports
• WhatsApp/SMS integration
• Priority support

Pro Plan — PKR 6,999/month

For advanced ISPs.

Limits:

• Up to 2,500 customers
• 10 branches
• 20 routers
• 30 staff users
• RADIUS / PPPoE integration
• MikroTik API integration
• Static and dynamic IP management
• OLT/ONU module
• Commission management
• Role-based access control
• Bulk invoice generation
• Automated suspension/reactivation
• API access
• Audit logs
• Priority support

Enterprise Plan — Custom / Starting PKR 15,000+/month

For large ISPs and white-label clients.

Includes:

• Unlimited or custom customer limits
• Multi-company / franchise model
• Dedicated onboarding
• Custom payment gateway
• White-label domain
• Custom branding
• Advanced router automation
• Custom modules
• Data migration
• Dedicated account manager
• SLA-based support
• On-premise or private cloud option

3.3 Add-ons

• Extra 1,000 customers: PKR 1,000/month
• Extra branch: PKR 500/month
• Extra router: PKR 500/month
• WhatsApp API: pass-through cost + platform margin
• SMS credits: prepaid wallet
• White-label domain: PKR 3,000/month
• Custom report builder: PKR 2,000/month
• Advanced API access: PKR 3,000/month
• Data migration service: one-time fee
• Training/onboarding: one-time fee

---

4. SaaS Super Admin Features

4.1 Tenant Management

• Create ISP tenant
• Approve/reject tenant signup
• View tenant status
• Suspend tenant
• Delete tenant with soft-delete protection
• Impersonate tenant admin securely
• View tenant usage:
  • Customers
  • Staff
  • Routers
  • Storage
  • SMS credits
  • Monthly invoices
• Tenant health score
• Trial status
• Subscription status
• Payment status
• Overdue status

4.2 Plan and Module Management

• Create subscription plan
• Edit plan price
• Set monthly/yearly pricing
• Set customer limits
• Set branch limits
• Set router limits
• Enable/disable modules per plan
• Define trial length
• Define grace period
• Define upgrade/downgrade logic
• Coupon system
• Promo code system
• Lifetime deal option
• Regional pricing option

4.3 SaaS Billing

• Generate tenant invoice
• Online SaaS subscription payment
• Manual payment approval
• Subscription expiry rules
• Auto suspend tenant after grace period
• Invoice PDF
• Receipt PDF
• Payment history
• Refund record
• Tax record
• Ledger per tenant

4.4 Global Configurations

• App name
• Logo
• Favicon
• Default currency
• Default timezone
• Default language
• Maintenance mode
• Default trial days
• Default grace days
• Global tax settings
• Global invoice prefix
• Global email sender
• Global SMS sender
• Global WhatsApp provider
• Global payment providers
• System notification templates

4.5 Legal and Compliance Pages

• Terms and conditions
• Privacy policy
• Refund policy
• Acceptable use policy
• Service agreement template
• Data processing agreement
• Cookie policy
• Customer KYC policy
• Tenant onboarding declaration
• Abuse reporting process

---

5. ISP Company Admin Features

5.1 Company Profile

• Company name
• Logo
• NTN/STRN if applicable
• Contact number
• Email
• Address
• Website
• Social links
• Invoice footer
• Receipt footer
• Terms on invoice
• Default currency
• Default billing cycle
• Timezone
• Language
• Branding color
• White-label subdomain

5.2 Branch Management

• Add branch
• Assign manager
• Assign areas
• Branch address
• Branch contact
• Branch revenue report
• Branch due report
• Branch customer count
• Branch staff list
• Branch-wise package availability

5.3 Area Management

• Add city
• Add town
• Add area
• Add sector/block/street
• Assign retailer/reseller to area
• Area-wise customer report
• Area-wise pending bills
• Area-wise active/inactive report
• Area-wise complaints
• Area-wise network device mapping
• Area-wise fiber/cable route notes

5.4 Staff and Permission Management

• Add staff user
• Assign role
• Custom permissions
• Branch-level access
• Area-level access
• IP-restricted login
• Two-factor authentication
• Staff activity logs
• Staff collection report
• Disable staff
• Password reset
• Login history

---

6. Customer Management

6.1 Customer Profile

Fields:

• Customer ID
• Full name
• Father/husband name optional
• CNIC optional/required by company setting
• Mobile number
• WhatsApp number
• Email
• Address
• City
• Area
• Street/house number
• GPS coordinates
• Installation date
• Connection type
• Package
• Monthly fee
• Status
• Assigned router
• Assigned reseller
• Assigned collection agent
• Customer photo
• CNIC front/back
• Agreement document
• Notes
• Tags

6.2 Customer Status

Statuses:

• Lead
• Pending installation
• Active
• Inactive
• Suspended
• Overdue
• Terminated
• Shifted
• Temporary hold
• Legal/disputed
• Blacklisted

Status rules:

• Active customer can generate bill
• Suspended customer cannot use internet if router integration is enabled
• Inactive customer does not generate new monthly bill unless configured
• Terminated customer is archived but not hard-deleted
• Blacklisted customer cannot be recreated without admin approval

6.3 Customer Actions

• Add customer
• Edit customer
• Import customers by Excel/CSV
• Export customers
• Assign package
• Change package
• Move customer to another area
• Transfer customer to another reseller
• Activate customer
• Suspend customer
• Reconnect customer
• Terminate customer
• Add deposit/security amount
• Upload documents
• Print customer form
• View customer ledger
• View technical credentials
• View support history
• View payment history
• Send reminder
• Send invoice
• Generate receipt

---

7. Package and Plan Management

7.1 Internet Packages

Fields:

• Package name
• Speed download
• Speed upload
• Data limit optional
• Monthly price
• Installation charges
• Security deposit
• Validity days
• Billing cycle
• Router profile name
• RADIUS profile
• MikroTik profile
• Static IP allowed
• Public IP allowed
• Tax included/excluded
• Area availability
• Reseller availability
• Status active/inactive

7.2 Package Rules

• Package upgrade
• Package downgrade
• Prorated billing
• Mid-cycle package change
• Free days
• Discount rules
• Late fee rules
• Reconnection fee
• Installation fee
• Refund logic
• Grace period
• Auto suspension after due date

---

8. Billing System

8.1 Billing Models

Support multiple billing models:

• Monthly prepaid
• Monthly postpaid
• Fixed billing date
• Customer anniversary date billing
• Area-wise billing cycle
• Reseller-wise billing cycle
• One-time invoice
• Partial month prorated invoice
• Custom invoice
• Bulk invoice generation
• Manual invoice generation
• Auto recurring invoice

8.2 Invoice Features

• Invoice number
• Customer details
• Package details
• Billing month
• Previous balance
• Current charges
• Discount
• Tax
• Late fee
• Installation charges
• Other charges
• Total payable
• Paid amount
• Balance amount
• Due date
• QR code
• Payment link
• Terms and conditions
• PDF download
• Print receipt
• WhatsApp invoice
• SMS invoice

8.3 Payment Collection

Payment types:

• Cash
• Bank transfer
• Easypaisa
• JazzCash
• Card
• Raast
• Cheque
• Wallet
• Adjustment
• Advance payment
• Partial payment
• Refund
• Credit note

Payment flows:

• Manual payment entered by staff
• Manual payment requires approval if enabled
• Online payment auto-confirmed by gateway webhook
• Payment receipt generated automatically
• Customer ledger updated
• Service reactivated if overdue amount cleared
• Commission updated for reseller/agent
• Audit log created

8.4 Payment Approval Workflow

• Collection agent marks payment as collected
• Uploads screenshot/photo if required
• Manager approves/rejects
• If approved:
  • Invoice marked paid/partial
  • Receipt generated
  • Customer ledger updated
• If rejected:
  • Payment remains pending/rejected
  • Reason required
  • Staff notified

8.5 Billing History

For every customer:

• All invoices
• All receipts
• All payments
• All discounts
• All refunds
• All outstanding balances
• All plan changes
• All service suspensions
• All reconnections
• Staff who performed action
• Timestamp and IP address

---

9. Retailer / Reseller Module

9.1 Reseller Profile

Fields:

• Name
• Business name
• Phone
• WhatsApp
• Email
• CNIC
• Address
• Assigned areas
• Parent reseller optional
• Commission type
• Balance
• Security deposit
• Status
• Login access
• Credit limit

9.2 Commission Models

• Fixed amount per active customer
• Percentage of monthly bill
• Package-based commission
• Collection-based commission
• New installation commission
• One-time sale commission
• Tiered commission by customer count
• Area-wise commission
• Manual adjustment

9.3 Reseller Ledger

• Opening balance
• Customer payments
• Commission earned
• Commission paid
• Deductions
• Refunds
• Penalties
• Closing balance

9.4 Reseller Controls

• Limit maximum customers
• Limit assigned packages
• Limit assigned area
• Allow/disallow payment collection
• Allow/disallow customer creation
• Require admin approval for new customers
• Require admin approval for package changes
• Lock reseller if overdue balance

---

10. Router, Network, and IP Management

10.1 Router Management

Fields:

• Router name
• Router type
• Brand
• Model
• IP/host
• API port
• Username
• Encrypted password
• Location
• Branch
• Area
• Status
• Last connected time
• Notes

Supported router concepts:

• MikroTik API
• PPPoE
• Hotspot
• Static IP binding
• DHCP lease
• MAC binding
• Queue/simple queue
• Firewall address list
• NAT notes
• Bandwidth profile mapping

10.2 Router Credential Security

• Never store plain-text passwords
• Encrypt credentials using application encryption
• Restrict credential visibility by permission
• Mask credentials by default
• Log every credential view
• Rotate credentials reminder
• Store API token where possible
• Test connection button
• Connection failure alerts

10.3 PPPoE / RADIUS

Features:

• Create PPPoE username/password
• Auto-generate secure password
• Assign profile
• Assign static IP optional
• Enable/disable user
• Expiry date
• Online/offline status
• Session history
• Disconnect active session
• Auto suspend overdue users
• Auto reactivate paid users
• RADIUS accounting support
• Usage tracking optional

10.4 IP Management

Types:

• Dynamic private IP
• Static private IP
• Static public IP
• CGNAT pool
• Management IP
• Router IP
• ONU/ONT IP
• Server IP

Features:

• IP pool creation
• Subnet management
• Assign IP to customer
• Reserve IP
• Release IP
• IP conflict detection
• Used/free IP report
• Static IP billing add-on
• Public IP monthly charge
• IP history
• Bulk IP import
• CIDR validation

10.5 OLT / ONU Module

Features:

• OLT profile
• ONU/ONT serial number
• Customer mapping
• Port/PON mapping
• Signal level
• Online/offline status
• MAC address
• VLAN
• Assigned package
• Installation location
• Technician notes
• Device replacement history

---

11. Device and Inventory Management

11.1 Inventory Items

• Router
• ONU/ONT
• Fiber cable
• CAT6 cable
• Media converter
• Switch
• Pole box
• Splitter
• Connector
• Patch cord
• Power adapter
• Tools
• Other custom items

11.2 Inventory Features

• Add stock
• Issue stock
• Return stock
• Assign device to customer
• Assign device to technician
• Warranty tracking
• Serial number tracking
• Purchase price
• Sale price
• Vendor details
• Low stock alerts
• Damaged stock
• Lost stock
• Inventory valuation report

---

12. Support and Complaint System

12.1 Ticket Types

• No internet
• Slow speed
• Payment issue
• Package change
• Router issue
• Wire/fiber cut
• Installation request
• Relocation request
• Refund request
• Other

12.2 Ticket Features

• Create ticket
• Assign to staff
• Priority low/medium/high/urgent
• SLA timer
• Customer updates
• Internal notes
• Photo upload
• Voice note optional
• Status:
  • Open
  • In progress
  • Waiting customer
  • Resolved
  • Closed
  • Reopened
• Escalation rules
• Technician visit schedule
• Resolution report
• Customer feedback

---

13. Notifications

13.1 Channels

• Email
• SMS
• WhatsApp
• In-app notification
• Push notification for future mobile app

13.2 Notification Events

• New customer created
• Invoice generated
• Payment received
• Payment rejected
• Bill due reminder
• Overdue reminder
• Service suspended
• Service reactivated
• Package changed
• Ticket created
• Ticket updated
• Trial expiring
• Subscription expiring
• Staff login alert
• Router offline alert
• Low stock alert

13.3 Template Variables

Use variables:

• {{customer_name}}
• {{customer_id}}
• {{invoice_no}}
• {{amount}}
• {{due_date}}
• {{payment_link}}
• {{company_name}}
• {{package_name}}
• {{support_phone}}
• {{reseller_name}}

---

14. Customer Portal

14.1 Customer Login

• Login by mobile number + OTP
• Login by customer ID + password
• Optional CNIC verification
• Captcha on repeated attempts
• Device/session management

14.2 Customer Dashboard

• Current package
• Current status
• Due amount
• Due date
• Payment button
• Latest invoice
• Payment history
• Ticket status
• Usage summary if available
• Notices from ISP

14.3 Customer Actions

• Pay bill
• Download invoice
• Download receipt
• Submit complaint
• Request package change
• Request relocation
• Update contact number request
• View terms
• Contact support

---

15. Reporting and Analytics

15.1 Financial Reports

• Daily collection
• Monthly revenue
• Outstanding dues
• Paid invoices
• Unpaid invoices
• Partial payments
• Refunds
• Discounts
• Late fees
• Tax report
• Cash vs online collection
• Agent-wise collection
• Reseller-wise collection
• Branch-wise revenue
• Area-wise revenue

15.2 Customer Reports

• Active customers
• Inactive customers
• Suspended customers
• New customers
• Lost customers
• Churn report
• Package-wise customers
• Area-wise customers
• Reseller-wise customers
• Overdue customers
• High-value customers

15.3 Network Reports

• Router status
• Online/offline users
• IP pool utilization
• Static IP assignments
• PPPoE session report
• Device assignment report
• OLT/ONU status report
• Bandwidth profile mapping

15.4 Staff Reports

• Staff login history
• Staff actions
• Collection agent performance
• Ticket handling report
• Technician performance
• Manual payment approvals
• Suspicious activity report

15.5 SaaS Reports for Super Admin

• Monthly recurring revenue
• Annual recurring revenue
• Trial conversion rate
• Churn rate
• Active tenants
• Suspended tenants
• Plan-wise tenants
• Gateway revenue
• Failed payments
• Support tickets by tenant

---

16. Security Requirements

16.1 Authentication

• Secure login
• Email verification
• Phone verification optional
• Two-factor authentication
• Password reset
• Strong password policy
• Login attempt throttling
• Captcha after failed attempts
• Session timeout
• Device logout
• Staff account lock

16.2 Authorization

• Role-based access control
• Permission-based actions
• Tenant-level isolation
• Branch-level isolation
• Area-level isolation
• Reseller-level isolation
• API token scopes
• Super admin impersonation with audit log
• No cross-tenant data leakage

16.3 Data Protection

• Encrypt router passwords
• Encrypt sensitive API keys
• Mask CNIC and phone where needed
• Secure file uploads
• Virus/mime validation
• Private document storage
• Signed download URLs
• Database backups
• Backup encryption
• Disaster recovery process

16.4 Application Security

• CSRF protection
• XSS protection
• SQL injection prevention via ORM/query binding
• Request validation
• Rate limiting
• API throttling
• Webhook signature verification
• Secure headers
• CORS policy
• Audit logs
• Activity logs
• Error logging without exposing secrets
• Production debug disabled
• Environment variable protection

16.5 Audit Logs

Track:

• Login/logout
• Failed login
• Password changes
• Payment creation/edit/delete
• Invoice generation
• Customer status changes
• Package changes
• Router credential view/update
• IP assignment
• Staff permission changes
• Tenant subscription changes
• Super admin impersonation

---

17. Validation Requirements

17.1 Customer Validation

• Name required
• Phone required and unique per tenant
• Customer ID unique per tenant
• CNIC format optional/required by setting
• Area required
• Package required for active customer
• Address required
• Duplicate phone warning
• Duplicate CNIC warning
• Duplicate MAC/IP warning

17.2 Billing Validation

• Invoice amount cannot be negative
• Paid amount cannot exceed due amount unless advance payment allowed
• Manual discount requires permission
• Payment date cannot be too far in future
• Deleted payment requires admin reason
• Payment reversal requires audit log
• Online payment webhook must be idempotent

17.3 Router/IP Validation

• IP must be valid IPv4/IPv6
• CIDR must be valid
• IP cannot be assigned twice
• Router credential required for integration
• API port numeric
• PPPoE username unique per tenant/router
• MAC address format validation
• Static IP must belong to assigned pool

17.4 SaaS Validation

• Tenant slug unique
• Plan limit enforced
• Trial cannot be restarted without super admin permission
• Expired subscription cannot create new resources
• Add-on limits enforced
• Payment gateway credentials validated before enabling

---

18. Performance and Optimization

18.1 Backend Optimization

• Use queues for invoice generation
• Use queues for SMS/WhatsApp/email
• Use queues for router sync jobs
• Use cache for dashboard stats
• Use database indexes
• Use pagination on large tables
• Use background exports
• Use chunked imports
• Use Redis for cache/queues if available
• Use Horizon for queue monitoring if using Redis
• Optimize Eloquent queries
• Avoid N+1 queries
• Use read replicas for enterprise if needed
• Archive old logs

18.2 Frontend Optimization

• Lazy-load reports
• Server-side datatables for large data
• Debounced search
• Minimal dashboard widgets
• Responsive mobile-first UI
• Offline-friendly collection screens later
• Fast receipt printing
• Dark mode optional

18.3 Database Optimization

Recommended indexes:

• tenant_id
• customer_id
• phone
• area_id
• branch_id
• reseller_id
• status
• invoice_month
• due_date
• payment_date
• router_id
• ip_address

Use soft deletes for sensitive business records.

---

19. Legal and Compliance

19.1 Documents to Support

• Customer service agreement
• Installation form
• CNIC/KYC document
• Payment receipt
• Tax invoice if applicable
• Refund record
• Complaint record
• Device handover form
• Terms acceptance
• Privacy consent

19.2 Compliance Features

• Customer consent checkbox
• KYC required toggle
• Data retention policy
• Customer data export
• Customer deletion/anonymization request
• Audit trail
• Payment proof storage
• Legal notice template
• Abuse/illegal usage complaint record
• Blacklist record
• Staff access policy

19.3 Important Disclaimer

The product should provide configurable compliance tools, but the SaaS provider must not claim that the software itself guarantees legal compliance. Each ISP should consult local telecom, tax, cybercrime, and data-protection requirements.

---

20. Unique Differentiators

To make the product stronger than ordinary billing systems, include:

20.1 Area Profitability Map

Show which areas are profitable or loss-making based on:

• Total customers
• Revenue
• Dues
• Complaints
• Network incidents
• Reseller commission
• Device cost
• Churn

20.2 Smart Collection Route

For collection agents:

• Show unpaid customers by location
• Prioritize high overdue amount
• Mark visit status
• Capture proof
• Track daily collection route

20.3 Risk Score for Customers

Calculate risk score using:

• Late payments
• Complaint frequency
• Disconnection history
• Partial payment pattern
• Manual adjustment history

20.4 Reseller Trust Score

Calculate reseller quality using:

• Collection accuracy
• Customer churn
• Payment delays
• Complaint ratio
• Rejected manual payments
• Growth rate

20.5 Smart Suspension Rules

Allow ISP to define:

• Suspend after X overdue days
• Do not suspend VIP customers
• Do not suspend if partial payment above X%
• Suspend only after sending reminder
• Grace period for specific area/reseller
• Auto-reactivate after full payment

20.6 Network Credential Vault

Securely store:

• Router credentials
• PPPoE credentials
• OLT credentials
• Gateway keys
• API secrets

With:

• Masking
• Permission control
• View logs
• Rotation reminders

20.7 WhatsApp Mini-CRM

• Payment reminders
• Invoice sending
• Complaint replies
• Broadcast area notice
• Payment confirmation
• Package promotion

20.8 Low-Cost Offline Collection Mode

Future mobile app/PWA feature:

• Agent can view assigned unpaid list offline
• Mark payment offline
• Sync when internet available
• Conflict resolution during sync

20.9 ISP Health Score

For company admin:

• Revenue trend
• Overdue percentage
• Customer churn
• Support load
• Router health
• Area profitability
• Collection efficiency

---

21. Best-Case Handling

The system must handle:

• Thousands of customers
• Bulk invoice generation
• Online payments auto-reconciled
• Staff using different permissions
• Retailers managing own areas
• Router automation working normally
• Auto-suspension and reactivation
• Reports loading quickly
• Backups running daily
• Notifications delivered
• Customer portal self-service
• Subscription upgrade/downgrade smoothly
• Tenant moving from trial to paid plan

---

22. Worst-Case Handling

The system must gracefully handle:

22.1 Payment Gateway Failure

• Mark payment as pending
• Retry webhook verification
• Show customer pending status
• Do not duplicate receipt
• Admin reconciliation screen
• Gateway error logs

22.2 Router API Failure

• Queue command for retry
• Show router offline warning
• Do not mark action successful until confirmed
• Manual override option
• Notify network engineer

22.3 Duplicate Webhook

• Use transaction reference idempotency
• Ignore duplicate payment
• Log duplicate event

22.4 Partial Payment

• Invoice remains partial
• Balance carried forward
• Suspension rule checks remaining amount
• Receipt generated for paid amount only

22.5 Staff Fraud

• Payment edits logged
• Payment deletion restricted
• Approval workflow
• Suspicious activity report
• Daily cash closing report

22.6 Tenant Subscription Expired

• Grace period
• Read-only mode
• Export allowed if policy permits
• Data retained for defined period
• Auto suspension after grace
• Reactivation after payment

22.7 Large Import Failure

• Validate before import
• Show row-wise errors
• Import valid rows only if configured
• Rollback option
• Download error file

22.8 Data Loss Risk

• Daily backup
• Backup restore test
• Point-in-time recovery for enterprise
• Soft deletes
• Audit logs

22.9 Security Breach Attempt

• Lock account
• Notify admin
• Rate limit
• IP block optional
• Force password reset
• Audit suspicious actions

---

23. Suggested Laravel Architecture

23.1 Recommended Packages / Concepts

Use Laravel with:

• Laravel Sanctum or Passport for API authentication
• Laravel Cashier only if compatible with selected gateway, otherwise custom subscription billing
• Spatie Laravel Permission for roles/permissions
• Spatie Activitylog for audit logs
• Laravel Queue for background jobs
• Redis for cache/queue/session if available
• Laravel Scheduler for recurring billing
• Laravel Notifications for email/SMS/WhatsApp
• Laravel Storage for private documents
• Laravel Policies/Gates for authorization
• Laravel Form Requests for validation
• Laravel Events/Listeners for billing/payment/customer status automation

23.2 Multi-Tenancy Approach

Preferred options:

Option A: Single Database, Tenant ID Column

Best for affordable SaaS launch.

Pros:

• Easier to build
• Lower cost
• Easier reporting
• Easier maintenance

Cons:

• Requires strict tenant isolation
• Large scale needs careful indexing

Option B: Database Per Tenant

Best for enterprise later.

Pros:

• Stronger isolation
• Easier enterprise backup/restore

Cons:

• More complex
• Higher infrastructure cost

Recommended: Start with single database + tenant_id, then offer database-per-tenant for enterprise.

23.3 Core Modules

Suggested Laravel modules:

• Auth
• SaaS Billing
• Tenant Management
• Company Settings
• User & Role Management
• Branch Management
• Area Management
• Customer Management
• Package Management
• Billing & Invoicing
• Payment Collection
• Payment Gateways
• Reseller Management
• Router Management
• IP Management
• Inventory
• Support Tickets
• Notifications
• Reports
• Audit Logs
• Customer Portal
• API
• Admin Settings

23.4 Suggested Database Tables

Core:

• tenants
• tenant_subscriptions
• tenant_plans
• tenant_plan_features
• tenant_invoices
• tenant_payments
• users
• roles
• permissions
• branches
• areas
• customers
• customer_documents
• customer_status_logs
• internet_packages
• invoices
• invoice_items
• payments
• payment_approvals
• receipts
• resellers
• reseller_ledgers
• commissions
• routers
• router_credentials
• router_logs
• pppoe_accounts
• ip_pools
• ip_addresses
• ip_assignments
• devices
• inventory_items
• inventory_transactions
• support_tickets
• ticket_comments
• notifications
• sms_logs
• whatsapp_logs
• email_logs
• gateway_transactions
• webhook_events
• activity_logs
• settings
• backups

---

24. API Requirements

24.1 Internal API

• Dashboard stats
• Customer CRUD
• Billing CRUD
• Payment CRUD
• Ticket CRUD
• Router sync
• Notification sending
• Reports

24.2 Public/Partner API

For Pro/Enterprise:

• Create customer
• Get customer status
• Get invoice
• Mark external payment
• Create support ticket
• Get package list
• Webhook for payment status
• Webhook for customer status

24.3 API Security

• Token scopes
• Rate limits
• IP allowlist optional
• Request signing for enterprise
• Webhook secret
• Audit logs
• JSON validation
• Idempotency keys

---

25. Payment Gateway Integrations

25.1 Pakistan-Focused Payment Options

Support:

• Easypaisa
• JazzCash
• Bank transfer/manual
• Raast manual/reference-based flow
• PayFast/PayPro/Safepay if available for business
• Card payments through supported gateway
• Cash collection

25.2 Gateway Features

• Payment link
• Hosted checkout
• Webhook verification
• Transaction reconciliation
• Failed payment retry
• Pending payment status
• Refund record
• Gateway fee record
• Settlement report
• Manual override with permission

---

26. Minimum Viable Product

Phase 1 — MVP

Must include:

• SaaS tenant signup
• 7-day trial
• Super admin dashboard
• ISP company dashboard
• Role-based login
• Branch/area management
• Customer management
• Package management
• Manual invoice generation
• Bulk monthly billing
• Manual payment collection
• Receipt generation
• Customer status active/inactive/suspended
• Reseller basic module
• Reports basic
• Audit logs basic
• Settings
• PDF invoice/receipt
• SMS/WhatsApp manual link support

Phase 2 — Automation

Add:

• Online payment gateway
• Payment webhook
• Automated reminders
• Auto suspension rules
• Customer portal
• Complaint ticketing
• Collection agent workflow
• Advanced reseller commission
• Import/export
• Dashboard analytics

Phase 3 — Network Integration

Add:

• MikroTik API
• PPPoE user management
• Router profile mapping
• IP pool management
• Static IP assignment
• Online/offline status
• RADIUS integration
• Auto reactivation after payment

Phase 4 — Enterprise

Add:

• OLT/ONU module
• White-label
• API access
• Multi-branch advanced controls
• Advanced reports
• Mobile/PWA offline collection
• SLA support
• Database-per-tenant option
• AI risk scoring
• Area profitability

---

27. UI/UX Requirements

27.1 Dashboard Widgets

For ISP admin:

• Total customers
• Active customers
• Suspended customers
• Monthly revenue
• Today collection
• Pending dues
• New complaints
• Router status
• Top unpaid areas
• Collection agent performance
• Trial/subscription status

For reseller:

• My customers
• My monthly collection
• Pending dues
• Commission earned
• New customers
• Complaints

For customer:

• Due amount
• Payment button
• Current package
• Service status
• Latest invoice
• Open tickets

27.2 Design Principles

• Mobile-first
• Urdu/English optional future support
• Fast search
• Simple billing screens
• Print-friendly receipts
• Clear status badges
• Minimal clicks for payment collection
• Dark/light mode optional
• Role-specific dashboard

---

28. Acceptance Criteria

The product is acceptable when:

• A SaaS super admin can create and manage subscription plans
• A new ISP can register and receive a 7-day trial
• Trial expiry blocks restricted actions
• ISP admin can add customers, packages, areas, and resellers
• Monthly bills can be generated in bulk
• Manual payments can be collected with receipt
• Online payment webhook can update invoice safely
• Customer status can change active/inactive/suspended
• Reseller can only see own customers
• Staff permissions are enforced
• Audit logs record sensitive actions
• Router credentials are encrypted
• IP assignment prevents duplicate IPs
• Reports show accurate revenue and dues
• System handles duplicate webhooks
• System prevents cross-tenant data access
• Backups and logs are configured

---

29. Developer Master Prompt

Use this prompt to instruct an AI developer, team, or code generation assistant.

You are an expert Laravel SaaS architect and senior full-stack engineer. Build a modular multi-tenant SaaS ISP Management System for Pakistan-focused ISPs, local cable internet sellers, retailers, resellers, and area-wise internet providers.

The platform must support:
- SaaS super admin
- 7-day free trial
- Monthly/yearly subscription plans
- Tier-based module access
- ISP company admin
- Branch managers
- Retailers/resellers/sub-resellers
- Collection agents
- Network engineers
- Support agents
- Customer portal users

Build the system in Laravel using a clean modular architecture. Use role-based and permission-based access control. Enforce tenant isolation using tenant_id on all tenant-owned business tables. All sensitive actions must be logged.

Core modules:
1. SaaS tenant and subscription management
2. Super admin dashboard
3. Company settings
4. Staff, roles, and permissions
5. Branch and area management
6. Customer management
7. Internet package management
8. Invoice and billing system
9. Manual and online payment collection
10. Payment approval workflow
11. Reseller/retailer management
12. Commission and reseller ledger
13. Router management
14. PPPoE/RADIUS/MikroTik-ready network management
15. Static/dynamic IP pool management
16. Inventory/device management
17. Support ticket system
18. Customer portal
19. Notification system
20. Reports and analytics
21. Audit logs
22. Legal/compliance document management
23. API and webhooks

Important business rules:
- Every new tenant gets a 7-day free trial.
- After trial expiry, tenant enters grace/read-only mode unless subscribed.
- Subscription plans control customer limit, branch limit, router limit, staff limit, and modules.
- Manual payment can require approval based on company setting.
- Online payment webhook must be idempotent.
- Invoice cannot be duplicated for the same customer and billing period unless explicitly allowed.
- Customer status must control billing and router automation.
- Resellers can only access assigned areas/customers.
- Collection agents can only collect assigned payments.
- Router credentials must be encrypted and masked.
- IP addresses cannot be assigned twice.
- Every sensitive action must create an audit log.

Security:
- Use CSRF protection, request validation, RBAC, policies, tenant middleware, rate limiting, encrypted secrets, webhook signature verification, and secure file uploads.
- Never expose cross-tenant data.
- Do not store router passwords in plain text.
- Use queues for invoice generation, notification sending, gateway verification, and router API operations.
- Use cache for dashboard stats and report summaries.
- Use database indexes on tenant_id, customer_id, area_id, branch_id, reseller_id, status, due_date, payment_date, router_id, and ip_address.

Deliverables:
- Database schema/migrations
- Models and relationships
- Controllers/services/jobs/events/listeners
- Policies and permissions
- Form request validations
- Admin dashboards
- API endpoints
- Payment gateway abstraction
- Router integration abstraction
- Reports
- Audit logging
- Test cases for billing, payment, tenant isolation, permissions, webhook idempotency, and IP assignment
- Seeders for demo data
- Deployment guide
- Backup strategy

Build phase-wise:
Phase 1 MVP: Tenant signup, trial, plans, customers, packages, billing, manual payments, resellers, reports, audit logs.
Phase 2 Automation: Gateway payments, customer portal, reminders, tickets, approval workflow.
Phase 3 Network: MikroTik/PPPoE/RADIUS, IP pools, static IP, auto suspension/reactivation.
Phase 4 Enterprise: OLT/ONU, white-label, API, advanced analytics, offline collection, enterprise isolation.

The product should be affordable, reliable, secure, scalable, and simple enough for small Pakistani ISPs while powerful enough for enterprise operators.

---

30. Launch Strategy

30.1 Target Customers

• Local cable internet sellers
• Small ISPs with 50–500 customers
• Growing ISPs with 500–2,500 customers
• Retailers/resellers managing specific areas
• Housing society internet providers
• Apartment internet providers
• Fiber/local broadband operators

30.2 Positioning

Use messaging like:

• “Affordable ISP billing and management software for Pakistan”
• “Manage customers, bills, payments, resellers, and routers in one dashboard”
• “Built for local cable internet and fiber operators”
• “Start free for 7 days”
• “No spreadsheet, no confusion, no missed payments”

30.3 Sales Hooks

• Free trial
• Free demo data
• WhatsApp onboarding
• Import existing Excel customers
• Low monthly pricing
• Manual cash collection support
• Retailer/reseller control
• Urdu-friendly future roadmap
• MikroTik automation roadmap

30.4 Go-To-Market

• Facebook groups for ISP/MikroTik communities
• WhatsApp reseller networks
• Local ISP equipment sellers
• MikroTik consultants
• YouTube demos in Urdu/Hindi
• SEO pages:
  • ISP billing software Pakistan
  • cable internet billing software
  • MikroTik billing software Pakistan
  • reseller internet management system
  • ISP customer management software
• Referral program for IT technicians
• Lifetime early adopter deal

---

31. Roadmap Checklist

MVP Checklist

• SaaS super admin login
• Tenant signup
• 7-day trial
• Subscription plan setup
• Company dashboard
• Staff roles
• Branches
• Areas
• Customers
• Packages
• Invoice generation
• Manual payments
• Receipts
• Resellers
• Basic reports
• Audit logs
• Settings
• PDF export
• Import/export

Advanced Checklist

• Online payments
• Webhooks
• Customer portal
• SMS/WhatsApp automation
• Support tickets
• Collection agents
• Commission ledger
• MikroTik API
• PPPoE
• RADIUS
• IP pools
• Static IP billing
• Inventory
• OLT/ONU
• White-label
• Public API
• Mobile/PWA
• AI risk scores

---

32. Final Product Principle

This SaaS should not only be a billing system. It should become the operational control center for small and medium ISPs.

The strongest product will combine:

• Simple customer management
• Reliable billing
• Easy payment collection
• Strong reseller controls
• Secure network credential handling
• Router/IP automation
• Local Pakistan payment support
• Affordable PKR subscription
• Clear audit logs
• Practical reports
• Modular scaling from small retailer to enterprise ISP