Developing Web-Based Point of Sales Application with SHA-512 Encryption on DBMS for Indonesian MSME’s Culinary Industry

Efficiency and effectiveness are crucial in the food & beverage industry. Conventional methods employed by companies often lead to discrepancies between actual stock and the stock available for sale, resulting in significant losses. To address this issue, a point-of-sales-based system has been implemented, enabling companies to monitor transaction activities seamlessly. The research utilized the RAD (Rapid Application Development) method to develop a concise and fast software application. Furthermore, hashing and encryption methods have been incorporated to enhance database security, utilizing the SHA-512 algorithm for hashing and data encryption. This research has yielded a point-of-sales website-based application that supports various business processes. The website has been tailored to meet the specific requirements outlined by the company owner. The UAT test results have demonstrated that the application encompasses all the desired features, effectively addressing the company owner's concerns.


INTRODUCTION
The development of the globalization era from year to year has caused many changes in various sectors such as education, government, defense, and business space.According to the understanding, globalization is a global network framework that jointly unites all societies that were initially scattered and isolated in a world of dependence and unity [1].The development of globalization from year to year causes many changes that occur in human activities in this world.These developments began to be adopted and used by humans to carry out their activities; one of the most dominant examples is the advancement of Internet technology.
The development of Internet technology has begun to be used for several sectors of human life; one example is the business sector.One of the uses of technology in the business sector is a point-of-sales system.Point of sales is a computerized activity to assist the sales and transaction processes [2].This system is very helpful Regant Fernando 1 , Jansen Wiratama | 1021 in calculating stock, recording transaction flows, making profit or loss reports, and changing conventional recording methods to computerized forms [3].MSME's Culinary Pempekis a business engaged in the food sector, selling Palembang's original pempek.This business has been running for a long time and has been a hereditary business in the family until now.MSME's Culinary Pempek sells various types of pempek, such as egg pempek, round, kapal selam, etc.It already has many branches, especially in the North Jakarta area, specifically the Kelapa Gading area, and has opened branches through several malls in Jakarta and Tangerang.In business processes, the transaction recording process still uses physical form (paper); from this, there is often a shortage of sales calculations during the weekly or monthly data recap process at each branch; besides that, the owner also finds it challenging to calculate profits or perform sales analysis from all branches because transactions that take place still use conventional methods and require a lot of time to process transaction data because there is not only one branch.
Based on the problems above, it is necessary to design a computerized Point of Sales system to make it easier for the MSME's Culinary Pempek store to manage transactions and other web-based data management using the RAD (Rapid Applications Development) method and testing to do UAT (User Acceptance Testing).RAD is a system development process with several advantages, namely short and fast stages, such as the stages in requirement planning; the goal is to identify the purposes of an application or a system [4].RAD, also known as design workshops or modeling, is used to build a visual appearance and system workflow and other stages for system development and the testing process [5].Hence, the RAD method is appropriate for website-based system development with short quality [6].In addition, the testing process uses UAT (User Acceptance Testing) [7], which is a test of a system that has been developed or designed by the tester as a user (user) who uses the system so that it will produce documents that can be evidence that a user accepts this development and considers the user's needs have been fulfilled [8].
The point of sales application that was built aims as a tool to assist business processes in terms of transactions [9]; this designed point of sales can also be implemented for MSMEs (Small Micro Medium Enterprises) that have not yet implemented an application into their business processes and can help advance these MSMEs from implementing applications.The point of sales application that was built also improves in terms of database security by implementing SHA-512 hashing and AES-256 encryption; the purpose of this application is to create good data security and prevent data leakage so that data cannot be misused for things that are detrimental from various sides because data is an essential asset for the company [10].
The choice of SHA-512 hash is compared to the general hash method, namely MD5 because SHA-512 has several advantages in terms of bit length that can accommodate hashing up to 512 bits.In comparison, MD5 can only accommodate 128 bits.Regarding security, SHA-512 is safer than MD5, which is prone to collisions; two different inputs can produce the same hash result [11].Meanwhile, AES-256 was chosen as encryption because AES-256 is the worldwide encryption security standard and is difficult to crack by brute force [12].

METHODS
Research methodology for web-based applications involves a structured approach to studying these online platforms.It starts by setting clear goals, like understanding user experiences or testing security.Data is collected using methods like surveys or user interviews.This data is then carefully analyzed to find important patterns and draw conclusions.Ethical guidelines are followed to protect user privacy.The findings help make the web application better in terms of usability, user satisfaction, and performance.

Figure 1. RAD Methodology
The method chosen in this study is the RAD (Rapid Application Development) method because implementing this method requires a relatively short time and only requires a small number of teams [13].This also applies to this research because it is only done by one person.In addition, meeting user needs can also be realized because there is continuous communication between developers and users.The RAD (Rapid Application Development) system development stages are as follows.

Phase 1-Requirement Planning
This stage combines several parts of the system planning and phases in the SDLC.In this phase, the development team will carry out several activities such as observing and interviewing company owners regarding the problems encountered and finding solutions to these problems, then Regant Fernando 1 , Jansen Wiratama | 1023 distributing questionnaires to employees regarding the needs of the system to be built and conducting literature studies.

Phase 2-User Design
At this stage, the user will fully interact with the developer to design a prototype or design for MSME's Culinary Pempek.The prototype method regarding the system to be built uses a Figma supporting application [14]; besides creating UML, ERD, use case diagrams, and activity diagrams, use the help of the draw.ioapplication.In addition, for the test process using alpha testing and conducting evaluations.

Phase 3-Construction
At this stage, it is devoted to the development team, commonly called programmers; the main goal is to only focus on developing applications that suit user needs following the results of the previous user design.In the process of designing an application, using several tools support the process, such as using the visual studio code application for the website coding process and using the Laravel framework in its implementation [15]; besides that, there are also implementations of PHP, JavaScript, and Bootstrap, which have their respective advantages in building a website.
In terms of data storage, using MySQL as the database of the website that was built and implementing SHA-512 for data encryption, thereby increasing the security of the database.

Phase 4-Cutover Phase
This cutover phase is the phase of transition, testing, and switching to a new system and application training for users who use the system.In this phase, there is a test of the system being built; the test uses the UAT (User Acceptance Test) method with the BlackBox Testing model.

Figure 2. SHA-512 Algorithm
In addition to the system development method applied in this research which uses the Rapid Application Development (RAD) development method, this research uses the hashing method to improve database security in applications.There are two comparison algorithms for choosing the hashing method in this study: the SHA-512 algorithm and the MD5 algorithm, shown in Figure 1.The following table shows a comparison of the two algorithms.

Requirement Planning
The interview process conducted was aimed at the owner of MSME's Culinary Pempek.The interview results obtained from the owner through the interview process can be seen in Table 2 below: Recording transactions is still manual, so errors often occur from employees in the transaction recap process because the transaction receipts are often lost.Data processing from each branch is time-consuming regarding transaction reporting because it has more than five branches.There is no system for storing data, making it difficult to find information on the intended data (generally, transaction reports and Warehouses are sent via WhatsApp messages).

Suggestions for websites that are built
The website's appearance is easy to understand and use because the average employee is 25-35 years old and might need help operating if the website display is not easy to understand.The features provided make it easier for the owner, admin, and Warehouse section to record transactions, store data, and facilitate daily business processes.

User Design
The design of a website system starts from the initial stage, namely, forming or designing the system to be built.In this designed research, the system modeling process was carried out using the Unified Modeling Language system modeling, often known as UML.In this UML modeling, three methods are used to visualize the system to be built: use cases, activity diagrams, and class diagrams.The design of the use case diagram attached to Figure 3 has been designed and adapted to the main requirements of the system built for the three users who will use the system, namely the owner, admin, and Warehouse section.The user is called an actor in this use case diagram modeling.
The three actors in the use case diagram above have access rights to the built system (box section).The owner actor has the main right to view reports for each branch, view reports on incoming or outgoing raw materials, manage employees in terms of adding or removing employees, manage raw material purchases, view production reports, view sales transaction reports from each admin who handles branches and manages suppliers.Apart from that, several Warehouse actors have access rights to access the same features as the owner, but several cannot.Warehouse actors have access rights to view incoming or outgoing raw material reports, create incoming or outgoing raw material reports, view production reports, and record and create production reports.Finally, the admin actor has access rights to add transactions, create transaction reports, manage goods, and record stock of goods or products.The design of the activity diagram built is adapted to the design of the use case diagram built in the previous section; this activity diagram is also adapted to the access rights of the system to the actors involved.Figure 4 is an activity diagram for managing goods; the admin can access this activity.The purpose of the activity diagram above is to manage goods in the company, namely adding goods, editing goods, and deleting goods.The series of activities starts with the admin selecting the product menu so that the system will display the product menu.The admin will be given the option to add a product or edit an item.If the admin chooses to add a product, there is no product data in the system, so the system will display a product data form that needs inputting by the admin.If the data has been successfully inputted, the admin needs to save the data.After the data is saved, the system will validate the data; if the validation is successful, the data will be stored in the database; if not, the system will display the data form for repair.However, if the admin wants to edit data, the admin needs to choose a product then the admin will be given the option to edit or delete data; if the admin chooses edit data, the system will display a data form to be edited by the admin as needed, then the data will be stored and validated first if validation is successful the data will be stored in the database, if validation fails, the system will display the data form to be corrected.In another case, if the admin wants to delete data, the data will be deleted, and the changes will be stored in the database.In running business processes, the main process that needs to be executed is to add sales transactions.In Figure 5. above, the activity diagram for adding transactions can be accessed by the admin who serves as a cashier at each branch.The series of activities starts with the admin, who selects the transaction menu then the system will display the transaction menu and transactions that have been successfully made.Admin chooses to add a new transaction so that the system will display the add transaction menu.The admin will look for products according to the items sold, checked based on whether the stock is available; if not, you cannot add the product and will look for other products.The product will be entered into the order, and the system will display the total price if available.If the order data is correct, the admin will save the transaction data, and the system will provide a successful transaction notification.
However, if the order data is incorrect, the admin will delete the product that is not suitable, then will look for the product back based on the stock; if the stock is available, the product will be entered into the order, and the system will display the total price if it is appropriate the admin will store the data, and the system will display a successful transaction notification, which means that the transaction data has been stored in the database.

Construction
Figure 6 shows what stocks have been updated by the Warehouse based on the goods that have been produced.The table aims to find out what items have been inputted by the warehouse department so that the outflow of goods can match the Warehouse and admin stock for each branch because every time you input product stock at a branch, the stock in the Warehouse will automatically decrease.Furthermore, a table shows who inputs product stock in the Warehouse.The process of adding stock can be seen in Figure 7.The Warehouse section will update the Warehouse stock according to the production results produced, the process of adding stock by selecting products to be input into stock in the product table.

Cutover Phase
At the method stage applied to this research, it is necessary to test to ensure the website built is under the requirements requested by the user; the testing process is with a User Acceptance Test or UAT based on the Black Box Testing method for the owner as the company owner and website user.Based on Table 3 shows that all the features related to the previous company or requirements have been successful and running as expected; that way, all the features for the owner, admin, and Warehouse sections have been tested and declared successful.This test is carried out for each role, namely the owner, admin, and Warehouse section, each listed in Table 3. Testing the owner who accesses all menus aims to determine whether each of the previously described needs can be resolved because each requirement received is not only from the owner but from the Warehouse and admin side.Moreover, this system also has a super admin role that can access all menus.
This test is also addressed to a representative from the admin and the Warehouse section; this test is to find out whether the needs of the admin or Warehouse section are appropriate or not so that business processes can run smoothly.Based on these results, every test from the admin side and the Warehouse section is successful and tested, meaning these features are under the requested requirements.

Discussion
The research conducted focused on developing a point-of-sale website design specifically tailored for MSME's Culinary Pempek.The primary goal was to address the existing business process challenges faced by the company.Through a thorough design process, the website was created to incorporate various features and functions that would enhance the efficiency and effectiveness of the company's ongoing operations.
The design process involved utilizing Visual Studio Code as the primary coding platform and MySQL database for storing and managing the necessary data.The development followed the RAD (Rapid Application Development) method, which encompassed several crucial steps such as requirement planning, user design prototype design, UML (Unified Modeling Language) design, and the creation of database and class diagrams.
During the construction phase, the website was coded and implemented with the user design prototype to ensure a seamless and user-friendly experience.Rigorous user testing was conducted to identify any potential issues and make necessary improvements.This testing phase played a pivotal role in verifying the website's functionality and user-friendliness, ensuring that it met the established user requirements set during the planning stage.
One of the key aspects emphasized during the development process was database security.Cryptographic techniques, including hashing and encryption, were integrated into the website's design to safeguard sensitive data.Specifically, SHA-512, a secure hash algorithm with a 512-bit length, was employed to enhance database security, particularly for login credentials such as user passwords.By utilizing database hashing and encryption, the research aimed to significantly

CONCLUSION
In conclusion, the research successfully developed a point-of-sale website design for MSME's Culinary Pempek that effectively addresses the identified business process challenges.The website incorporates various features to enhance efficiency and effectiveness, and the development process followed the RAD method.Rigorous user testing confirmed the success of the website, ensuring that it met the expectations and requirements of the users.Furthermore, the research prioritized database security by implementing hashing and encryption techniques to protect sensitive data.Overall, this research project achieved the objective of creating a point-of-sale website design that effectively addresses business challenges while prioritizing data security.

Figure 6 .
Figure 6.User interface of product stock

Figure 7 .
Figure 7. User interface of add transactions.

Table 1 .
MD5 vs SHA-512 Algorithm Comparison Based on Table1regarding the results of comparing the MD5 and SHA-512 algorithms, this study will apply SHA-512 in designing MSME's Culinary Pempek website-based applications.The SHA-512 algorithm was chosen because it is more suitable for implementing web-based applications.The implementation of the SHA-512 Algorithm is limited to standard/default configurations.

Table 3 .
User acceptance test results.