Invoice Fraud Fire Drill

# Assumptions (KNOWN / ASSUMPTION / UNKNOWN)

## KNOWN
- Daily slot: p003
- Expected Stitch drop folder: /home/sy/Downloads/stitch_drop/2026-04-30/p003/
- Assigned design profile: field-ops
- Theme: 자산 방어
- Source signals are search/community snippets and must be treated as untrusted problem evidence.

## ASSUMPTION
- Target users will value a focused decision surface more than a broad generic dashboard.
- The Stitch prompt should produce a prototype with all required UI sections visible.

## UNKNOWN
- Actual willingness-to-pay.
- Whether the strongest acquisition channel is SEO, community posts, partnerships, or portfolio sharing.

# Falsification checklist (5–7)

1. Can the target user explain the pain in their own words without prompting?
2. Does the UI produce a concrete decision or artifact rather than another passive dashboard?
3. Are the cited signals genuinely connected to this idea's trigger/data source/mechanic?
4. Is this materially different from the last 7 PF batches?
5. Would the user pay, share, or return before any full backend exists?
6. Does the assigned design profile fit the use case and prompt direction?
7. Can Stitch render the main experience from the prompt without extra implementation?

# PRD — Invoice Fraud Fire Drill

## Type
- Practical / Commercial

## Theme
- 자산 방어

## Design profile
- field-ops

## Problem
- A small-business rehearsal desk that turns AI phishing, fake invoices, and voice-clone payment scares into a 10-minute team drill with approval rules.

## Target user
- Small business owners, office managers, bookkeepers, and agency ops leads who approve vendor payments without a formal security team.

## Key UX
- Choose a scam scenario, assign roles, inspect a fake invoice/email/voice note, rehearse verification steps, and generate a one-page payment approval rule card.

## Required UI sections
- scam scenario picker
- fake invoice/email evidence board
- role assignment strip
- verification call checklist
- payment approval rule builder
- team drill scorecard

## External signal references
- Signal 7 — AlphaCIS 2026 small-business cybersecurity mistakes highlighting invoice fraud: https://www.alphacis.com/7-cybersecurity-mistakes-small-businesses-make-2026-guide/
- Signal 8 — Enterprise Nation warning on AI phishing, voice cloning, and deepfake meetings: https://www.enterprisenation.com/learn-something/home-office-warns-small-firms-are-being-hit-by-fraud/

## Stitch prompt
Design a desktop field-ops rehearsal desk called Invoice Fraud Fire Drill for small business owners, office managers, bookkeepers, and agency ops leads who approve vendor payments without a formal security team. It should let users choose a scam scenario, assign team roles, inspect a fake invoice/email/voice note, rehearse verification steps, and generate a one-page payment approval rule card. Include a scam scenario picker, fake invoice/email evidence board, role assignment strip, verification call checklist, payment approval rule builder, and team drill scorecard. Design direction: use a field-ops aesthetic with rugged task cards, high-contrast checklists, stopwatch urgency, practical green/red pass states, and dispatch-board layout so the product feels like a quick operational drill, not a compliance lecture.

## Constraints
- Phase A only: scaffold/spec, no custom implementation yet.
- Wait for Stitch export in /home/sy/Downloads/stitch_drop/2026-04-30/p003/

## Non-goals
- Do not claim market-size validation from search snippets.
- Do not implement production integrations in Phase A.

## Success metrics
- Stitch export can be generated from the prompt.
- p003 has complete meta/spec content and is visible in the daily index.

# QA checklist

## Happy path
- 

## Edge cases
- 

## Acceptance verification
-