How we hacked our office doorbell using Slack, MessageBird and Now

By Vernon de Goede

With a constantly growing merchant base (we’re currently serving over 50k+ merchants) comes an increasing number of employees. When we reached 80 employees back in April, we moved a few of our teams to a new office space just in front of our main office. We called it Mollie Studios.

Instead of the traditional doorbell systems, our landlord installed one that works using a SIM card. Every time a visitor rings the bell, a call is made to a cellphone that’s laying around somewhere in the office. We can then answer the phone, and press “3” on the phone keyboard to open the door. Yet due to our noise canceling headphones most of us never heard the doorbell ring.

Adriaan and me started thinking of a better solution: how cool would it be if we could open the door using our own Slack bot?

We noticed that MessageBird just launched a new product: Flow Builder. This would allow us to create a visual flow for incoming calls via the phone number that we bought via MessageBird.

It was fairly easy to set up a basic flow that would:

  • Welcome visitors by saying “Welcome at Mollie Studios. Please wait while we find someone to open the door for you.”
  • Send a HTTP request to our webserver.

Or, if the call is made outside office hours:

  • Say “Mollie Studios is currently closed. Please contact a Mollie employee for urgent matters.” and ends the call.

To achieve this, we set up a basic Node.js webserver using Express that would send a message to a certain Slack channel whenever a call was made.

MessageBird sends a couple of extra parameters with each request, including a callID. When a new request comes in, we’ll make an API call to MessageBird, to verify whether this voice call actually happened and if it happened within the last 2 minutes. We also used the query parameters destination and source from the incoming webhook call and matched these against the data from MessageBird. This would make sure that only “real” doorbell calls would trigger Slack notifications.

If the call is legit, we generate a random token and store it in-memory.

The next step was to attach interactive buttons to our Slack notification. We added the “Open door” action to each message that was sent by our bot. Whenever someone presses that button, Slack makes a call to our Node webserver and verifies the tokens that we’ve passed to the callback URL with the token that we stored in-memory in the previous step.

Creating a notification that allows us to open the doorbell, right from Slack

In order to actually open the door (after a Mollie employee has pressed the Slack button) we need to tell MessageBird to press the button “3” on the phone keyboard during the call. Unfortunately, this is not something Messagebird can do, since all communication is done via APIs. We had to find a more creative solution.

The good news was that MessageBird does allows us to add a step to our call flow that will fetch a dynamic call flow from an external URL. At the same time, Adriaan remembered the “Blue Box” that Steve Wozniak and Steve Jobs used to make free calls world wide by sending out certain tones. This was it!

We could use this to make the doorbell think that someone actually pressed “3” on the phone keyboard. In order to understand how we could send the “open” signal to our doorbell using a dynamic call flow, it’s important to know the basics of telecommunication signaling.

In telecommunication, signaling works using the Dual-tone multi-frequency signaling (DTMF) technology. That means when we press a button on phone keyboard, the sound sent out has a high frequency and a low frequency. In other words, if you make a sound with a related high and low frequency, the related number can be called.

We recorded the sound that our cellphone made when we pressed the “3” and saved it as a static .wav file on our webserver. If we are able to make MessageBird play this sound, the doorbell should recognize this and open the door itself!

To accomplish this, we added a few more steps to the MessageBird call-flow that tried to retrieve a dynamic call-flow every second (with a maximum of 10 seconds).

Each time MessageBird makes the call, our server checks if someone authorized to open the door in the last 10 seconds. If that’s not the case (meaning someone did not press the “Open door” button via Slack), it will return a 200 OK. MessageBird will then wait for 1 second, and try to fetch the call-flow again.

If someone did press the “Open door” action button and the authorization tokens are matching, we’ll return the following dynamic call-flow:

If the tokens match, the webserver returns a dynamic call flow object that will result in Messagebird playing a certain tone.

MessageBird will then play the same sound that you’d actually hear when you press “3” on the phone keyboard, and the doorbell will open the door. Winning!

Once our webserver was ready, we had to deploy it somewhere. Since this was just a small side-project, we didn’t want to spend too much time on hosting & maintenance. We decided to use ZEIT’s hosting solution called Now. This would allow us to deploy our Node.js in seconds, just by running the now command from our terminal in the projects folder.

It worked out pretty well! Every time we made a change, we had to run two commands and everything was deployed to the cloud within one minute.

At Mollie, we’re constantly working on fixing problems by using the newest technology made by our friends from Slack, MessageBird and ZEIT. This is something that we are and will continue doing.

Also at Mollie everyone has heaps of creative freedom to work on such "office-hacking" projects. It surprised us how easy it was to turn an idea into reality by connecting several cool APIs. We also really liked the fact that we could actually open the door by playing a certain tone via MessageBird.

Besides hacking our office doorbell, we’re also working on building the best payment solutions for great companies of all sizes. We’re always looking for self-driven and intuitive talents who appreciate the art of technology and can help us with shipping disruptive payment products.