Mobile banking apps are incredibly popular as they allow users to have full control of their bank accounts and funds at their fingertips. While the demand for mobile banking apps is relatively high as banks compete with each other for new customers through offering modern solutions, the supply of development teams who are able to take on such a project is relatively low. Bank apps need to not only be user-friendly, efficient and well optimised for different mobile platforms, but also be very secure to protect users' funds from fraudulent activity. When in-house IT departments fail to develop products that comply with high standards of data security, companies come to us.
We were tasked with the development of an Android-based banking app for a local bank which would replace an already existing outdated app. The new version had to include the following functionality:
One of the primary goals was to not only develop an app which would update the design and improve user experience, but to ensure a high level of security as online banking often falls prey to hackers and malicious users. High security measures are vital to ensure the safety of user accounts and maintain the bank’s reputation as a safe and reliable establishment to store funds. We had to work hand in hand with the bank's security teams to develop the product that would both be safe and convenient to use.
The sensitive and complex nature of banking operations meant we needed to collaborate with the bank's in-house developers and security departments to bring the app to life. High standards of security surrounding all banking data meant we had limited access to data needed for app development. We had to stay in close touch with the bank’s developers and security teams and maintain full transparency of the development process to gain access to the needed data. Our development teams had to work around restrictions and safety procedures while staying within time constraints and client’s budget.
We used Kotlin and Coroutines framework to develop the app. The backend was created by the bank’s in-house developers using Protocol Buffers. We had access to data structures which could be used to generate classes. This approach both reduces development time by eliminating the need to create object types and lowers the chance of query errors as classes are created automatically.
We have implemented multi module app architecture which provides great benefits during the development process. Each module exists separately and can be implemented and tested individually. On top of that this approach makes the reuse of code easy and convenient.
In-house developers had trouble implementing data encryption and, as a consequence, ensuring user data safety that would mirror those used by the bank.
To ensure the safety of user data transfer, we have implemented end-to-end encryption to prevent data spoofing by malicious users through the replacement of a beneficiary account during money transfer. We used a androidx.crypto library to implement data encryption as an out-of-the-box solution was the most cost efficient option for the client.
After the app was completed, it was subjected to a final review from the bank’s security department to check once again that the app was up to the latest data security standards.
The resulting app has replaced the outdated version, greatly improving user experience. Bank’s clients now have convenient access to their bank accounts and transaction history and have full control of their funds at their fingertips.
We have gained invaluable experience of working around various security procedures and protocols while staying within time and budget limits.