Fintech Mobile App Development

1


Fundamental Practices
of
FinTech App Development
And
Current FinTech Trends 2019
2
Index

1. Fundamental Practices of FinTech App Development
2. Current FinTech Trends 2019
3. Our Work
4. Contact Us

3

• Fundamental Practices
• of
• FinTech App Development

4
Information Security

• FinTech apps need to comply with information
  security, as security is above all. The security
  mechanisms should be strong with multi-factor
  authentication, password security practices, and
  in compliance with The Payment Card Industry
  Data Security Standard (PCI DSS). For ensuring
  the compliance, FinTech businesses have two
  choices either they can build their own tools or
  rely on third parties, whose services specialize
  in identity management.

5
Eliminate OWASP 10 Vulnerabilities

• Before putting the plan of building a FinTech app
  finally into action, the development team has to
  scrutinize the list of OWASP (Open Web
  Application Security Project) 10 vulnerabilities
  through open source or proprietary tools.

6

• OWASP Vulnerabilities are
• Injection
• Broken Authentication
• Sensitive Data Exposure
• XML External Entities (XEE)
• Broken Access Control
• Security Misconfiguration
• Cross-Site Scripting
• Insecure Deserialization
• Using Components with Known Vulnerabilities
• Insufficient Logging and Monitoring

7
Financial Monitoring

• By integrating with third parties, FinTech needs
  to prevent activities like smurfing, and money
  laundering. It keenly monitors and looks out for
  the suspicious transactions. To get a hold over
  such illegal activities, FinTechs have to
  establish the identity of their customers. They
  can either write their own code, integrate with
  third parties, or can associate with compliance
  agencies. Example mobile and biometric identity
  authentication apps, blockchain-based KYC, and
  trade transactions solutions, etc.

8
Fraud Detection

• It is important to detect fraudulent activities.
  Machine learning is a prominent tool to detect
  the pattern of fraud behavior and for that
  machine learning system like Generative
  Adversarial Network (GAN) is used. Based on a
  zero-sum game, a generator network deliberately
  creates fake data, while a discriminator network
  identifies between fake and authentic datasets.
  Both of them learn from each other in order to
  improve the results overtime

9
Create an API Call

• If you are unable to make idempotent API calls,
  you can create an API call with a specific ID. In
  such a scenario, if an API server fails, another
  one can back it up. Even when that failed server
  once recovers, the transactions will not pass
  twice.

10
Stay Agile With APIs

• While designing APIs, you need to be cautious
  about the confidential tech details. Do not
  indulge in auto-incrementing of IDs in records.
  In case of errors, dont reveal the tech details,
  as the attackers may use it against you. APIs
  bring in automation, flexibility and swiftness in
  the workflow.

11
Microservices Architecture

• In a microservices architecture, a request passes
  via different nodes in the network. It is
  advisable to generate a unique ID since the
  inception. So that we can trace it easily from
  the very start. It provides benefits like
  improved fault isolation, ease of understanding,
  and it removes the vendor or technology lock-in.

12
Microservices Areas

• Today, 68 of the organizations are interested in
  microservices architecture. Hence, You need to
  ensure that each services should cover one
  functionality. Not all at once, but organizations
  have to gradually replace the monolithic
  architecture by adding new microservices. The
  design of microservices should be able to
  withstand faults.

13
Test Coverage

• Refactoring can be cumbersome and have
  consequences, so before going ahead with that you
  need a good automatic test coverage. Test
  coverage takes care of the quality of the test.
  It can help in minimizing errors bugs, time to
  market, and lastly the releases can be more
  frequent.

14
Deployment of Services

• Continuous integration and delivery manages the
  deployment of multiple services. Docker helps in
  making the microservices portable by manifesting
  standardization, while Kubernetes helps in
  automating deployments, load balancing,
  orchestration of containers and scaling the
  resources, etc. Fintech app development teams
  need to ensure over seamless logging and
  monitoring mechanisms.

15
Maintaining Financial Ledger

• FinTech developers need to pay more attention to
  financial ledgers. Atomicity, Consistency,
  Isolation, Durability (ACID) databases can be
  used to write those ledgers. Through ACID
  properties, consistency is maintained in the
  database with a guaranteed validity.

16
Legal Purview of FinTech

• Licencing is an essential aspect in FinTechs
  which cant be ignored. Different types of
  FinTech are liable to different licences, which
  is an utmost important regulatory formality.
  Certain bodies are looking after financial
  regulations like Swiss Financial Market
  Supervisory Authorities (FINMA) in Switzerland.

17

• Current FinTech
• Trends 2019

18

• Blockchain
• The most obvious yet significant reason of
  involving blockchain in FinTech app development
  is security. As the biggest challenge is trust.
  Blockchain is cost effective and ensures safety.
  As it involves blocks, a company can easily track
  the entire life cycle of the financial
  transactions.

19
Artificial Intelligence

• AI includes machine learning, natural language
  processing, general intelligence, which delivers
  personalized content, increases app productivity,
  leads to automated reasoning, and helps in image
  recognition. The ultimate goal is to provide
  customers an exquisite user experience.

20
Quantum Computing

• It is based on Quantum theory. Quantum computing
  can exponentially increase the speed of
  transactions, resolve scalability issues, lower
  down the processing cost and keep the financial
  transactions secure. It can detect unusual
  patterns in order to identify fraudulent
  activities.

21
Our Work
22
Contact Us
23

• Thank You