Request a call
  • Hidden

Business overview

Our client is a large insurance powerhouse covering several countries, aimed at making a mobile app for promoting healthy and active lifestyles to decrease the chronic morbidity rate among its customers. The idea was to offer the ability to pay for sports products in installments through special conditions. Policyholders can receive a discount on monthly payments depending on how active they were the previous month. A mobile app will track the user’s physical activity using tracking devices (fitness trackers or smartwatches)—the more active users, the less payment. 

 

Additionally, the app should include features to ensure advanced customer experience abroad by providing up-to-date information on services that guests may require in a foreign country. 

Given the app operates with sensitive data, ensuring a high-level of security was crucial. They contracted NIX United as a proven technology partner to build applications for iOS and Android due to an extensive background in highly secured mobile solutions for fintech, insurance, and healthcare domains.

Solution

We delivered mobile apps for iOS and Android with two main features:

  • Tracking physical activity and calculating it into discounts of monthly payments
  • Compendium that provides users with actual information about transport routes, emergency numbers, and information in case of important events in the country, users are located. 

To  manage these data, parsed from numerous third-party sources through an API, engineers also developed a web admin panel.

Security measures

The entire development process was strictly compliant with the OWASP Mobile Application Security Verification Standard (MASVS). It fulfills basic requirements in terms of code quality, handling of sensitive data, and interaction with the mobile environment to ensure solid mobile app security posture on all stages of the development cycle. The entire testing process, in turn, was conducted in accordance with the Mobile Security Testing Guide (MSTG), a comprehensive manual for mobile app security development, testing, and reverse engineering.

Among other quality assurance activities, penetration testing was a key stage in the entire testing process. Security engineers simulated cyber attacks against mobile apps and all related elements. It revealed several vulnerabilities in the admin panel and mobile API that can lead to a leak of hidden data by malicious modification of queries to business logic and a lack of brute force protection.

Based on these results, the necessary improvements to the system were implemented to prevent the possibility of data loss and comprehensively strengthened security measures.

Group 48096326 (1)

Outcome

The client received a fully-equipped, market-ready mobile solution that provides unparalleled benefits for all participants of the insurance ecosystem. Policyholders obtained sport equipment with significant discounts and great motivation to adhere to a healthy and active lifestyle. For the insurer, it resulted in decreasing the number of insurance claims and budget accordingly, thus active and sports-minded people are statistically to have less relapses of chronic diseases. 

Moreover, many customers appreciate the great deal of informational advice while abroad, which significantly increased brand loyalty and became an additional competitive edge over competitors on the market.

Team:

2 iPhone Developers, 2 Android Developers,

PHP Developer, 1 QA Engineer, Project Manager, Business Analyst

Tech Stack:

Kotlin, Swift, Laravel, PHP

Contact Us