The main challenges in banking app development

13 min read
December 2, 2021

In 2011, the Royal Bank of Scotland made fintech history.

That was the year they unveiled the world’s first fully functional mobile banking app.

Since then, the market for banking apps has grown dramatically. Almost every major bank in the world today has its own app. Neobanks exist that offer banking services exclusively through an app. 

And in 2021, it’s estimated that more than 60% of Americans used digital banking.

While opportunities for mobile banking are ripe, it also means the sector has become more competitive than ever.

To succeed, newcomers in the field need to face a slew of technical and market challenges. We list some of them below.

Meeting security standards

With the rising risks of cybersecurity threats, it’s no wonder that security is one of the top challenges in developing a banking app.

There’s no shortage of statistics to point to this fact. However, the most harrowing is probably this: 2021 has already exceeded the 2020 record for public data breaches. And it’s just a little over 200 incidents away from being the highest of all time.

But the numbers are not the worrying part, according to Identity Theft Resource Center (ITRC) CEO Eva Velasquez. In her words:

“For me, the take-away is not the number. They are becoming more systematic in their targeting.”

And as banking apps contain thousands of users’ sensitive financial information, it’s an incredibly profitable target for cybercriminals.

But because of the varied threat landscape posed by hackers, defending your app is becoming much more complicated. 

To survive, you need a multi-layered security approach to cover all of your vulnerabilities. 

This diagram illustrates some of the security technologies and strategies that you should include:

image

Source: DECODE

While all of these measures are essential, we believe authentication and authorization are the most fundamental safeguard. That’s because social engineering attacks like phishing are one of the most common you’ll encounter.

Unfortunately, strong passwords don’t give enough protection on their own because they are easily compromised. 

A better approach is to use multiple authentication protocols like biometrics and two-factor authentication (2FA)

Beyond this, you should pay attention to your application logic and coding standards to ensure they’re not creating security flaws that hackers can exploit.

And don’t forget to secure your app’s ecosystem as well. Strengthen the protective layers on your network, web server, and API communications through technologies like next-gen firewalls, anti-malware, and distributed denial of service (DDoS) mitigation.

Lastly, put app testing at the top of your priority list. Critical bugs and vulnerabilities can compromise a banking app more than any other factor. Weeding them out as early as possible guarantees a much safer app overall.

Protecting user data

Keeping your users’ banking data safe is just an extension of the cybersecurity protocols we discussed above. However, it’s so crucial that it deserves a section of its own.

As mentioned, the number of data breaches happening in the past few years has been staggering. But we haven’t even gotten to the damage from these attacks yet.

A Varonis study found that financial institutions exposed, on average, 352,711 sensitive records per cyber attack incident. This added up to 36 billion records compromised in the first half of 2020 alone, according to RiskBased Security.

Indeed, data protection is so vital that specific regulations exist to ensure financial companies are doing enough to guarantee it. 

For instance, financial services having European customers should adhere to strict General Data Protection Regulation (GDPR) or face hefty fines.

Even more than compliance, data protection is the key to keeping your users’ trust, as confirmed by a 2018 German study.

Another survey also reveals that data privacy is consumers’ most significant concern when using fintech apps:

image

Source: Clearing House

The issue, though, is not that app developers don’t recognize the need for data protection.

Instead, the main challenge is that banking apps exist in an ecosystem. Apps need to connect to other financial institutions and process financial information. Unfortunately, this creates plenty of opportunities for hackers to intercept and steal this data.

One of the most effective strategies to prevent this from happening is to encrypt the data. 

While this doesn’t prevent a hacker from getting the data, it does make it unusable. Without the key, all they would see is gibberish:

image 1

Source: The SSL Store

For encryption to be effective, it needs to be done both during storage and in transit. Popular encryption technologies include AES and PGP.

Aside from encryption, another crucial practice with banking apps is limiting the data stored in the user’s app. 

In other words, you need to have a very good reason for every piece of information you keep locally. That way, you minimize data exposure if the app gets hacked.

As a final safeguard against unauthorized data access, you should also implement payment blocking. This allows the system to stop any transaction that it deems highly suspicious or unusual.

For instance, if a hacker attempts to log in to a user’s app and withdraw money from a different location, the app should see that as a red flag. Blocking that transaction can prevent any further data breaches or fraud.

Achieving regulatory compliance

Next to security, compliance is probably the biggest hurdle every fintech app faces. That’s because getting it right is generally a confusing, time-consuming, and expensive process.

This is due to the fact that many countries don’t have a single fintech-centric piece of regulation that app developers should follow. 

More often, you’ll need to pass a dozen financial and consumer laws, each with its own requirements and processes.

Just take a look at fintech regulations in the US. Depending on the nature of your app, you must comply with several laws. 

Card transactions, for instance, are covered by the Electronic Fund Transfer Act (EFTA) and the Payment Card Industry Data Security Standard (PCI DSS)

Most consumer apps are under the jurisdiction of Federal Trade Commission (FTC) laws. 

And if you serve European users, there’s also the New Payment Services Directive (PSD2).

Because of the logistics and administrative complexity in handling these laws, it’s very easy to miss a few things. 

Unfortunately, such mistakes can have very devastating consequences. Regulations can and have shut down errant fintech startups for years.

To make matters worse, the COVID-19 pandemic has added a new set of challenges to an already complicated process. This is according to a University of Cambridge study:

image 4

Source: MindK and University of Cambridge

So, how do you achieve regulatory compliance without losing your mind?

The crucial first step is a change in mindset.

Specifically, it’s helpful to view compliance not as a law to follow but as a necessary step to gain users’ trust. 

Ultimately, a compliant app has processes and technologies to prevent fraud, promote data privacy, and improve services – things that are great trust builders.

For instance, KYC (Know Your Customer) initiatives are one of the primary compliance requirements for the banking industry.

KYC is the set of processes used to verify a user’s identity and financial profile. It ensures that they’re not connected to fraud or money laundering activities.

A typical KYC flow looks like this:

KYC process flow

Source: DECODE

KYC is often an added chore for many fintech apps. But if you view it as a way to prevent money laundering, then you’ll be much more encouraged to do it. 

However, the best approach with compliance is to simply outsource it to an expert. Hire a lawyer or consultant with extensive experience in fintech laws on your chosen market. 

You can also rely on emerging regtech (regulatory technology) solutions to automate the tedious parts of your compliance process.

Selecting the right platform to build the app

Banking apps operate in a highly dynamic environment where norms change swiftly. To survive, they must focus on agility, performance, and flexibility. Having the right app platform is a critical foundation to make this happen.

An app’s platform, in our definition, refers to the technologies and infrastructure that make that app’s operation possible, both on the client and server sides. 

Some developers also call this the tech stack:

image 2

Source: DECODE

As you can see, there are many layers to your tech stack. But an essential first step is your programming language of choice.

Know that every language has its strengths, weaknesses, and vulnerabilities that you need to consider before picking.

The top fintech app languages include Python, Java, and C++.

For mobile apps, you should also consider which operating system you’re going with. iOS or Android-only apps are the simplest to develop, but they can limit your adoption.

More often than not, you’ll need a cross-platform app to cover more users.

There are many different technologies you can use here, from cross-platform tools to native apps. Which one you’ll pick will, again, depend on your app’s scope, budget, and purpose.

With the popularity of cloud and hybrid networks, it’s also crucial to make your fintech apps cloud-ready. This ensures that your app can quickly shift to these environments should there be a need to do so in the future.

image 3

Source: DECODE

Finally, consider the integrations you’ll need, including third-party tools and APIs. For banking apps, Open Banking will most likely be involved, as this allows you to connect with a user’s bank and get their information.

Choosing the right features

Even the most secure, high-performance banking app would be useless if it didn’t solve users’ problems. That’s why choosing the right features is the key to success.

This is especially important in an ever-increasingly saturated market. For example, a 2020 study concluded that mobile banking is expected to grow at a rate of 12.2% CAGR, effectively doubling by 2026.

image 1

Source: DECODE

In this competitive environment, it isn’t enough to be just another product that offers the same basic functionalities. You need the right features to attract and keep users.

Of course, it all starts with covering the mission-critical features that are vital to mobile banking:

image 2

Source: DECODE

Another great resource, and one that’s closer to what consumers want, is this study by Business Insider. It’s a snapshot of what truly matters to consumers:

image 3

Source: Business Insider

Checking all or most of the items in the above wishlist is a fantastic approach to ensure that you’re covering what users truly look for in their banking app.

The bottom line is that to succeed in this market, you need the right features to deliver a fantastic customer experience.

Of course, great features alone can’t do that. You need to pair it with excellent UX.

Meeting customer expectations

Like any app, an incredible user experience (UX) is the key to success.

However, UX is arguably much more important in fintech.

That’s because the goal is to take something boring and technical (finance) and make it appealing and easy to understand. This is perhaps the minimum requirement for success in this niche.

Unfortunately, many fintech apps fail at UX. According to a Bain and Company study, only 8% of consumers agree that most fintech apps deliver a great customer experience (CEOs think it’s closer to 80%).

To make UX work involves more than just making a user-friendly UI.

It’s a holistic combination of trust, features, user education, personalization, and aesthetics that points to one goal: a meaningful and relevant user experience that meets their expectations.

Here are some key UX trends that can help you achieve this. While this list is for fintech websites, it’s relevant to apps as well:

image 4

Source: DECODE

However, there’s one crucial UX factor not covered above that we feel bears mentioning. It has something to do with friction.

Friction is anything that hinders a user from doing something in your app. So naturally, lower friction is desirable since it makes an app easy to use.

However, some friction is actually beneficial and even necessary. It helps users avoid simple mistakes by asking them to confirm a critical action first, especially if the results are permanent.

For example, before you can delete a file in most operating systems, it will ask you to confirm first:

image 4

Source: Seamgen

Without the above prompt, there would be many more frustrated users with irreversibly deleted files.

The same is true with making payments or withdrawing money. A confirmatory prompt can help prevent accidentally sending the wrong amount or to an unintended recipient.

Or, in the case of unauthorized access, an extra authentication step ensures that all transactions are verified before they’re made.

Of course, these are just bits and pieces of a much bigger UX pie. UX is a vast topic with lots of strategies and nuances to consider.

If you want to learn more, read our articles on developing a user-friendly app and creating proper app onboarding

Keeping up with new trends

Perhaps the biggest challenge with mobile banking is its imminent future growth. New trends, security issues, and technologies will inevitably change the landscape and impact your banking app in various ways.

To keep up, you need to stay ahead of the game constantly.

Being on the lookout for all the current and upcoming relevant trends is vital.

One of the more immediate ones that should be on your radar involves open banking. Everyone knows that this is the way forward for fintech apps, and regulators are starting to take notice. 

Right now, the Consumer Financial Protection Bureau (CFPB) is working on a set of rules and regulations that will oversee this initiative. Staying on top of this news is crucial if you want to keep yourself compliant when it rolls out.

In fact, it’s prudent to monitor all relevant regulatory developments, so you don’t get blindsided.

Another big trend to watch out for is blockchain. While Bitcoin and crypto have been around for over a decade now, the applications of blockchain technology beyond currencies are still in their early stages.

In the future, decentralized finance (DeFi) will take a much more prominent role in finance. The numbers back this prediction up:

image 5

Source: The Coin Radar

The marriage of AI, big data, and banking is also something to look out for. This will give birth to autonomous finance and robotic process automation (RPA), making fintech apps blend in much more seamlessly with people’s everyday lives.

This is just a small taste of what’s to come for banking apps. If you want to learn more about the next big fintech trends, check our article on the topic.

Big challenges need even bigger solutions

The challenges of developing banking apps can indeed be difficult to tackle. But that’s only the case when you go at it alone.

The truth is that facing these obstacles would be much easier if you partner with someone who’s done it before. And with several successful fintech apps under our belt, we’d like to think DECODE is the perfect companion to take these challenges on!

Ready to develop the next big banking app? Talk with us today, and let us help you navigate the waters.

Categories
Written by

Marko Strizic

Co-founder and CEO

Marko started DECODE with co-founders Peter and Mario, and a decade later, leads the company as CEO. His role is now almost entirely centred around business strategy, though his extensive background in software engineering makes sure he sees the future of the company from every angle. A graduate of the University of Zagreb’s Faculty of Electrical Engineering and Computing, he’s fascinated by the architecture of mobile apps and reactive programming, and a strong believer in life-long learning. Always ready for action. Or an impromptu skiing trip.

Related articles