Secure Mobile Messenger App Development
Client
The Client is a European startup offering secure communication applications for individuals and enterprises concerned about their privacy.
Challenge
The Client commissioned ScienceSoft to create a Viber-like application that would provide users with a safe and easy way to communicate and share voice messages, photos, videos and other files. The main challenge was to ensure ultimate security so that messages would not be stored on the server and no one could decrypt them.
Solution
Since the Client did not come up with a specification, ScienceSoft Architect developed a high-level design and defined the components to be created as well as the development tools that would best answer the project needs. A pipeline architecture was chosen as a typical design pattern for real-time systems and messengers.
Thanks to the extensive experience in mobile development, as well as in telecom application development, with its most successful project being Viber for Android (1.17B users worldwide), ScienceSoft development team had a deep understanding of how application security should be achieved.
To ensure secure data transmission, ScienceSoft applied RSA – a public-key cryptosystem. The algorithm uses a public key for encrypting messages and a secret decryption key. As the latter is stored on the client side (on a mobile device, for example), nobody except the chat participants can decode the message.
In this software, ScienceSoft has brought together the best-of-breed features of the world’s leading messengers like Viber and Telegram. In addition to the common image sharing, group chats and emoticons, the tool will offer public channels to allow anonymous chatting on various topics distinguished by tags. Moreover, every user will have access to a personal cloud file storage to upload and share files with others. As with messages, all files will be encrypted for better security.
ScienceSoft team is currently working on secure VoIP and voice messages for this app.
Results
The Android-native app was finished within 3 months by the efforts of 1 Architect, 2 Senior PHP Developers (backend) and 2 Android Developers (frontend) with only a Product Owner on the Client’s side. Together with ScienceSoft, the company is now planning to create the iOS, Windows Phone, webchat and desktop versions of the application.
Technologies and Tools
PHP, Symfony 2, phpDaemon, Nginx, Redis, Android SDK