Bootstrapping a mobile application, or how to save a little on development and publication provides a two-factor authentication service (2fa as a service) and it was originally planned to use SMS as the main method for delivering one-time passwords (OTP) for the second factor. Everything was tied up by SMS, and the technology itself and even monetization - the service itself is provided completely free of charge, the user pays only for the SMS package. At the moment, it is planned to recruit a user base and install a hardware gateway for SMS - after this, the cost will decrease, and it will be possible to lower prices for users and start making profit from the project.

    However, during the testing process it turned out that the reliability of SMS leaves much to be desired: the percentage of successful delivery for many operators in the CIS countries does not exceed 90% (we tested both with Internet gateways and with hardware gateways). The solution to this problem is obvious - authorization using mobile applications, but there was no budget for this, and the team of people with experience in developing for mobile platforms was not. At the same time, I did not want to offer to use other applications (for example, Google Authenticator), but I wanted my own mobile application, with functionality not worse, and ideally, even better than existing analogues.

    In this article, I will briefly describe how we solved this problem with a minimum of costs and without involving third-party developers.


    It is clear that bothering with the native development is long and dreary, therefore, a little googling, we decided to use Cordova / PhoneGap, fortunately we already have a front-end developer in the team. The prototype in HTML5 / Javascript was done quickly, Twitter bootstrap was used as an interface template.
    By the way, the application itself does not only consist of an interface (see the description of the application ), access to the camera and buffer was needed, so I had to connect plugins for phonegap. Both plugins were found in the directory on build.phonegap in free access and connected a couple of lines in config.xml. Cross-platform is also ideal, only css for Windows Phone was finished; there I had to slightly increase the size of some elements.

    Everything worked fine in the emulator, they immediately started testing on Android devices, since the build.phonegap service on the fly generates apk that can be immediately installed on real devices. It turned out that on some devices the interface significantly slows down. Using the poke method, we determined that the problem is in the animation effects prescribed in the css standard bootstrap template. Having removed all the lines with animation in all styles, we got a faster interface and decided to publish the application.


    No special IDE was used in the development (only a regular text editor), only NodeJS and the phonegap package were installed on the system . For debugging the interface, Chrome was used, for testing the plug-ins on Android, the Bluestacks App Player emulator worked perfectly , for other platforms they used physical devices.


    Windows phone

    The easiest way to publish the application for free is for Windows Phone. We used the dreamspark program for students . To do this, you either need to contact support and send them a scan of your student ID, or use an email address on the school’s domain (.edu /, etc.) when creating an account . We had such an address (a British university student was in the team), but even if you are not a student, there is still a chance to use this program (read paragraphs 1 and 2 in this article ). As part of the Dreaspark Student, a developer account is provided for free for 2 years.


    On Google Play, no discounts were found either for students or for anyone else, which is not so scary, since a one-time fee of only $ 25 is charged at registration.


    For the Apple App store, we first tried to use the iOS Developer University Program. For this mail on the university domain is not enough, you need an official letter from the faculty. After talking with fellow students, we found out that the process can take up to six months, so I had to pay 99USD for the year of subscription.


    Our budget for creating and publishing a mobile application on three platforms (iOS, Android, Windows Phone) amounted to only 124 US dollars .
    The result is a fairly fast application that fully meets all our requirements.
    In addition to the Token2 service, the application can also be used for other systems: the functionality is even slightly better than that of Google Authenticator, since it is possible to protect totp profiles with a pin code.
    There is also support for the Mobile-OT P standard , plus a modified Mobile-OTP with the ability to create profiles by scanning QR images .

    We will not say that the application turned out to be perfect, so we have plans to replace the phonegap applications with native ones for each platform. However, since at this stage we needed a prototype rather, we are satisfied with the result.

    Also popular now: