Dataminr

Background: This project aimed to achieve SOC-2 compliance, a critical standard for the secure management of data. SOC-2 helps protect the interests and privacy of clients by ensuring that system controls are effective and robust. The implementation of the forced logout feature served as a crucial component of our enhanced security protocol, safeguarding user data from unauthorized access in scenarios where authentication tokens are compromised.

Challenge: Integrating stringent SOC-2 security measures into mobile app development posed a dual challenge: adhering to compliance without halting the enhancement of our product features. The main challenge was implementing a seamless forced authentication processes across both Android and iOS platforms without disrupting user experience. This required precise detection of token invalidation or keystore clearance, maintaining compatibility across different operating systems, and ensuring that the authentication and authorization processes were secure yet intuitive for users.

Our Solution:

·  Creating a unified method for forced authentication, seamlessly integrated with existing authentication systems.

·  Leveraging the native capabilities of Android and iOS to handle secure session management and token lifecycle.

·  Enhancing user experience by providing clear, immediate feedback on the login screen whenever a forced logout was triggered.

Technology:

·  Mobile Platforms: Android (Java/Kotlin), iOS (Swift)

·  Cross-Platform Integration: React Native

·  User Interface Design: Figma for mockups and design specifications

·  Event Handling: Custom events for handling logouts, integrated via native modules in React Native.