Logo

Enabling Smart Savings with End-to-End App Security Assessment for MeSusu

How Seasia Infotech helped a goal-based savings app launch with zero open vulnerabilities and full GDPR readiness.

Protect Your App — Start Now

Project Overview

Project Overview
INDUSTRY
Fintech 
PROJECT DURATION
6 Weeks

MeSusu makes disciplined saving simple. Users set a goal (school fees, emergencies, trips), deposit small amounts every day, and unlock bonuses on completion – all without needing a bank account thanks to mobile-money integration. With financial data and personal identifiers flowing through the app, security testing for mobile apps and regulatory compliance were mission-critical.

Key Challenges the Business Faced

MeSusu asked Seasia Infotech to run an accelerated, end-to-end security test cycle that would identify gaps, guide fast fixes, and prove compliance to investors and regulators.

Sensitive data everywhere
  • PII, transaction histories, KYC documents. 
Multiple threat surfaces
  • Android, iOS, Node.js APIs and a MongoDB cluster.
Regulatory clock ticking
  • The team needed full GDPR compliance for mobile apps before launch. 

Seasia Infotech’s Comprehensive Solution

Seasia Infotech developed a next-generation AI-powered video creation tool powered by Generative AI and Computer Vision. The automated video creation platform allows MetaBuild to generate professional-quality videos directly from text or image inputs.

Methodology
  • Threat Modeling & Scope Definition
  • Automated Recon & Static Analysis – MobSF, OWASP ZAP.
  • Manual Penetration Testing – Business-logic abuse, auth bypass, API fuzzing.
  • GDPR Assessment – Consent flows, data-deletion paths, logging & audit trails.
  • Secure-Code Workshops – Daily defect triage with MeSusu dev squad.
  • Regression Validation – Retest after fixes, final sign-off.
Key Areas Tested
  • Goal-Based Savings Workflow – Integrity of contribution tracking and payouts.
  • Reward Distribution – Anti-fraud controls around bonus unlocks.
  • Mobile-Money Integration – Token handling, callback validation.
  • Identity & Consent Management – Sign-up, KYC, ‘Right to be Forgotten’.
  • Referral & Incentive Programs – Abuse vectors and enumeration risks.

Our Technology Stack

Programming Languages

Kotlin (Android)Kotlin (Android)
Swift (iOS)Swift (iOS)

Backend

Node.jsNode.js
ExpressExpress
MongoDBMongoDB

Authorization

JWT tokensJWT tokens
Device BiometricsDevice Biometrics

Security Tooling

Burp SuiteBurp Suite
MobSFMobSF
OWASP ZAPOWASP ZAP
PostmanPostman
GDPR checklistGDPR checklist

Results Delivered

  • 12 Vulnerabilities Closed

    1 High, 3 Medium, 8 Low — all remediated pre-launch.

  • 100% GDPR Compliance

    Verified consent logs, data-export & deletion flows.

  • Hardened Mobile Apps

    Biometric unlock, root detection, certificate pinning, improved crypto.

  • 90% Fix Rate in 2 Sprints

    Action-oriented reports and daily syncs cut turnaround time dramatically.

  • Zero Findings in Final Audit

    MeSusu sailed through both internal and third-party mobile app security audits.

Why MeSusu Chose Seasia Infotech

  • Fintech Security DNA

    20+ regulated financial products secured.

  • Sprint-Aligned Delivery

    Findings delivered in daily, developer-friendly bite sizes.

  • Regulatory Know-How

    GDPR, PCI DSS, SOC 2, ISO 27001 experts on call.

  • Transparent Collaboration

    Shared Jira board, live Slack channel, and fix-validation videos. 

Ready to Bulletproof Your Fintech App?

Seasia’s mobile app development security engineers can embed with your team, hunt for vulnerabilities, and shepherd fixes, fast. Let’s safeguard your next release.

Talk to our security testing specialists

What They Say

Simmi Walia

Simmi Walia

CEO at Realesta

An Esteemed Client

An Esteemed Client

New York, USA

Mrs. Arshpreet Kaur

Mrs. Arshpreet Kaur

Director, WELRM

Nigel Teags

Nigel Teags

CEO - TrackNinja

Insights & Resources

Blogs

Cyber Security-

Why AI-Driven Zero Trust is the Next Evolution in Cybersecurity

Ransomware crews now weaponize generative AI to write polymorphic malware in minutes, while hybrid work has dissolved every neat network perimeter.

AI/ML Services-

Top Artificial Intelligence Companies Transforming Enterprise Solutions

From optimizing processes to forecasting client behavior, artificial intelligence enables businesses to work smarter, not harder.

July 25, 2025

Application Services-

Microsoft Dynamics CRM vs Traditional Systems: Is Your Business Ready for the Future?

The way you manage customer relationships can make or break how efficiently your team works, how your brand is perceived, and how fast you grow.

July 16, 2025