Skip to Content

INFOCAMERE


  •   CONTESTO E OBIETTIVI -  iConto is the mobile app developed for Infocamere — the consortium of Italian Chambers of Commerce — which allows users to manage their prepaid card quickly and securely on iOS and Android. The project had been stalled for over two years before we became involved. K-TECH designed and built a comprehensive solution comprising a hybrid iOS/Android client and a server-side JEE gateway, integrating secure authentication, stateful navigation and a connection to the Infocamere payment gateway. A non-negotiable requirement: passing a third-party certified penetration test prior to go-live.

  •  IMPLEMENTED SOLUTIONS - We developed a two-tier architecture — hybrid client and JEE gateway on JBoss — with remote JAAS authentication, stateful communication, and JSON protocol. We integrated the Moblet API for centralised app governance, automatic blocking of obsolete versions, and server-side configuration without interventions on the stores. The entire solution was designed to meet Infocamere's quality standards and exceed third-party security certification.


  •  CHALLENGES - The project presented high technical complexities: hybrid multi-platform solution with stringent security requirements, integration with legacy systems via server-to-server Web Services, adoption of the client's quality standards from the outset, and a starting context that had already been stalled for two years. The pressure of the penetration test as a pre-go-live requirement demanded technical rigor and a security-first approach throughout the development cycle.


  •  SUCCESSES - K-Tech unlocked an investment that had been stagnant for over two years and brought the app to production release. The solution successfully passed the third-party certified penetration test. The delivered code passed the client's internal automated tests from the first submission, with no friction in the quality processes. The Moblet mechanism provided Infocamere with full app governance without dependency on the stores.


  • TECHNOLOGIES -  Hybrid Mobile Development iOS/Android · JEE / JBoss Application Server · JAAS · Moblet API · JSON · Web Services · Penetration Testing


LEARN MORE      

CONTEXT & GOALS

iConto is the mobile application developed by K-TECH for Infocamere — the consortium company of the Italian Chambers of Commerce — that allows end users to manage their prepaid card quickly and securely via iOS and Android smartphones.

The goal was to design and implement a complete mobile solution composed of a hybrid client component (iOS/Android) and a server-side JEE gateway, capable of ensuring secure authentication, stateful navigation and integration with the Infocamere payment gateway. The solution had to pass a penetration test certified by third parties before being released into production.

The project had been stalled for over two years before K-Tech got involved. We took over the stalemate situation and successfully led the project to release, surpassing all technical and security requirements.


IMPLEMENTED SOLUTIONS

•     Two-Tier Architecture: design of a hybrid multi-platform mobile client (iOS/Android) and a server-side JEE gateway on JBoss, with a clear separation between business logic, security, and integration.

•     Secure JAAS Authentication: implementation of remote Java authentication (JAAS) towards the Infocamere account provider over a secure server-to-server connection, with stateful management of the user session.

•     Payment Gateway Integration: development of an integration gateway with the Infocamere payment gateway via Web Services, with a flexible communication protocol based on JSON.

•     Centralised Governance with Moblet: integration of the Moblet API for centralised app configuration from the server: navigation, versioning policies and automatic blocking of obsolete versions — without manual intervention on the stores.

•     Security-First and Penetration Test: adoption of Infocamere's code quality standards from the very first line, with architecture designed to pass third-party security certification before go-live.

•     Documentation and Delivery: production of complete technical documentation and push of the source code into the client's repository, ensuring full transparency and transferability.


CHALLENGES

•     Multi-platform Complexity: hybrid iOS and Android solution with different versions and screen sizes, stringent security requirements and integration with Infocamere legacy systems via server-to-server Web Services.

•     Project on Hold: K-TECH has taken over in a critical context that has been stalled for over two years, having to absorb existing technical constraints and restart with full ownership.

•     Mandatory Penetration Test: non-negotiable requirement to pass a security check certified by third parties before go-live, with zero margin for error.

•     Client Quality Standards: adoption from the outset of the code quality standards defined by Infocamere, with internal automated tests as acceptance criteria.


VICTORIES

     Project Rescue: K-Tech has transformed a stagnant investment of over 2 years into a product released into production, demonstrating the ability to take over in critical contexts.

•     Security Certification: overcoming the third-party penetration test, strengthening K-Tech's reputation in mobile application security.

•     Zero Friction in Quality: the delivered code has passed the client's internal automated tests since the first submission, without the need for reworks.

•     Governance Without Dependency on Stores: thanks to the Moblet mechanism, Infocamere can update configuration, navigation and app versioning policies from the server, maintaining full operational control.