Home
/
Case studies
/
Selfapy

Secure mobile app development in a BSI-certified environment

Cost-free consultation

About the project

Client:

Selfapy - an online therapeutic platform offering digital psychological support for patients struggling with depression, anxiety, and other mental health disorders. The company operates in compliance with BSI guidelines and provides therapy based on the CBT (Cognitive Behavioral Therapy) approach.

Project goal:
Efficient management
of IT resources
Business Goals
  • Maintain and further develop the application following the departure of a key developer.
  • Obtain BSI certification confirming a high security standard in the medical sector.
  • Implement internationalization (new language versions of the app – Russian, Polish).
  • Ensure timely release of subsequent app versions in line with the client's schedule.
  • Increase investor confidence through transparent progress reporting and improved quality.
    Optimization of the app development process
    Technological Goals
    • Update the React Native framework – crucial for the continued development of the app and its availability on the App Store and Google Play.
    • Adapt the codebase according to the recommendations from penetration testing reports (security compliance).
    • Meet over 120 requirements related to BSI certification.
    • Implement native components for Android (Kotlin) and iOS (Objective-C).
    • Maintain complete documentation aligned with the client’s organizational culture and high auditability standards.

    Customer experience

    Working with fireup.pro has been a fantastic experience. The [mobile] developer they provided has far exceeded our expectations, quickly adapting to our projects with impressive autonomy and our way of developing software as a medical device (SaMD).

    Additionally, when we faced an emergency with a critical issue, fireup.pro promptly delivered a highly skilled support developer who seamlessly integrated into the team, offering exceptional guidance and maintaining a high level of professionalism throughout.

    Their responsiveness and quality of talent have truly made a positive impact on our success and is our first and most trusted partner for future projects.

    Alex Unger

    Head of Engineering

    Buckle
    From challenge

    Key Challenges

    1

    Lack of a mobile developer on the client's team at a critical stage of the project.

    2

    Risk of being unable to publish new app versions without updating the framework.

    3

    Very short timeframe for onboarding a new developer and preparing for an upcoming deadline (expiration of certifications).

    4

    High organizational demands from the client - fast-paced work environment, strict documentation standards, and a meeting-heavy culture.

    5

    The need to support two mobile platforms (Android, iOS) simultaneously for a single application.

    6

    Balancing the development of new features with work on security and certification compliance.

    Key Requirements

    Functional

    • Implement internationalization of the app (languages: German, Russian, Polish).
    • Add new features supporting the quality of therapeutic services.
    • Handle app publishing in the App Store and Google Play.

    Non-Functional

    • Update the React Native framework to a version accepted by mobile app stores.
    • Adapt the application to meet BSI certification requirements (including data protection, access control, encryption).
    • Respond to penetration test results with appropriate security-related modifications.
    • Ensure full compliance with the client’s audit requirements and strictly adhere to release schedules.
    • Maintain a high level of technical documentation, accessible to non-technical stakeholders as well.
    Through the solution

    Implementation

    The project was executed using the Scrum methodology, with full implementation of planning sessions, retrospectives, and daily stand-ups. Key elements included:

    • Fireup.pro developer Gosia Tańska was onboarded into the project one month before the departure of the previous developer. She completed a full onboarding process and a set of procedural trainings required by the client.

    Organization

    • The project maintained a high level of discipline – every meeting followed a set agenda, and participants were expected to come prepared. Tasks in Jira were described in detail (including justification, acceptance criteria, and links to release commits).

    Team Growth

    • Following an analysis of scope and task estimation, a second developer from fireup.pro joined the project. This allowed responsibilities to be split between the Android and iOS platforms.

    Collaboration

    • Close collaboration with the Product Owner – despite lacking a technical background, the PO effectively alleviated some of the development team's workload by ensuring excellent backlog organization.
    To the success

    Technological outcomes

    Three new versions of the mobile application were released on schedule.

    App internationalization: the Russian version was implemented, and work on the Polish version was initiated.

    Full analysis of penetration testing reports was conducted, and the application was adjusted to meet audit requirements.

    Over 120 BSI certification requirements were met, including extensive work on data protection, encryption, and information leakage prevention.

    The React Native framework was successfully updated, enabling continued development and publication in the App Store and Google Play.

    The mobile app was maintained and further developed in full alignment with the client’s organizational culture and the strict demands of the industry.

    Business Benefits

    Increased brand credibility through compliance with certification requirements.

    Ability to continue app development and expand into new language markets.

    Enhanced application security, leading to greater trust from investors and patients.

    Technological Benefits

    Keeping the application up to date with the latest version of the React Native framework.

    Creation of a well-structured, process-driven, and thoroughly documented IT project.

    Reduced risk of app unavailability in mobile app stores.


    Project team
    Abstract background
    Gosia
    Łukasz

    Gosia

    Mobile Developer

    Responsible for fully taking over the development of the mobile application, updating the framework, managing version releases, implementing native components, and analyzing BSI requirements and penetration test reports.

    Tech stack

    React Native

    JavaScript

    Java Script

    TypeScript

    Kotlin

    Objective-C

    Jira

    CI/CD

    Github Actions

    Fastlane

    Security
compliance

    Your success is our success

    See how we can build a technological advantage for your company together.

    Book free consultation!

    We have a team that truly knows its stuff — we'll help you find a solution that works.

    Conclusions & recommendations

    Process Orientation – Every new team member should undergo a complete onboarding and training program.

    Security – Healthcare projects must include audit-compliant components from day one.

    Documentation in Jira – Detailed task descriptions, release history, and commit links are crucial for high-quality project management.

    Effective Meetings – Preparation before meetings, agendas shared in advance, and pre-discussion analysis significantly improve team efficiency.

    Development Opportunities

    Expanding internationalization to additional markets.

    Implementing and evaluating the effectiveness of new digital therapies.

    Further strengthening of security components and data auditability.

    Background

    Time for your project.

    Turn your ideas into real solution and...

    ...Get in touch with us!

    Your vision, our realization
    Want to discuss the details?
    Let us know!

    I agree to the processing of my personal data by Fireup Software ...