Commerzbank
Comdirect photoTAN
Security-critical two-factor authentication app for comdirect banking customers, enabling secure transaction authorization via photoTAN technology for over 1 million users.
Die Herausforderung
The photoTAN app is a security-critical component of comdirect's banking infrastructure, responsible for authorizing financial transactions for over 1 million customers. Any failure or vulnerability directly impacts the security of real financial transactions. The app required updates to meet evolving PSD2 regulations and Commerzbank's internal security standards while maintaining a frictionless user experience.
Der Ansatz
Led development efforts on the iOS photoTAN application with a focus on security-first engineering. Implemented cryptographic flows using CryptoKit and Keychain Services, integrated biometric authentication, and optimized the camera-based TAN scanning pipeline using AVFoundation. Ensured compliance with PSD2 Strong Customer Authentication requirements through close collaboration with security and compliance teams.
Tech Stack
Ergebnisse & Wirkung
Maintained and enhanced the security posture of a critical financial authentication tool serving over 1 million banking customers. Delivered improvements to scan reliability and authentication flow speed, reducing user friction while strengthening transaction security.
Meine Rolle
Senior iOS Engineer leading security-critical feature development in a team of 15. Responsible for cryptographic implementations, biometric integration, and ensuring compliance with banking security regulations.
Ähnliche Herausforderung?
Erzähl mir von deiner Herausforderung. Ich sage dir, wie ich sie angehen würde — und eine realistische Timeline.