Case Study

Mesusu App Security Assessment

MeSusu makes disciplined saving simple. Users set a goal (school fees, emergencies, trips), deposit small amounts every day, and unlock bonuses on completion – all without needing a bank account thanks to mobile-money integration. With financial data and personal identifiers flowing through the app, security testing for mobile apps and regulatory compliance were mission-critical.

Talk to an expert Work

Certified & trusted

CMMI Level 5ISO 2700125+ years600+ clients

Process maturity

CMMI Level 5

Information security

ISO 27001

Industry experience

25+ years

Global clients served

600+

Key Challenges the Business Faced

MeSusu asked Mapelcode to run an accelerated, end-to-end security test cycle that would identify gaps, guide fast fixes, and prove compliance to investors and regulators.

Sensitive data everywhere

PII, transaction histories, KYC documents.

Multiple threat surfaces

Android, iOS, Node.js APIs and a MongoDB cluster.

Regulatory clock ticking

The team needed full GDPR compliance for mobile apps before launch.

Mapelcode’s Comprehensive Solution

Mapelcode developed a next-generation AI-powered video creation tool powered by Generative AI and Computer Vision. The automated video creation platform allows MetaBuild to generate professional-quality videos directly from text or image inputs.

Methodology

Threat Modeling & Scope DefinitionAutomated Recon & Static Analysis – MobSF, OWASP ZAP.Manual Penetration Testing – Business-logic abuse, auth bypass, API fuzzing.GDPR Assessment – Consent flows, data-deletion paths, logging & audit trails.Secure-Code Workshops – Daily defect triage with MeSusu dev squad.Regression Validation – Retest after fixes, final sign

Key Areas Tested

Goal-Based Savings Workflow – Integrity of contribution tracking and payouts.Reward Distribution – Anti-fraud controls around bonus unlocks.Mobile-Money Integration – Token handling, callback validation.Identity & Consent Management – Sign-up, KYC, ‘Right to be Forgotten’.Referral & Incentive Programs – Abuse vectors and enumeration risks.

Our Technology Stack

Programming Languages

Kotlin (Android)

Swift (iOS)

Backend

MongoDB

Authorization

JWT tokens

Device Biometrics

Security Tooling

Burp Suite

MobSF

OWASP ZAP

Postman

GDPR checklist

Results Delivered

12 Vulnerabilities Closed

1 High, 3 Medium, 8 Low — all remediated pre-launch.

100% GDPR Compliance

Verified consent logs, data-export & deletion flows.

Hardened Mobile Apps

Biometric unlock, root detection, certificate pinning, improved crypto.

90% Fix Rate in 2 Sprints

Action-oriented reports and daily syncs cut turnaround time dramatically.

Zero Findings in Final Audit

MeSusu sailed through both internal and third-party mobile app security audits.

Why MeSusu Chose Mapelcode

Fintech Security DNA

20+ regulated financial products secured.

Sprint-Aligned Delivery

Findings delivered in daily, developer-friendly bite sizes.

Regulatory Know-How

GDPR, PCI DSS, SOC 2, ISO 27001 experts on call.

Transparent Collaboration

Shared Jira board, live Slack channel, and fix-validation videos.

Fintech Security DNA20+ regulated financial products secured.

Sprint-Aligned DeliveryFindings delivered in daily, developer-friendly bite sizes.

Regulatory Know-HowGDPR, PCI DSS, SOC 2, ISO 27001 experts on call.

Transparent CollaborationShared Jira board, live Slack channel, and fix-validation videos.

Ready to Bulletproof Your Fintech App?

Mapelcode’s mobile app development security engineers can embed with your team, hunt for vulnerabilities, and shepherd fixes, fast. Let’s safeguard your next release.

Talk to an expert

From the Mapelcode Engineering Lab

The intelligence layer behind how Mapelcode teams plan, engineer, test, release, and govern enterprise software.

“

AI Property Management Software Development: Build vs Buy, Real Costs & What US PropTech Startups Built in 2026

Compare AI property management software development with Yardi, AppFolio, and Buildium. Review costs, ROI, timelines, and scalability.

Legacy System Modernization with AI Agents: What US Enterprises Are Doing in 2026 And What It Actually Costs

Legacy System Modernization with AI Agents helps US enterprises in 2026 with modernization costs, strategies, risks, and approaches.

Jun 3, 2026Read more

Best Cloud Platform for AI Workloads: AWS vs Azure vs GCP

Compare AWS, Azure, and GCP for AI workloads in 2026. Explore pricing, GenAI, MLOps, compliance, and enterprise cloud strategy.

May 29, 2026Read more

How to Build an AI Contract Review Tool for Your Law Firm: Build vs Buy, RAG Architecture & Real Cost Breakdown

Should you build custom AI contract review or buy Harvey/Spellbook? Real cost breakdown, RAG architecture, and decision guide for mid-size US law firms. 2026.

May 11, 2026Read more

Healthcare App Development Cost 2026: Pricing & Insights

Explore healthcare app development cost in 2026, including features, compliance, and pricing breakdown from $40K to $500K+ for different app types. 2026!

May 4, 2026Read more

More work

Keep exploring.

AI Learning Management System | Edtech Case study

Mapelcode’s AI learning management system (LMS) uses AI and blockchain to transform EdTech with secure data, e-learning, and enhanced student engagement.

AI Legal Document Management Software | Case Study

Discover Mapelcode AI legal document management software that automates workflows, enhances security, and streamlines legal document processing efficiency.

AI Journaling Platform | Cognitive Reflection App —Mapelcode

Mapelcode built an AI-powered journaling platform that enables cognitive reflection through smart prompts, mood tracking & personalized insights. Explore

Your project next

Let's build something like this.

Share your challenge and we'll put together the right team, stack, and approach — just like we did for these clients.

Start a conversation View our work

→