Open in app

Sign in

Write

Sign in

Google Cloud - Community

Home

About

Google Cloud - Community

A collection of technical articles and blogs published or curated by Google Cloud Developer…

Building Scalable Mobile Banking Solutions on GCP

--

By Ajitesh kumar

Photo credit: Imagen

The Rise of Mobile Banking App !

The COVID-19 pandemic significantly accelerated the adoption of digital banking, with mobile apps becoming essential for customers to access services remotely. This trend is expected to continue as customers increasingly value the convenience and accessibility of mobile banking.

Banks need to build mobile banking apps to meet customer expectations for convenient, 24/7 access to banking services, enhance customer engagement, and reduce costs.

These apps must be scalable to handle large numbers of users and transactions, and robust to ensure reliability, security, and resilience against potential threats. Building such an application requires careful planning and a robust infrastructure.This post explores a comprehensive architecture for a mobile banking app on Google Cloud Platform (GCP), focusing on high availability (HA) and disaster recovery (DR).

The Building Blocks of a Mobile Banking App

The design embraces a multi-layered approach, utilizing a combination of managed and unmanaged services on GCP. This strategy ensures scalability, security, and flexibility. Think of it like a well-structured building, with each layer serving a specific purpose.

Presentation Layer — The User’s First Contact

This is the Users First Contact — the Mobile App itself.

While native iOS/Android development remains an option, Flutter is the preferred choice for this layer. Its ability to create cross-platform apps with a single codebase greatly saves development time and resources.

Furthermore, Flutter offers a wide range of customizable widgets and tools, empowering developers to create high-performing apps with a native user experience.”

Many organizations are also choosing FlutterFlow, a low-code platform that enables the rapid development of functional and visually appealing mobile apps using Flutter. This platform generates Flutter code in the backend and includes a visual interface and pre-built components for streamlined app creation and customization, making it accessible for developers with varying levels of coding expertise.

Complementing the front-end technologies, a BackendForFrontEnd(BFF) pattern combined with GraphQL can improve end-user experience by optimizing API consumption for the mobile application.

Application Layer — Heart of the System

This is where your core business logic resides. Build your code into independent and scalable microservices each handling specific functionalities and deploy it on Google Kubernetes Engine — GKE — The most scalable and fully automated Kubernetes service. Love and Enthusiasm for this product warranted marking the above statement in bold.

Apart from being the Gartner leader for the containerized platforms, it provides the below benefits

  • Fully Managed: Simple automation, SLAs, Google SRE managed, automatic upgrades, integrated logging/monitoring, backup/restore, seamless CI/CD.
  • Secure by Design: Hardened node images, private clusters, shielded nodes, workload identity, network policy/logging, binary authorization/trusted images.
  • Workload Optimized: Automated scaling, cost-optimized profiles, pay-per-use, cost-effective AI/ML scaling, massive scalability.
  • Proven Reliability: OSS Kubernetes foundation, largest Kubernetes contributor, Google-scale infrastructure.
  • Superior Scalability: Outscales competitors (15k+ nodes).
  • Superior Ops Mgmt: Zero-effort logging/metrics, planet-scale observability, integrated dashboard, native Prometheus support.

It’s possible that not everyone knows about the origin of Kubernetes. Below is the tale of Kubernetes.

Image Credit — LinkedIn Post

API Layer — Bouncer at the Door

Think of the API layer as the bouncer at the door. It handles authentication, authorization, rate limiting, and manages your APIs. It lets you expose API’s which other platforms can consume.

APIGEE — Google Cloud’s native API management tool to build, manage, and secure APIs — for any use case, environment, or scale. It comes with a developer portal, API lifecycle management and highly advanced features like APIGEE Advanced security which does anomaly detection, APIGEE Analytics — an insights layer on top of your API’s , APIGEE monetization — to monetize your API’s.

APIGEE can also act as a middle interface between the cloud and the OnPrem systems such as Core Banking.

Data Layer — The Foundation of Trust

This layer is the foundation of trust, a place which makes sure that the transactions that the users do are immutable and have no errors or mistakes.

Choosing the right storage for the data type is very important as it affects the performance of the overall system. Imagine an Image(Blob) data being fetched from an RDBMS query every time; this would put considerable load on the application and result in degraded performance.

The above diagram shows when to use which solution but would recommend below solutions

Cloud Spanner Google Cloud Spanner is a fully managed, horizontally scalable, globally consistent distributed SQL database. It combines the benefits of relational database features like strong consistency, ACID transactions, and SQL queries with the scalability of NoSQL databases, making it ideal for modern, cloud-native applications.

As a dual or multi-regional system, Spanner enables enterprises like banks to maintain high availability, low-latency access, and seamless failover in case of regional outages, ensuring mission-critical services are always up and running.

For large banks handling vast amounts of transactional data and requiring high levels of consistency, Spanner is an ideal solution with a 99.999% SLA. It offers ACID transactions, SQL, strong consistency, automated maintenance, unlimited read/write scaling, automatic sharding, geo-partitioning, a PostgreSQL interface, workload-isolated query processing (Data Boost), backup/restore, point-in-time recovery (PITR), and additional features like Spanner Graph, Vector Search, Full-text search, LangChain integration, and BigQuery federated queries. It’s ideal for large banks handling vast transactional data.

Spanner is a must while doing an Active Active architecture as the application can write to both the regions at the same time and even when one region goes down your application can continue to run with no downtime.

AlloyDB — Use AlloyDB for PostgreSQL when there is a requirement of a database service that can deliver high performance, scalability, and availability for demanding enterprise applications.

Caching — Caching improves app performance by storing frequently accessed data, enabling faster retrieval and reducing the need to repeatedly fetch data from the network. This leads to a smoother user experience with quicker loading times and reduced data consumption. Consider using MemoryStore Redis/MemCache flavor for caching needs.

Non Relational Databases like FireStore — offers a NoSQL, cloud-based database with real-time synchronization capabilities, making it ideal for apps that require live updates and offline functionality. This allows your developers to build responsive and engaging apps with features like live chat, collaborative tools, and real-time data dashboards.

Object Storage (GCS) — Use it as a digital filing cabinet for large files, like user documents, and images(Your KYC Documents etc). Cloud Storage is durable and cost-effective.

Analytics Services: The Eyes of Insight

Analytics services play a pivotal role in mobile banking, providing valuable insights that drive informed decision-making, enhance customer experiences, and optimize operational efficiency. By analyzing user behavior, transaction patterns, and app usage, banks can gain a deeper understanding of their customers’ needs and preferences.

This knowledge enables them to personalize services, tailor marketing campaigns, and proactively address potential issues. Additionally, analytics can detect fraudulent activity, identify areas for improvement in the app’s functionality, and measure the effectiveness of new features or services.

Utilize the below services to build your analytics system

BigQuery — BigQuery is a fully managed, AI-ready data analytics platform that helps maximize value from your data and is designed to be multi-engine, multi-format, and multi-cloud.

DataProc — Dataproc is a fully managed and highly scalable service for running Apache Hadoop, Apache Spark, Apache Flink, Presto, and 30+ open source tools and frameworks. Use Dataproc for data lake modernization, ETL, and secure data science, at scale, integrated with Google Cloud, at a fraction of the cost.

Looker — a business intelligence and data visualization platform that helps explore and analyze your data. It provides a centralized view of your data, allowing users to create interactive dashboards and reports that can be shared with others.

Security Services: The Guardian of the Gates

In the realm of mobile banking, security is not just a feature; it’s the bedrock upon which trust and reliability are built. As mobile devices become the primary gateway to financial services, the role of security services has never been more critical. These services act as the guardians of the gates, protecting sensitive user data and transactions from a multitude of threats that lurk in the digital landscape.

From advanced encryption algorithms that scramble data into unreadable ciphertext to multi-factor authentication that adds layers of verification, security services are the unsung heroes that work tirelessly behind the scenes. Real-time threat detection and anomaly monitoring systems act as vigilant sentinels, constantly scanning for suspicious activity and potential breaches.

The guardians of the gates are not just reactive; they are proactive. They educate users about potential risks and best practices, empowering them to become active participants in their own security. They provide tools and resources to help users stay informed and vigilant. And when breaches do occur, they respond swiftly and decisively, minimizing damage and restoring trust. Consider using the below Services from a Security Point of view .

Cloud Armor Cloud Armor is a web application firewall (WAF) that helps protect your applications and websites from attacks.

It uses Google’s global network and infrastructure to filter out malicious traffic and block attacks such as DDoS attacks, SQL injection, and cross-site scripting (XSS).

ReCaptcha reCAPTCHA is a security service from Google that helps protect your mobile app from spam and abuse. It uses an advanced risk analysis engine and adaptive challenges to tell humans and bots apart. This helps to ensure that only real users can access your app

Security Command Center (SCC) — The industry’s first multi-cloud security solution with virtual red teaming and built-in response capabilities — supercharged by Mandiant expertise and Gemini AI at Google scale.

Mandiant offers mobile app security services including threat intelligence, vulnerability management, incident response, and security assessments to help identify and mitigate threats, prevent attacks exploiting vulnerabilities, respond to and recover from security incidents, and identify potential security risks.

Google Security Operations SIEM Google Security Operations SIEM is a cloud service, built as a specialized layer on top of core Google infrastructure, designed for enterprises to privately retain, analyze, and search the massive amounts of security and network telemetry they generate. It lets you examine the aggregated security information for your enterprise going back for months or longer.

NextGen Firewall Cloud NGFW provides distributed, host-based firewalls for zero-trust security. It simplifies configuration with hierarchical firewall policies attached to resource hierarchy nodes. This, combined with IAM-governed Tags, enables granular control and micro-segmentation for both north-south and east-west traffic, down to single VMs, across VPC networks and organizations. Put it on the DMZ Size of the architecture.

Supporting Services: The Backbone of Operations

There are a number of supporting services which are required for the Operations. From Cloud Ops for logging and Observability , Pub/Sub for real time messaging service , Firebase for Notifications, Cloud DLP to help you discover, classify, and protect your most sensitive data , Vertex AI for your predictive and generative AI requirements etc , CloudBuild/Cloud Deploy for your CI/CD needs.

Conclusion

Building a reliable mobile banking app requires a well-designed architecture with a focus on both high availability and disaster recovery. Leveraging Google Cloud Platform’s managed services allows us to focus on core business logic while building a resilient and secure application. This approach provides a robust foundation for future growth and scaling, ensuring a seamless banking experience for your customers.

Happy to have an Offline conversation with anyone building a Mobile Banking Solution.

Mobile Banking App
Gcp
Scalable Applications
Google Cloud Platform

--

--

Google Cloud - Community
Google Cloud - Community

Published in Google Cloud - Community

62K Followers
Last published 9 hours ago

A collection of technical articles and blogs published or curated by Google Cloud Developer Advocates. The views expressed are those of the authors and don't necessarily reflect those of Google.

Ajitesh Kumar
Ajitesh Kumar

Written by Ajitesh Kumar

36 Followers
20 Following

Cloud Architect at Google

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams