Mobile-first card issuing: 5 steps to create your mobile app

Mobile has established itself as the key channel for managing your money, becoming the Swiss army knife of any cardholder’s financial life. Take a quick look at your phone and the apps within it, we often dismiss how easily we can now view balances and transactions, manage cards, and make payments. In fact, mobile banking penetration around the world is startling 89% of cardholders use mobile banking, with 6 of every 10 users preferring mobile apps to web banking. 

Creating mobile card experiences is therefore a strategic move that aligns with the expectations of today's users. In this guide, we'll walk you through the steps to set up a seamless and user-friendly mobile card experience, ensuring users enjoy the convenience and security they expect.

Why introduce mobile cards?

Tapping into the realm of mobile transactions opens up new revenue paths. In addition, the convenience of mobile card interactions enhances customer loyalty. This isn't merely about staying current; it's about fostering a deeper connection with your audience.

The rise of the mobile-only neobank along with global money transfer companies loading mobile cards with sent funds showcase the steady adoption within fintech.Though increasingly, other industries are delivering their own mobile card programs:

• Retailers or hoteliers can leverage mobile loyalty cards hosted in the customer’s digital wallet, giving them a channel for tailored promotions, while gaining insights into consumer behavior for enhancing marketing strategies.
• Food delivery services can provide their drivers with mobile cards to pay restaurants and grocery stores using funds collected from the customer’s sale. Reducing the reliance on physical cards and streamlining cash flow management.
• Expense management can be facilitated by issuing mobile cards for employees on-the-go as and when they are needed. Helping companies to better monitor spending and enforce the right policy.

Still not every business is equipped with the resources to build an app from scratch or navigate complex banking systems. More and more businesses therefore look to their payment service provider as a strategic partner to add these card issuing and mobile capabilities. 

The following steps draws on our experience with clients using our mobile SDK.

Step 1. Planning and discovery

Clarify the goals and objectives of introducing a mobile card experience. Identify what you want to achieve – from enhancing user engagement to providing a competitive advantage. Think about what your users need: how will they interact with your app? What do they expect to do within it? 

Understand the preferences and behaviors of your target audience. Analyze user personas to tailor the mobile card experience to their needs and expectations to ensure it’s a successful app. Consider whether you should create a completely new application, or build on an existing one your users may already be familiar with.

Generally, users expect a common set of core interactions within a ‘banking app’ and this will drive the flow and functionality within your application itself. The most common functionality is listed below, which is all covered through our Card Management SDKs:

• Viewing their lists of cards, be them physical or virtual cards.
• Viewing sensitive information, such as their 16-digit card number (PAN) or their CVV. For physical cards, this would also include the PIN of the card itself.
• Managing the lifecycle of the card. If the card is misplaced, enabling the cardholder to suspend it (and activate again if needed). Or Revoking the card if it has been lost or stolen.
• Provisioning cards to a digital wallet. Our SDK enables what is known as push provisioning, adding a physical or virtual card to digital wallets directly from the mobile app. We support this for both Apple Pay (iOS) and Google Pay (Android).

Step 2. Design a user-centric experience

Prioritize a clean and intuitive design for your mobile card interface. Consider user flows and interactions to ensure a smooth and delightful user experience.

Modern neo-banks can provide a great starting point for what a good user experience looks like, but don’t disregard the incumbents either as the mobile banking space has progressed significantly in the past few years. Do you want to create a familiar experience, where users can navigate almost by default, or something unique, which could create more stickiness for your app itself? Regardless of your choice between the two, using our Card Management Mobile SDKs you have the freedom to design and create the UI that best fits your cardholder’s needs.

Tip: Check out our open-source iOS sample app as inspiration for a typical card management experience.

Step 3. Choose the right technology

When creating an in-app card issuing experience, you should consider how your chosen technology will balance compliance and functionality to delight and protect your cardholders.

Let’s use Checkout.com’s mobile SDK as an example of hitting the sweet-spot of both extensive functionality and PCI compliance. Accessing sensitive data (PINs/PANs/CVVs) directly from an API call adds a high compliance burden. Our SDKs solve this problem by decrypting data sent to them from our backend and returning that data securely to your mobile app. 

Next, you should ensure the technology aligns with your app's architecture. For example, will you follow a native or cross-platform approach? Our take: while cross-platform might allow you to build faster, we’d recommend a native approach, or at least ensuring elements of your app are native. This is due to the range of functionality within your app that would be interacting with the core OS, such as provisioning cards to digital wallets, or enabling out-of-band authentication.

Here are other elements to consider for specific groups of functionality:

Viewing Sensitive Card Information 

• ‍Check: Does the provider implement robust security measures to protect sensitive user data? ‍
• Do they leverage encryption and compliance with industry standards to build trust among users, and protect sensitive data transmission to the app layer on the device itself?

Seamless Wallet Integration

Explore options for integrating your cards into popular mobile wallets. 

• Check: Does the provider ensure compatibility with Apple Pay and Google Pay?
  
• Specifically, do they provide token service provider capabilities themselves or integrate with a 3rd party? Are they compatible with other more niche digital wallets that are particularly important for your business, such as Samsung Pay?

Streamlined Integration Process

Opt for a mobile SDK with a quick and straightforward integration process. 

• Check: Does the provider provide documentation and support for developers to facilitate a smooth implementation?
• ‍This could be in the form of public Github repos, where you can view integration advice and ask questions. Your issuer should include an API reference, for the backend endpoints you need to hook into. And also help you understand how front-end solutions, like an SDK or dashboard, and backend ones, like core issuing endpoints, fit together in a single flow ‍
• Do they provide specific mobile integration tooling?‍
• Do they have sample apps that help you with integrating their SDKs? Or provide ‘mock’ environments to help you begin implementation?

Step 4. Test and iterate

After selecting the right technology partner to create the experience you have designed, conduct thorough testing on both function and security.

• Whether you begin your backend or mobile-implementation first, ensure there is a clear flow defined between both each domain.
• Ensure all functionality within your app works seamlessly by covering a wide variety of use cases. For example, test adding to digital wallets with different types of cards (e.g. physical vs virtual), on different devices (ideally running different OS versions), and with multiple cardholders on a test app.
• Be aware of the compliance requirement. For example, integrating and implementing SCA where necessary. Work with your compliance partner throughout the integrating and testing cycle to ensure you’re compliant.
• Leverage user feedback from beta testing to make iterative improvements. Prioritize enhancements based on user pain points and suggestions for a more user-centric experience. Continuously monitor and optimize the performance of your mobile card features. Address any performance bottlenecks or delays that users may encounter.

Step 5. Keep evolving the experience

After initial roll-out you can explore future functionality, such as using your mobile app as a form of payment authentication (3DS).

Note: Out-of-Band (OOB) authentication enables a cardholder to use your mobile app to authenticate transactions. If they make a purchase on their web browser or in a merchant’s mobile app, they can use their mobile phone (via your app) to authenticate and complete the transaction. 

Benefits to OOB authentication include increasing the stickiness for your mobile app for users, taking it one step closer to the center of your cardholder’s financial life. It reduces friction for cardholders, who can now easily approve their transactions using biometrics or a shorter mobile app password, without needing to manually type in a lengthier text-password (OTP method). 

For these reasons, OOB is quickly becoming the go-to mode of authentication. EMVCo (regulator for all things 3DS) is even introducing new features that increase speed, security, and ultimately conversion of mobile app authentications.

Note: Checkout.com will be releasing our new out-of-band (OOB) authentication solution at the end of March, which includes native iOS and Android OOB SDKs.
‍Get in touch to learn more and begin integration.

Conclusion

Creating a mobile card experience for your app is a dynamic process that requires careful planning and execution. But once the app is launched, the journey doesn’t end there - especially in an ever-changing market environment. Consider how you can foster a culture of continuous improvement, where teams are empowered to make timely adjustments. Additionally, schedule regular compliance audits along with keeping a pulse on new regulations. Ideally, work with a technology partner like Checkout.com who will provide these updates as part of their service.

By following this step-by-step guide, you'll be well on your way to building a mobile card experience that not only meets but exceeds the expectations of your users. Embrace innovation, prioritize user-centric design, and set the stage for a successful mobile card experience.