11 thoughts on “Application Functionalities – Part 1

  1. Cool! I wanted to ask you a few design and technical questions if you don’t mind (I was also thinking of writing an app like that, Google Sheets are not enough after some time):
    1. Where do you store the user data (expenses, income records)? Is there a DB on the server or is it a local file?
    2. If it is local, how do you manage the synchronization between web and mobile app?
    3. What technology do you use for both apps?

    Cheers!

    1. Hello,
      There will be dedicated post about technology very soon, but in few words: I store data in postgresql server. In production it will be in a cloud, currently in tests it’s on my serwer. I write backend in Java and springboot. Frontend is written in Ionic, so there is one code base for web and mobile

      1. Thanks, I am waiting for the technology post then 🙂
        One thing I was wondering about with this approach (DB in the cloud / global server) is that the data that the user stores there are kind of sensitive (income, expenses for different things). Did you consider encrypting this data so that noone but the owner can access it in plaintext form?

        My two approaches were:
        – have the user store his data DB locally (google drive, dropbox, whatever), but that raises problems in terms of accessibility via mobile and web app.
        – have the data stored in an encrypted way (db just stores a binary blob that cannot be decrypted even by the admin), the data is sent to user and decryption happens on client side. The problem with this approach is how to store the encryption key and what if user fogets / loses the key 😉

        1. Yes, I was thinking about it, and I’m aware that it might be an issue for some people.
          First of all, I’m going to gather as little private data as possible. The only required data to start using an application will be email address – required to log into an application, nothing more. So it will be possible to create an account with some new email used only for this app – and then it will be very hard to connect a person with application data. I hope it will be enough for most people.
          Ofcourse it is possible to generate some key on client’s device and encrypt/decrypt data with it, but it raises a problem not only with loosing/forgetting but also with exchanging it between devices, because in my opinion access to data for it’s owner should be as simple as possible – from any device.

          And about gdrive, dropbox – I plan to use it for storing photos of receipts and invoices – but it will be a little later. Now I’m working on basic functionalities 🙂

          1. “So it will be possible to create an account with some new email used only for this app – and then it will be very hard to connect a person with application data.”

            Well, theoretically yes but there’s also an IP address and that combined with the application data is already a lot.

          2. Of course you are right.
            Currently I do not have better solution, but it is the same with most of online application where we leave our (very often sensitive) data.
            If you have any reasonable solution to this situation which will not have large influence to usability I will be very glad to hear about it and implement it in application. I’m open to any propositions

  2. I’d personally prefer an offline application that stores encrypted data on my device only (be it a desktop app or a mobile app), even at a cost of no synchronization. But I understand that for some users synchronization is important. Eventually a solution that stores the data in my icloud (from Apple), as to my understanding Apple can’t decrypt it (but I might be wrong here).

    1. I understand that approach.
      I like comfort of synchronization and sharing access between family members, and in that case – when data is in the cloud, encryption and decryption might be an issue, because for example in some functionalities I might need access to data for some grouping, sorting, summing or charting…

      We already give a lot of our data and privacy for example to banks using online access. I know that banks have huge budgets for security, but there is always a risk.
      The only thing I can say, is that I’m fully aware of possible users’ concerns and security is my priority while developing this application.

  3. “The only thing I can say, is that I’m fully aware of possible users’ concerns and security is my priority while developing this application.”

    Ok, great!

  4. And maybe the sync (and thus off-device storage of data) will be optional? That way both users willing to have synchronization possibilities and users who don’t want to upload their data anywhere will be satisfied? Just an idea.

Leave a Reply