Government Services Mobile App Development

NOVASOLUTIONS.TECHNOLOGY is engaged in the development, support and maintenance of iOS, Android, PWA mobile applications. We have extensive experience and expertise in publishing mobile applications in popular markets like Google Play, App Store, Amazon, AppGallery and others.
8+Years of work900+Completed projects100+In house employees19+Partners
Development and support of all types of mobile applications:
Information and entertainment mobile applications
News apps, games, reference guides, online catalogs, weather apps, fitness and health apps, travel apps, educational apps, social networks and messengers, quizzes, blogs and podcasts, forums, aggregators
E-commerce mobile applications
Online stores, B2B apps, marketplaces, online exchanges, cashback services, exchanges, dropshipping platforms, loyalty programs, food and goods delivery, payment systems.
Business process management mobile applications
CRM systems, ERP systems, project management, sales team tools, financial management, production management, logistics and delivery management, HR management, data monitoring systems
Electronic services mobile applications
Classified ads platforms, online schools, online cinemas, electronic service platforms, cashback platforms, video hosting, thematic portals, online booking and scheduling platforms, online trading platforms

These are just some of the types of mobile applications we work with, and each of them may have its own specific features and functionality, tailored to the specific needs and goals of the client.

Offered services
Showing 1 of 1 servicesAll 1735 services
Government Services Mobile App Development
Complex
from 2 weeks to 3 months
FAQ
Our competencies:
Development stages
Latest works
  • image_mobile-applications_feedme_467_0.webp
    Development of a mobile application for FEEDME
    756
  • image_mobile-applications_xoomer_471_0.webp
    Development of a mobile application for XOOMER
    624
  • image_mobile-applications_rhl_428_0.webp
    Development of a mobile application for RHL
    1052
  • image_mobile-applications_zippy_411_0.webp
    Development of a mobile application for ZIPPY
    947
  • image_mobile-applications_affhome_429_0.webp
    Development of a mobile application for Affhome
    862
  • image_mobile-applications_flavors_409_0.webp
    Development of a mobile application for the FLAVORS company
    445
Show more works

Government Services Mobile Application Development

Government services — not just CRUD with authorization. Integration with tax service, digital signatures, ESIA (unified identification system), SMEV queues, 12-year-old XML schemas. Plus mandatory certification, data protection laws, storing personal data on RF servers. Before first line of code, understand regulations.

Authorization via ESIA and Digital Signatures

Most painful point. ESIA works via modified OAuth 2.0. Request signature — GOST R 34.10-2012, not RSA. Standard library like AppAuth won't work directly — need SDK from Rostelecom or implement signature via CryptoPro or ViPNet.

On Android: CryptoPro CSP embedded as .apk provider. User certificate in CryptoPro storage, access via custom KeyStore:

val keyStore = KeyStore.getInstance("CryptoProKeyStore")
val privateKey = keyStore.getKey(alias, null) as PrivateKey
val signature = Signature.getInstance("GOST3411withGOST3410EL")
signature.initSign(privateKey)
signature.update(dataToSign)
val signedData = signature.sign()

On iOS: ViPNet CSP SDK via Obj-C/C++ wrapper. Bridging header, static linking, manual memory management. One project's cold start grew from 1.2 to 2.8 seconds — moved initialization to background thread.

Digital Signature App integration via Deep Link: app forms signature request, passes to app via URL scheme, gets callback with signed document. With fallback to web if app not installed. Careful state handling in UIApplicationDelegate / Activity.onNewIntent.

SMEV and GIS Integration

SMEV 3 works via SOAP with WS-Security. Mobile doesn't communicate directly — only backend. Still complex: XML schemas large (registries, certificates), need client validation before sending.

For Android use javax.xml.validation with XSD. On iOS — libxml2 via C bindings or JSON-API via backend proxy.

Application statuses — async process: submit, process 3–5 business days, notification arrives. Need polling or push via FCM/APNs. Push often contains only serviceId — need separate data fetch before navigation.

Data Storage and Security Requirements

FZ-152 requires personal data storage in RF. For mobile: backend on Russian servers (Yandex Cloud, SberCloud, VK Cloud), no foreign CDN or analytics.

Local sensitive data storage — only EncryptedSharedPreferences on Android (AES256-GCM via Jetpack Security) or Keychain on iOS with kSecAttrAccessibleWhenUnlocked. ESIA session tokens never in plain SharedPreferences.

FSTEC certification needed if processing restricted data. Use only certified crypto libraries.

Vulnerability scanning before release mandatory. Use MobSF (Mobile Security Framework), OWASP Mobile Top 10 checklist. Special attention: exported Activities without Intent checks, unprotected ContentProviders, token logging in LogCat.

UX for Government Apps

Audience — 18–80 years with varying digital literacy. Default font size — larger. Support Dynamic Type (iOS) and sp-units (Android). Forms — short steps, no multi-step wizards without progress save.

Accessibility (a11y): contentDescription for meaningful elements, correct accessibilityRole in React Native or UIAccessibilityTraits in SwiftUI. Apps checked by Roskomnadzor including accessibility.

Offline mode critical: not all users have stable internet. Cache references (regions list, document types) via Room / Core Data. Sync application statuses on reconnection via WorkManager (Android) or BGTaskScheduler (iOS).

Stack and Architecture

For most government apps — native development optimal: iOS (Swift + UIKit/SwiftUI) + Android (Kotlin + Jetpack Compose). Flutter — acceptable if team prepared, no hard dependency on native crypto. React Native with react-native-crypto — risky: GOST crypto via JS bridge unstable.

Architecture: Clean Architecture + MVVM. Repository layer isolates SMEV/ESIA from UI. UseCase contains business logic. ViewModel manages screen state. DI — Hilt (Android) / Swinject (iOS).

Timeline

Audit requirements — including legal expertise: what data processed, certification needed, ESIA/SMEV APIs used. Without this — impossible technical design.

Design: UX for target audience, authorization scheme, data model, API contracts.

Development: iterative — auth and core flow first, then forms and references, then push and offline.

Publication: RuStore mandatory for government apps since 2023. Google Play and App Store — parallel.

Support: ESIA API and SMEV schema changes come without notice. Monitor via Firebase Crashlytics + custom response structure alerts.

MVP timeline (authorization + 2–3 services): 3–5 months. Full app with wide service catalog — 8–14 months. Cost estimated individually.