Ticket Contents
Description
Overview
Critical security remediation initiative based on Cipher Security Assessment (January 2026). All mobile applications must address 13 identified vulnerabilities before new feature development.
Scope
Mifos Mobile (MM) - Epic MM-573
Android Client (MIFOSAC) - Epic MIFOSAC-731
Mobile Wallet (MW) - Epic MW-363: Security Remediation (Cipher Audit 2026)
TO DO
It will also consider other security considerations such as ensuring the self-service plugin is used across our applications.
Goals & Mid-Point Milestone
Goals
[1][By Midterm Assessment- CRITICAL fixes]
[2][By Midterm Assessment - Understand delta for full used of self-service plugin]
[3][By Final Assessment - HIGH+MEDIUM fixes]
[4][By Final Assessment - LOW priority hardening]
[5][By Final Assessment - Solutions using self-service plugin]
Setup/Installation
See #mobile slack channel at mifos for guidance
Expected Outcome
A set of patched apps using the Self Service Plugin
Acceptance Criteria
Must complete the security items identified
Must complete an assessment of the deltas of the Self Service Plugin being used
Complete the implementation of the Self service plugin within the apps
Participate in Mifos Mid and Final presentations to community
Complete Project report at end shared with community
Implementation Details
KMP, Security, Backend.
Mockups/Wireframes
No response
Product Name
Mifos Pay, Mifos Field Officer App, Mifos Mobile
Organisation Name
The Mifos Initiative
Domain
Financial Inclusion
Tech Skills Needed
Mobile
Mentor(s)
@therajanmaurya
Category
Security
Ticket Contents
Description
Overview
Critical security remediation initiative based on Cipher Security Assessment (January 2026). All mobile applications must address 13 identified vulnerabilities before new feature development.
Scope
Mifos Mobile (MM) - Epic MM-573
Android Client (MIFOSAC) - Epic MIFOSAC-731
Mobile Wallet (MW) - Epic MW-363: Security Remediation (Cipher Audit 2026)
TO DO
It will also consider other security considerations such as ensuring the self-service plugin is used across our applications.
Goals & Mid-Point Milestone
Goals
[1][By Midterm Assessment- CRITICAL fixes]
[2][By Midterm Assessment - Understand delta for full used of self-service plugin]
[3][By Final Assessment - HIGH+MEDIUM fixes]
[4][By Final Assessment - LOW priority hardening]
[5][By Final Assessment - Solutions using self-service plugin]
Setup/Installation
See #mobile slack channel at mifos for guidance
Expected Outcome
A set of patched apps using the Self Service Plugin
Acceptance Criteria
Must complete the security items identified
Must complete an assessment of the deltas of the Self Service Plugin being used
Complete the implementation of the Self service plugin within the apps
Participate in Mifos Mid and Final presentations to community
Complete Project report at end shared with community
Implementation Details
KMP, Security, Backend.
Mockups/Wireframes
No response
Product Name
Mifos Pay, Mifos Field Officer App, Mifos Mobile
Organisation Name
The Mifos Initiative
Domain
Financial Inclusion
Tech Skills Needed
Mobile
Mentor(s)
@therajanmaurya
Category
Security