I'm in the planning phase of a new app, specifically a budgeting app that my girlfriend and I will use, but I want it to be available for others too. Most of my projects before were personal, so I didn't really consider security or scalability. Now, as I think bigger, I'm worried about protecting user data since the app will likely allow linking financial accounts through a third-party API, which raises security questions. What should I keep in mind when transitioning from personal projects to something that will have real users? I'm wondering about basics like encrypting passwords, sanitizing data, and implementing MFA, as well as concerns around rate limiting and DDoS attacks. Do I also need to think about legal liabilities or terms of service agreements for a free app? Any advice on making this transition would be greatly appreciated.
1 Answer
It's great that you're thinking about these concerns early on! For your app, definitely follow best practices. It's worth doing some load testing as you grow and monitor costs associated with any APIs you plan to use. Just keep in mind, while you're building it for personal use primarily, consider how you can optimize it for potential users later. Also, don’t forget to have a Terms of Service and a privacy policy before you launch publicly!
Thanks for your insights! I'm not planning to monetize the app right away. I might start with manual transaction entries before diving into banking API integrations. Just need to ensure I have the basics covered.