Contact person: MERCURY: Cybersecurity App Development End-to-End - Fully UAT and Launched Live -- 2

Phone:Show

Email:Show

Location: Fraser Rise, Australia

Budget: Recommended by industry experts

Time to start: As soon as possible

Project description:
"Project Scope: Secure Cybersecurity App - MERCURY
Project Title: MERCURY – Cross-Platform Smartphone Cybersecurity Application

INTERNATIONAL TRAVEL WILL BE REQUIRED

Flights, Accommodation and Meals Allowance will be funded.

Target Platforms: Android & iOS
Deployment Model: Enterprise-grade sideload and Smartcard-based cybersecurity configuration

Contractual Requirements and Functional Description

Take over the basic version I have had produced in Kotlin.

1. Secure Sideload Deployment:
MERCURY must be distributed via sideloading from a hardened offsite, authenticated HTTPS server, bypassing app store deployment mechanisms. The server must use TLS 1.3 and mutual TLS authentication to ensure integrity and authenticity of the delivered binary packages.

2. NFC Smartcard-Based Self-Configuration:
Upon the tap of a Smartcard to the smartphone’s NFC sensor, the app shall automatically deploy, configure, and authenticate itself using a zero-touch installation model. The Smartcard will contain cryptographic credentials and configuration payloads to securely bootstrap the application - the production of 1000 Smartcards are required to be ready as part of this project.

3. Anonymous Messaging from MERCURY App to the recipient's WhatsApp or SMS app (whereby the recipient will/may not have MERCURY app. Integration:

The app must allow the user to anonymously type and send messages to recipients through their WhatsApp or SMS interfaces. Messages must be routed in a way that strips all sender-identifiable metadata, withstanding IT forensic examination of the recipient smartphone.

4. 256-Bit Assured Live-Time AL Monitoring:
The app will implement real-time AL monitoring, using SHA-3 or SHA-256 hashing algorithms to provide immutable logging. Monitoring results must be persistently displayed in the notification panel, utilizing OS-specific APIs for foreground services (Android) or persistent banners (iOS) to prevent termination by background task killers.

5. Dynamic AL Monitoring Control During Calls:
While voice calls are in progress, the app shall suspend AL monitoring to preserve performance and prevent audio interference, replaced by "Voice-Over Warning on AL Breach" (See Point 6). This will require call state detection using native telephony APIs, and a secure toggle mechanism to deactivate and re-enable monitoring appropriately.

6. Voice-Over Warning on AL Breach Detection:
When external applications attempt to access monitored ALs, MERCURY will trigger a real-time voice warning using Text-to-Speech (TTS) APIs.

7. Smartcard-to-Server Self-Authentication:
Prior to any deployment or configuration, a mutual cryptographic authentication must be performed between the Smartcard and the secure deployment server. This handshake shall use Elliptic Curve Cryptography (ECC) or RSA 4096-bit keys, facilitated through challenge-response protocols to ensure the identity of both parties and prevent impersonation or replay attacks.

Project will be considered complete once the app, server and Smartcards are ready to be produced onsite and deployed." (client-provided description)