Mobile App Development Company in Stockholm

A scoped Stockholm MVP on a single platform (iOS or Android) at our rates runs SEK 450,000 to 950,000 over twelve to twenty weeks, covering UX, native build, Mobilt BankID and Swish integration, backend API, and store submission. A cross-platform React Native or Flutter MVP across iOS and Android lands at SEK 600,000 to 1,200,000 for the same scope, often a better economic call for early-stage Stockholm startups outside the regulated banking space. Full production apps with brokerage, payments, audio streaming, or PSD2 SCA flows range from SEK 1,500,000 to 6,000,000 plus ongoing maintenance. Stockholm rates sit above Gothenburg and Malmo because of the Spotify, Klarna, and Truecaller talent premium and the high Mobilt BankID and PSD2 integration complexity. We give fixed-fee proposals per release, not open time-and-materials estimates, so your CFO can actually plan around them.

Mobilt BankID is issued by Swedish banks under the Finansiell ID-Teknik BID AB scheme and is now the default login layer for almost every Swedish consumer service — banking, healthcare via 1177, tax filing at Skatteverket, sign-in to government portals, and most retail and subscription products. In a mobile app, the integration goes through the official BankID Relying Party API. Same-device flows launch the BankID app via URL scheme, the user authenticates with PIN or Face ID inside BankID, and your app receives a signed completion token. Cross-device flows use QR code rotation refreshed every one to two seconds to defeat phishing. We implement both, fall back gracefully if the BankID app is uninstalled, and log every authentication attempt with personal number redaction so IMY GDPR audits do not turn into incident reports. Email and password is never a default in Sweden — assume Mobilt BankID is table stakes.

Swish is the Swedish mobile payment standard — joint venture of SEB, Swedbank, Nordea, Handelsbanken, Danske Bank, and Lansforsakringar, live since 2012, used daily by more than eight million Swedes for peer-to-peer transfers, retail checkout, and small-business invoicing. For mobile apps you integrate via the Swish Merchant API (e-commerce, in-app) or Swish Handel (point of sale). Implementation requires a Swish Merchant Agreement with your acquiring bank, a production certificate, and IP whitelisting. We handle the bank paperwork, build the m-commerce flow with deep links that hand off to the Swish app and return with a signed payment token, and ship the webhook handler for asynchronous settlement. Swish typically beats card payments on conversion in Sweden by ten to twenty percentage points for B2C checkout, and the per-transaction fee structure is materially cheaper than Visa and Mastercard interchange for most Stockholm merchants.

Sweden implements the EU Accessibility Act (Directive 2019/882) through Tillganglighetsdirektivet, in force from 28 June 2025. It applies to consumer-facing mobile apps in banking, e-commerce, transport, telecoms, audiobooks, e-readers, and emergency communications. Required conformance is WCAG 2.1 Level AA equivalent, with documented assistive-technology support — VoiceOver on iOS, TalkBack on Android, dynamic type, sufficient contrast, captions and transcripts for audio and video, and keyboard or switch navigation where the platform supports it. Enforcement sits with sector regulators (Post- och telestyrelsen for telecoms, Konsumentverket for retail, Finansinspektionen for banking). We bake accessibility into design from the first wireframe, run automated axe-core and Accessibility Inspector scans every build, and ship a written conformance statement at release that matches the templates the European Commission published in 2024 and 2025.

For Swedish consumer apps we default to AWS eu-north-1 (Stockholm), Azure Sweden Central (Gavle), or GCP europe-north1 (Hamina, Finland) — all EU regions with low latency from Sweden and a clean answer for IMY data-residency questions. Personal data, Mobilt BankID logs, and any payment-adjacent records stay inside the EU. We document data flows in a GDPR Article 30 record-of-processing template IMY would accept on inspection, run a Transfer Impact Assessment if any sub-processor sits outside the EU, and use Standard Contractual Clauses plus supplementary measures (encryption at rest with EU-controlled keys via AWS KMS or Azure Key Vault) where US sub-processors are unavoidable. For Finansinspektionen-regulated banking and brokerage apps, we add Swedish-region pinning, signed audit logs, and quarterly third-party penetration tests aligned with the FFIS guidance.

For Stockholm fintech and banking apps with deep Mobilt BankID, Swish, and PSD2 SCA integration, we usually recommend native — Swift and SwiftUI on iOS, Kotlin and Jetpack Compose on Android. The certificate handling, biometric prompts, and secure-enclave usage are materially easier and less buggy in native code, and Finansinspektionen audits go more smoothly when the security-sensitive layer is platform-idiomatic. For consumer apps, marketplaces, content products, and B2B tools, React Native (with Hermes and the New Architecture) or Flutter ship sixty to seventy percent faster on a single codebase and the user-perceptible quality gap is essentially gone in 2025 if the team is competent. Spotify and Klarna both ship significant React Native surface in production. We will recommend the right stack against your scope, team, and budget rather than the one that grows our hours.

App Store and Play Store rejections are the single biggest cause of missed launch dates for Stockholm clients we inherit from other agencies. We ship every app through a pre-submission checklist: Apple guidelines 4.0 design, 5.1.1 privacy, and 5.5 mobile money for Swish flows; Play Store Data Safety form, Restricted Permissions declaration, and Target API level compliance. For fintech and BNPL apps we obtain Apple's financial services entitlement upfront and document the issuing bank, Finansinspektionen registration, and Mobilt BankID provider. Swedish-language App Store and Play Store metadata is written by a native speaker, not Google Translate. Phased rollout starts at one percent on Play Console and a TestFlight cohort of 100 to 500 internal users on iOS. We have not had a final-stage reviewer rejection on a properly scoped Swedish app in the last twenty-plus submissions.

Yes — and for Swedish apps it matters more than most markets. Mobilt BankID releases breaking API and SDK changes roughly once a year, Swish ships merchant API updates on its own cadence, iOS and Android each force major SDK and target-API migrations annually, and the Tillganglighetsdirektivet conformance obligation is now continuous rather than one-off. Our standard maintenance retainer covers OS-version compatibility (we test on the latest two iOS and Android versions Apple and Google still sign), Mobilt BankID and Swish API upgrades, dependency and CVE patching within service-level agreements, crash and ANR triage from Crashlytics and Sentry, store-listing optimisation in Swedish and English, and one minor feature release per quarter. Retainers are scoped from SEK 35,000 per month for a maintenance-only contract up to SEK 150,000-plus per month for an embedded team with active roadmap delivery.