Mobile App Development

When a Mobile App Is the Right Call

The decision between mobile app and web app is a technical one, not a preference. Three categories of requirement push a project toward native.

If your use case fits none of these categories, start with a responsive web app. You can always add a mobile client later, and an API-first architecture makes that straightforward.

Why Expo and React Native, Not Native Swift or Kotlin

For business applications, cross platform app development with React Native (via Expo) is the right default. Not because it is cheaper per se, but because the constraints of business apps align with what cross-platform frameworks handle well.

Business applications are form-heavy, data-driven, and workflow-oriented. They display lists, capture input, show status, and navigate between screens. They are not GPU-intensive games or camera-filter apps that demand frame-level control over the rendering pipeline. For this category of work, React Native produces genuinely native UI components (not WebView wrappers) with a single TypeScript codebase that targets both iOS and Android.

We pair Expo with a Laravel API backend. The mobile app is a client, identical in architectural role to a web frontend. Authentication tokens, business logic, validation rules, and data persistence all live server-side. The mobile app handles presentation, offline caching, and device-specific features. This separation means the mobile codebase stays thin, focused, and replaceable.

What about Flutter?

Flutter is a credible cross-platform framework with strong backing from Google, and its custom rendering engine (Skia/Impeller) produces smooth UIs. For teams already working in Dart, or for apps that demand pixel-perfect custom UI across platforms, Flutter is a reasonable choice. We use React Native with Expo because our stack is TypeScript and React end to end: the web dashboards, the API clients, and the mobile apps all share the same language, the same mental model, and (where appropriate) the same utility libraries. For a team whose backend is Laravel and whose web frontends are React, adding Flutter means introducing a second language and a second UI paradigm. That is not a dealbreaker, but it is a cost that needs justifying.

When native development makes sense

Native Swift or Kotlin is the right choice when the app's core value depends on platform-specific capabilities that React Native cannot reach: AR experiences using ARKit or ARCore at full fidelity, custom camera pipelines with real-time ML inference, or deep Siri/Google Assistant integrations. In four years of mobile work for business clients, we have not yet needed to go fully native. The Expo ecosystem covers business app requirements well.

Capability quick reference

This table covers the most common business app requirements and where each approach fits.

API-First Architecture: The Mobile App as a Client

Every mobile project we build follows an API-first pattern. The Laravel application exposes a RESTful API (or, where appropriate, GraphQL) that serves as the single source of truth. The mobile app consumes this API exactly as a web frontend would.

• ✓
  Shared business logic Validation rules, pricing calculations, workflow state transitions, and permission checks execute server-side. When a business rule changes, it changes in one place.
• ✓
  Independent deployment The API evolves behind versioned endpoints. A mobile app update and a backend change do not need to ship simultaneously. App store review cycles introduce delays that server deployments do not.
• ✓
  Multiple clients from one API The same Laravel API serves the mobile app, the web dashboard, webhook integrations, and background job processors. Adding a mobile client does not require rebuilding the backend.

The pattern is straightforward: Laravel handles authentication (Sanctum for token-based auth), authorisation (policies and gates), business logic (services and actions), and data (Eloquent with PostgreSQL). Expo handles screens, navigation, local state, offline queue, and device features. The data model is designed once, server-side, and the mobile app consumes it through well-defined API contracts.

This is fundamentally a build vs buy decision. If a SaaS product covers your mobile use case, use it. Custom mobile development makes sense when the workflow is yours, the data is yours, and the off-the-shelf options require too many compromises.

Offline-First Patterns for Field Workers

Offline support is the most common reason our clients need a mobile app rather than a web app. Field service engineers inspecting equipment. Delivery drivers confirming drop-offs. Warehouse operatives scanning stock in buildings with poor signal. These are the same people whose work feeds into your service delivery system, and they cannot wait for connectivity to do their jobs.

Each queued operation carries a timestamp, a unique client-generated ID, and enough context for the server to resolve conflicts. Conflict resolution follows a last-write-wins strategy for most business data, with explicit merge logic for cases where that would cause data loss.

Attachments (photos, signatures, PDF annotations) queue separately with chunked upload support. A 5 MB photo on a 2G connection will fail if sent as a single request. Chunked uploads with resume capability mean the file eventually arrives without requiring the user to retry.

This pattern requires server-side support. The Laravel API accepts idempotent writes keyed by client-generated UUIDs, handles out-of-order arrival gracefully, and returns sync status that the client uses to update its local database. The server-side queue processing follows the same patterns we use for background job infrastructure across all our applications.

Push Notifications and Real-Time Updates

Push notifications in a business app serve a specific purpose: alerting users to events that require action. A new work order assigned. An approval waiting. A delivery window changed. They are not marketing tools.

Permission strategy

iOS requires explicit notification permission, and Apple recommends against requesting it on first launch without context. The pattern that works: wait until the user encounters a feature that benefits from notifications (for example, when they are first assigned a task), explain what they will receive, then trigger the permission prompt. In our experience, this approach typically achieves noticeably higher opt-in rates in business apps compared to prompt-on-launch, because users understand the value before being asked.

Technical architecture

Expo's notifications module handles device token registration for both APNs (iOS) and FCM (Android). On first launch, the app requests permission and registers the device's push token with the server. The Laravel backend stores these device tokens per user (a user may have multiple devices) and dispatches notifications through a queue worker using Laravel's built-in notification system with custom channels for push delivery.

Authentication and Security Patterns

Mobile apps handle authentication differently from web apps because the device itself becomes a factor. The patterns we use are designed around this constraint.

These patterns align with the security and operations standards we apply across all IGC projects.

App Store Deployment and OTA Updates

Getting a business app into production involves two distinct channels: app store releases and over-the-air (OTA) updates.

App store releases go through Apple's App Review and Google Play's review process. EAS Build compiles the native binary from the Expo project, signs it with the appropriate certificates, and submits it. Apple's review typically takes 24-48 hours; Google's is usually under 6 hours. For internal business apps, Apple's Enterprise programme or TestFlight and Google's internal testing tracks bypass public review.

OTA updates via EAS Update are the more interesting capability. Because Expo apps load JavaScript bundles at runtime, you can push code changes (UI fixes, business logic updates, new screens) without going through app store review. The app checks for updates on launch, downloads the new bundle in the background, and applies it on the next restart. A bug fix can reach every user's device within hours, not days.

We maintain three channels: development (latest builds for internal testing), staging (release candidates for client review), and production (live builds). EAS Update channels map directly to these environments, each pointing at the corresponding Laravel API environment.

Ongoing maintenance obligations

A mobile app is not a one-time build. Ongoing annual maintenance covers concrete, scheduled work. Apple ships a major iOS release every September, and Google follows with Android in Q3-Q4. Each release can break existing behaviour in areas like background execution, notification permissions, and privacy controls. Expo SDK upgrades ship quarterly, and skipping versions compounds migration effort. App store policies change regularly, particularly around data collection declarations and minimum API level requirements. Provisioning profiles and signing certificates expire on fixed schedules.

This is the same principle that applies to all custom software maintenance: the build gets you through the door, the ongoing investment is what keeps it working. For mobile specifically, the cadence is faster and less forgiving than for web applications, because Apple and Google set the timeline, not you.

Performance Considerations for Business Apps

Mobile app performance for business use cases differs from consumer app optimisation. The priorities are: reliable data loading on variable connections, smooth list scrolling for large datasets, and minimal battery drain during background sync. Performance is a user experience concern first and a technical one second. A field worker waiting three seconds for a list to render while standing in a warehouse is three seconds of lost patience.

Testing Mobile Apps

Mobile testing is harder than web testing because the surface area is wider: two platforms, multiple OS versions, varying screen sizes, and connectivity states that cannot be fully simulated. We split testing into three layers.

Unit and component tests use React Native Testing Library to verify individual screens and components in isolation. These run fast, catch regressions early, and form the bulk of the test suite. Integration tests verify that the offline queue, sync engine, and API client work together correctly. These run against a local Laravel API and cover the failure modes that matter most: network timeouts, conflict resolution, and token refresh during sync. End-to-end tests use Detox to drive the app on real simulators, verifying complete user flows like login, data capture, offline queue drain, and push notification handling.

The investment in automated testing pays for itself within the first two Expo SDK upgrades. Without it, every upgrade is a manual regression test across two platforms. With it, confidence comes from a CI pipeline rather than a spreadsheet of manual checks.

When a Mobile App Is Not the Answer

Honesty matters more than a project fee. Many businesses approach us wanting a mobile app when a responsive web application would serve them better.

When a web app is the right answer, we build it as a custom web application with the same Laravel backend. If the mobile requirement emerges later, the API-first architecture means adding a mobile client is additive, not a rebuild.