Skip to content
Reference 16 min read Recently updated

Mobile Apps Standards

Complete standards for building, testing, and shipping mobile apps in 2026 — Flutter cross-platform development, app store submissions, COPPA/GDPR-K compliance, and zero-data architecture.

flutter dart android ios app-store google-play privacy coppa
← Back to resources
Shipping Checklist

Review & Shipping Checklist

0% complete · Saved in browser
In this post

Overview

This standard covers mobile app development — currently Flutter/Dart for cross-platform Android and iOS. Mobile apps face unique constraints: platform-specific lifecycle management, store review processes, permission models, and children’s privacy regulations.

Prerequisites: General Standards (file structures, Git, a11y, privacy).

What this covers:

  • Flutter cross-platform apps (Android + iOS)
  • App store submissions (Google Play, App Store)
  • Privacy-first and COPPA/GDPR-K compliance
  • Platform-specific features (foreground services, audio sessions, notifications)

Tech Stack (2026)

LayerPrimaryAlternative
FrameworkFlutter 3.xJetpack Compose (Android-only) / SwiftUI (iOS-only)
LanguageDart 3.x
StateRiverpod / Flutter BLoCProvider (simpler apps)
Audiojust_audio + audio_service
Local DBIsar / Drift (SQLite)SharedPreferences (simple)
Networkdio / http
Notificationsfirebase_messaging + flutter_local_notifications
AnalyticsFirebase (opt-in only)None (privacy-first)
Testingflutter_test (unit) + integration_test

Why Flutter:

  • Single codebase for Android + iOS (and web/desktop for future expansion)
  • Hot reload for fast iteration
  • Strong platform channel support for native APIs (audio services, notifications, background execution)
  • Growing ecosystem with production-grade packages

Project Scaffolding

File Structure (Flutter)

project-root/
├── lib/
│   ├── main.dart                   # App entry point
│   ├── app.dart                    # App widget, routing, theme
│   ├── core/
│   │   ├── theme/                  # Design tokens, dark/light mode
│   │   ├── constants/              # App constants, enums
│   │   ├── errors/                 # Error handling, exceptions
│   │   └── utils/                  # Pure utility functions
│   ├── features/                   # Feature modules
│   │   └── audio/                  # Example: audio playback feature
│   │       ├── data/               # Data sources (local files, repos)
│   │       ├── domain/             # Entities, use cases, repository interfaces
│   │       ├── presentation/       # UI screens, widgets, state management
│   │       └── services/           # Platform channel services
│   ├── services/                   # Shared services (audio engine, storage)
│   └── l10n/                       # Localization (when needed)
├── assets/
│   ├── audio/                      # Sound files (CC0-licensed)
│   ├── images/                     # App images and icons
│   └── fonts/                      # Custom fonts
├── android/
│   ├── app/src/main/AndroidManifest.xml
│   └── ...
├── ios/
│   ├── Runner/Info.plist
│   └── ...
├── test/
│   ├── unit/                       # Unit tests for logic/services
│   └── widget/                     # Widget tests for UI components
├── pubspec.yaml
├── analysis_options.yaml
└── README.md

Initial Setup Checklist

  • flutter create with org name and platforms
  • Clean project structure established (remove default counter app)
  • State management (Riverpod) configured
  • Theme system with dark/light mode support
  • Localization ready (if applicable)
  • Asset structure set up (audio, images)
  • Error handling framework in place
  • Platform-specific configurations started (Android Manifest, iOS Info.plist)

Architecture & Design Patterns

Recommended Architecture: Clean Architecture + Feature-First

UI (Widgets) → State (Riverpod) → Service Layer → Platform (native APIs)

Layer responsibilities:

  • Presentation (Widgets): UI only. No business logic. Stateless where possible.
  • State (Riverpod): Manages app state, coordinates services. Testable via provider overrides.
  • Services: Business logic, platform APIs, data processing. Pure Dart (testable).
  • Platform (Flutter packages + native channels): OS-specific APIs (audio, notifications, sensors).

Audio-First Architecture (from Murmur)

For apps with background audio requirements:

Audio Service (abstract)
├── Initialization (configure audio session)
├── Playback (play, pause, stop, seek)
├── Queue management (playlist, loop modes)
├── Sleep timer (countdown → fade-out → pause)
└── Platform channels
    ├── Android: MediaSession, Foreground Service
    └── iOS: AVAudioSession, Remote Command Center

Key considerations:

  • Foreground services are mandatory on Android API 34+ for media playback
  • iOS requires AVAudioSession category .playback for background audio
  • Sleep timers should fade out volume (not abruptly stop) to avoid disrupting sleep
  • Gapless looping requires waveform zero-crossing detection in audio preprocessing

Zero-Data Architecture

Following the Murmur pattern:

  • No analytics SDK, no crash reporters, no device identifiers
  • All preferences stored locally (SharedPreferences or Isar)
  • No network calls except content delivery (if streaming from CDN)
  • COPPA/GDPR-K compliance by architecture (not by policy statement)

Trade-off: Without crash reporting, rely on:

  • Firebase Test Lab for automated testing on real devices
  • Manual pre-release testing on target platforms
  • Beta testing via TestFlight (iOS) and Internal Testing (Android)

Platform-Specific Standards

Android

RequirementImplementation
Min SDK26 (Android 8.0) — covers 95%+ of active devices
Target SDK35 (Android 15)
Foreground servicesDeclare foregroundServiceType in manifest; request POST_NOTIFICATIONS permission
Notification channelsCreate on first launch for each notification type
Background executionUse WorkManager for deferrable tasks; foreground service for ongoing tasks
App signingUpload key via Play Console; use Play App Signing
ProGuard/R8Enable minification and obfuscation for release builds

iOS

RequirementImplementation
Min deployment targetiOS 16.0
Background modesEnable “Audio, AirPlay, and Picture in Picture” for audio apps
Audio sessionConfigure as .playback category at app launch
InterruptionsRegister for AVAudioSessionInterruption notifications; handle phone calls gracefully
App Transport SecurityAllow specific domains only; never disable ATS globally
ProvisioningUse Xcode automatic signing for development; manually managed for distribution

Performance Standards

MetricTarget
App startup time≤ 2s (first launch), ≤ 1s (subsequent)
UI frame rate60fps steady (120fps on ProMotion devices)
APK size≤ 30MB (Android)
IPA size≤ 100MB (iOS, grows with assets)
Memory usage≤ 150MB typical, ≤ 250MB peak
Background audio battery≤ 5% per hour (screen off, audio playing)

App Store Submissions

Google Play Checklist

  • App signed with upload key
  • Content rating questionnaire completed
  • Privacy policy URL set in store listing
  • Data safety section accurately filled (zero data = disclose nothing)
  • App bundle (AAB) uploaded, not APK
  • Store listing: description, screenshots (minimum 2), feature graphic
  • Test on 3+ real devices (or Firebase Test Lab) before submission
  • Internal testing track used before production

Review time: 1–3 days for initial submission; 1–2 hours for updates (automated).

Common rejections:

IssuePrevention
Background location without justificationAvoid unless critical to app function
Deceptive behaviorApp must do what it advertises
Insufficient testingTest on real devices before submission
Privacy policy missingRequired even for zero-data apps — state “no data collected”

Apple App Store Checklist

  • App meets Apple’s design standards (Human Interface Guidelines)
  • No placeholder content or incomplete UIs
  • Screenshots match current app version
  • Privacy policy URL set in App Store Connect
  • App tracking transparency (ATT) handled if applicable
  • TestFlight beta testing completed (recommended)
  • Full accessibility audit
  • No private API usage

Review time: 24–48 hours (initial); 1–2 hours (expedited).

Common rejections:

IssuePrevention
Crash on launchTest on real device + simulator before submission
Broken linksReview all links in app
Insufficient informationProvide demo account credentials if relevant
UI inconsistenciesFollow HIG; test on multiple screen sizes
Metadata issuesApp name, subtitle, and keywords must be accurate

Review & Shipping Checklist

  • Unit tests pass (service layer coverage ≥ 80%)
  • Widget tests cover critical UI flows
  • Integration tests on real devices (minimum 2 physical devices)
  • Performance targets met (startup, frame rate, memory)
  • Accessibility: screen reader (TalkBack/VoiceOver) tested on main flows
  • Dark/light mode tested across all screens
  • Background audio lifecycle: push to background, receive call, resume — all handled
  • Error states: no network, permissions denied, audio file missing — graceful handling
  • Platform-specific: Android back button, iOS swipe gesture — both tested
  • Privacy policy published and linked in store listing
  • Store listing assets ready: screenshots, feature graphic, icons
  • Internal testing track submitted and verified
  • Flutter for desktop/web — Expanding Flutter beyond mobile for unified codebase
  • AI on-device — Google’s MediaPipe and Apple’s Core ML for local ML inference
  • Declarative permissions — Per-feature permission requests on both platforms becoming standard
  • Privacy labels — Apple and Google expanding data transparency requirements
  • Subscription pricing — Shift from one-time purchases to subscriptions for mobile apps
  • Material You / Dynamic color — Adaptive theming becoming standard on Android

Project Templates

  • Murmur — Reference: Flutter audio app with zero-data architecture, foreground services, platform channel handling

References