Show HN: HCB Mobile – financial app built by 17 y/o, processing $6M/month

Hotwire Native tbh wouldn't have been a bad choice at all to use tbh. Especially if you wanna maintain 1:1 parity with the website. It combines both being a "web app" and native features we could still use like Tap to Pay and Push Provisioning. The downsides of it is that it isn't a cross platform framework like React so all changes would have to be pushed to both an iOS app repo and an Android app repo. Another downside is that it isn't a "write once run anywhere" type application as you're integrating Hotwire into the native code so you have to be comfortable with both Kotlin and Swift (however if you're writing native modules in React Native same applies).

Both are 2 completely valid and separate paths you could take when building an app and I'd actually be curious what'd HCB Mobile look like if we did use Hotwire Native.

The OP title seems a bit misleading notwithstanding this caveat.

It’s the same BS that people have at LinkedIn - leading a $250B initiative or increased revenue by $100B

OpenAI’s executive claiming - made one of the top visited websites :-)

Hi @cirrus3,

You've found an optional feature called Transparency Mode!

I admit, this is A LOT of information being made accessible. We at Hack Club (the nonprofit organization behind HCB, and the owner of the transactions above) have chosen to make our finances publicly available on the internet. You can read more about it here: https://blog.hcb.hackclub.com/posts/transparent-finances-opt...

That link (https://hcb.hackclub.com/hq/transactions) shows our donations and spending down to the cent since we believe donors deserve to know what their contributions are funding. As a nonprofit, you can talk about what you’re spending money on, but transparency in every transaction builds trust for supporters. This level of transparency is definitely atypical, and I can see why it may raise concerns.

Other organizations using HCB (such as Reboot) can choose to enable this feature too (it's off by default), and they're briefed on the potential risks and level of exposure to decide whether it's right for their organization/team. HCB supports 6.5k nonprofits, and roughly 64% of organizations have chosen to enable this feature.

> I see partial account numbers and other IDs/numbers that I assume you'd prefer not be public, regardless of how insensitive they may seem now.

> EXPENSIFY, INC. VALIDATION XXXXXX5987 THE HACK FOUNDATION +$0.89

Good catch! Thanks for flagging that verification deposit. I've pushed a fix here: https://github.com/hackclub/hcb/pull/12336

As for the account numbers (e.g. XXXXXX5987) visible in some transactions, these are our own defunct operating accounts, and we're aware they're out there on the internet. We have a new way of managing account numbers via Column.com, so these older transactions are less of a concern for me.

I very much appreciate you bringing these to my attention! We're always looking to improve, so I'd love to hear if you find anything else.

Not just for hack club - but transactions for another organization that is using their software is public. https://hcb.hackclub.com/reboot/transactions?page=13

Not sure if all the organizations using their software know this.

They have this page for reporting: https://github.com/hackclub/hcb/blob/main/SECURITY.md

Please look at this @mohamad08

The numbers and amounts used for account validations and adding it to be able to pull or push money . Should not be shown public..

Tbh not at all, the process is tedious but pretty straightforward if you understand the requirements. Apple is did throw at me a huge checklist to finish which did take a while to complete, but after you successfully build the feature and submit test case videos to them its only a matter of time until you receive access to it. For Tap to Pay on iPhone, its very easy to achieve development status if you're just curious about the technology and its applications. Its more the production entitlement in which you must complete the specifications I mentioned before.

It doesn't "seem," it "is."

Hi! Thank you so much for your kinds work :)

I actually did have to end up creating most of the backend APIs myself too or with the help of fellow engineers at HCB! What I like about HCB Mobile is that I'm not only creating a mobile app but also expanding our API infrastructure to allow for future integration with our platform.

It's an age-old convention, a way of supporting and encouraging kids, and harmless.

HN isn't a judge of software; it's a place to learn and be curious. So people are often interested in projects that do a novel thing in a normal way, or a normal thing in a novel way. Eg, stories fascinate us because something was built by a very lean team, or a group with no money, or somebody who is an industry outsider, or a parapalegic, etc. Overcoming these limitations is a sort of 'hacking'.

There is a new trend in Silicon Valley of bragging about how young founders are, etc. along with the rather bizarre trend of bragging about dropping out of high school to "found a startup".

Totally agree. Even if I'm a teen myself I never post my age unless someone asks explicitly. Saying your age is just trying to find excuses to justify a sub-par software imo (Not saying this project is sub-par)

My parents nor did any parent step in to help me on this application or the approval processes. Furthermore, the approvals didn't get "rammed through". It took me quite a bit to actually acquire their entitlements and app review approval. I dislike when people assume just because I live in "Silicon Valley" I automatically have everything handed to me. If you would like to learn more about how the processes that I took to achieve this feel free to ask!

Please don't be cynical on HN. It's not what this site is for, and destroys what it is for.

https://news.ycombinator.com/newsguidelines.html

> I do actually believe that zero teenagers should make banking apps or run non-profits.

That sounds like a lot of fun and should be a pretty social experience.

Also I'm going to assume his parents are proud, which should put his family at ease.

The parent non-profit organization Hack Club isn't run by teenagers. https://hackclub.com/team/

It's the lowest cost time to take risks like that, and it's a hell of a lot more constructive than fighting in a world war like 17 y.o men of the past.

Many developers do this, and it's explicitly allowed under Apple's Developer Agreement (section 3.3.1).

  Interpreted code may be downloaded to an Application but only so long as such code: (a) does not change the primary purpose of the Application by providing features or functionality that are inconsistent with the intended and advertised purpose of the Application (b) does not bypass signing, sandbox, or other security features of the OS; and (c) for Applications distributed on the App Store, does not create a store or storefront for other Applications.

The app store review guidelines (section 2.5.1) seem more narrow, but I think the above is what's enforced.

I was going to offer a similar, less-absolute warning.

Hardly. I was an M&A banker for a decade in New York and we used `M` for millions across the board. A few people would use `MM` but on every deck I signed off we used `M` for millions, `B` for billions

Some people do use `MM` but it's far from a standard.

I think being programmers we'd expect K and M. Save the mm for your financial report.

Humanity has moved on from roman numerals 1000+ years ago. Talk about tech debt.

> In accounting

Only in America.

america is not the entire world

also a simple google search disproves what you are saying. M is correct