Google OAuth Restricted Scope Verification + CASA Assessment Specialist — Gmail API (Fintech App)
Worldwide
1. Only apply if you have personally taken an app through Google restricted scope verification AND CASA to final approval. You'll be asked for proof. We're an Indian personal finance app adding Gmail inbox sync (gmail.readonly). Your job: build the complete Gmail analysis pipeline AND get us approved by Google. One contract, one owner, working end to end. Scope — you own end to end Build: Gmail sync & document extraction pipeline Google OAuth (gmail.readonly) with secure token storage and revocation handling Initial backfill (last 24 months, targeted sender/keyword queries) + incremental sync (History API + Pub/Sub watch) Detect, extract, and parse into structured JSON (with original PDFs stored): a. Insurance policies & policy documents (policy no., insurer, premium, sum assured, due dates) b. Autopay / e-mandate registrations & pre-debit notifications (merchant, amount, frequency, next debit) c. Loan statements & interest certificates (lender, outstanding, rate, EMI) d. Bank e-statements — including password-protected PDF unlock (per-bank password patterns from user's DOB/PAN) e. Demat/MF Consolidated Account Statements from NSDL/CDSL/CAMS/KFintech (holdings + transactions) Clean REST API + webhook delivery of parsed output to our backend; full source code, documentation, and handover OAuth consent screen & brand verification — Cloud project setup, Google-compliant privacy policy language, scope justifications, demo video script Restricted scope review — prepare, submit, and handle all Google Trust & Safety correspondence until approval; advise on Limited Use compliance CASA Tier 2 — manage the assessor process (we pay the lab directly), pre-scan before the official DAST, remediate all findings in the code you built, complete the SAQ through to Letter of Validation, and hand over an annual recertification playbook Done = Working pipeline extracting all 5 document categories with source code handed over + production OAuth client verified for gmail.readonly, no user cap + CASA LOV issued + recert playbook delivered. Context Early-stage app, no existing security certifications — expect real remediation work. Servers in Mumbai. Small teams / duos welcome (one dev + one compliance lead) as long as one person owns the contract. NDA before details. Must-haves At least one app taken through restricted scope + CASA approval (Gmail scopes specifically, not just Drive/Calendar) Strong backend skills: Gmail API sync at scale, PDF parsing incl. password-protected statements, Python or Node OWASP ASVS, DAST/SAST remediation, security headers/TLS hardening Clear written English for Google correspondence Answer these in your proposal (no answers = declined) Which app(s), which scopes, which CASA tier, which assessor lab, how long to approval? Give one example of a Gmail data use that violates Google's Limited Use policy and would get a fintech's access revoked. Briefly: how would you unlock and parse password-protected bank e-statements (e.g., HDFC) at scale? Your realistic timeline from kickoff to CASA LOV?
$1,500.00
Fixed-price- ExpertExperience Level
- Remote Job
- Ongoing projectProject Type
Skills and Expertise
Activity on this job
- Proposals:Less than 5
- Interviewing:0
- Invites sent:0
- Unanswered invites:0
About the client
- India12:06 PM
Explore similar jobs on Upwork
How it works
Create your free profileHighlight your skills and experience, show your portfolio, and set your ideal pay rate.
Work the way you wantApply for jobs, create easy-to-by projects, or access exclusive opportunities that come to you.
Get paid securelyFrom contract to payment, we help you work safely and get paid securely.
About Upwork
- 4.9/5(Average rating of clients by professionals)
- G2 2021#1 freelance platform
- 49,000+Signed contract every week
- $2.3BFreelancers earned on Upwork in 2020
Find the best freelance jobs
Growing your career is as easy as creating a free profile and finding work like this that fits your skills.
Trusted by