Job Description About the Team The Identity team builds the authentication and session foundations of PayPal’s consumer experiences. We own login, account linking, session management, passkeys/biometrics, and secure token flows to make authentication both frictionless and secure at global scale. What You’ll Do Build native Android features for login, sign-up, account recovery, device trust, and session lifecycle for a brand-new PayPal application. Integrate with Identity providers and platform services using OAuth 2.1 and OpenID Connect, handling token issuance/refresh/revocation and secure session state. Implement passkeys/WebAuthn/FIDO2, biometric auth (BiometricPrompt), and strong device signals (SafetyNet / Play Integrity). Own secure credential storage with Android Keystore; enforce transport security and TLS certificate pinning. Partner with backend identity services on contract design, PKCE, nonce management, and error modeling. Instrument performance, reliability, and observability (logging, metrics, traces) for auth flows. Write comprehensive unit and UI tests (JUnit, Espresso), and security-focused tests; contribute to CI/CD pipelines (Gradle, static analysis, lint, detekt). Collaborate with iOS, backend, product, design, and security to ship accessible, localized, and privacy-first auth experiences. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/. Skills and Requirements Minimum Qualifications -3–5 years of native Android development (Kotlin-first). -Strong knowledge of Android app architecture (MVVM/MVI), coroutines/Flows, Jetpack (Lifecycle, Navigation, Hilt/Dagger, Room/Datastore). -Hands-on with OAuth 2.x/OIDC, token handling, PKCE, and secure redirect/deeplink flows. -Experience with biometrics, Keystore-backed keys, encrypted storage (EncryptedSharedPreferences), and network security config. -Solid testing discipline (unit, UI, integration) and code quality (lint, detekt, ktlint). -Secure coding skills: input validation, anti-phishing patterns, replay protection, confidentiality/integrity controls. FIDO2 / WebAuthn on Android, Passkeys (Google Password Manager / Credential Manager API). Play Integrity API (or SafetyNet), fraud/abuse signals, device attestation patterns. Performance tuning (startup, cold/warm auth flows, power/network usage). Internationalization, Accessibility (TalkBack, contrast, dynamic type). Experience with feature flags, remote config, and staged rollouts.