Upload
banking-at-ho-chi-minh-city
View
1.023
Download
8
Embed Size (px)
Citation preview
© 2015 IBM Corporation
IBM MobileFirst Platform Overview
Additional information line, e.g. presenter name, presentation tagline etc.
Presentation date or version identifier
© 2015 IBM Corporation 2
Key enterprise challenges for a successful mobile journey
“I need my development teams focused on creating great app experiences, not figuring out how to integrate or store data.”
“Mobile opens up a new set of security considerations. Our reputation is on the line.”
“Mobile app users are demanding. If my app is not delivering a great experience I need to know.”
“My users want to be even more productive. Personalization based on the device’s context is a huge opportunity. ”
© 2015 IBM Corporation 3
Mobile app users are demanding – I need to understand if their needs are being met
The IBM MobileFirst Platform helps IT collect user feedback and analyze app store ratings, resulting in reduced app development cycles from 6 to 2 weeks. Achieved highest in Customer Satisfaction Among the Midsize Retail Banks in J.D. Power’s Canadian Retail Banking Customer Satisfaction Study.
Tangerine Bank
100% online banking
Customers can execute any banking transactions securely while on the go
Customers can provide feedback – on services offered and app experience Customer feedback
incorporated back into the app quickly 5 Star App Rating
© 2015 IBM Corporation 4
Mobile opens up a new set of security considerations. Our reputation is on the line
The IBM MobileFirst Platform helps authenticate users and secure the app against spoofing. It also enabled the Mobile app to scale to secure 3.62 billion tickets during 40 day spring festival.
Demand from ~2B passengers for ticket sales far surpasses supply Created “ticket
scalper” environment
Hackers created “fake apps” to sell tickets at a premium
China Ministry of Railways
© 2015 IBM Corporation 5
My users want to be even more productive. Personalization based on the device’s context is a huge opportunity Elmec
Employees needed to be more productive while on a service call
Scans asset barcode, automatic pull of product and service information, and provides suggested action
Real-time log update of changes in asset position using geo-location Drive up-sell opportunities
The IBM MobileFirst Platform used GPS, photo, and video features to deliver a contextual app to manage lease equipment based on location, leveraging a catalog of over 60,000 products. Mobile app includes service and support capabilities.
© 2015 IBM Corporation 6
Mobile apps need data to be rich, but integrating and storing data in a scalable way slows down delivery RunKeeper
Top Rated Health and Fitness Mobile App
App has 30M users and integrates with 100 3rd party devices and services
As user base grew, app hit scalability threshold, performance was effected
GPS tracks outdoor fitness activities, including duration, distance, pace, speed, and path traveled on a map.
IBM MobileFirst Platform provided seamless data scalability, while delivering a responsive experience users demanded. Reduced application development and maintenance costs, improved time-to-market and enhance mobile application governance and security
© 2015 IBM Corporation 7
Great apps share common traits
To your customers
For your enterprise
What that means…
I can do more on my device
I can trust that my data is safe
It’s better, faster or more functional than it was yesterday
It knows me… where I am, what I’m doing and what I like
My customers (and other users) make better decisions faster
We ensure sensitive enterprise data is secure, in transit and at rest.
We easily manage new releases and assess and act on performance and usage issues
We have deep insights in our users’ and their mobile experiences
Data rich Secure Always
improving Relevant
© 2015 IBM Corporation 8
IBM MobileFirst Platform provides a comprehensive set of services delivered in a modular fashion
Software or SaaS On premises Cloud
Contextualize & Personalize Secure Continuously
Improve Data Rich
New or Existing Apps Native
Hybrid
HTML5 3rd Party Tools, Services, Apps
Modular Services
Systems of Record
Enterprise APIs
Systems of Engagement Cloud Services
3rd Party APIs
© 2015 IBM Corporation 9
The IBM MobileFirst Platform Integrated mobile app development with continuous delivery
Application Center
Quality Assurance Application Scanning
Development Continuous Delivery
Studio Console
Server Runtime
Application Scanning Detect code vulnerabilities at the time of development Quality Assurance Collect beta test feedback, crashes and analyze user sentiment Cloudant Local Store mobile app data in a NoSQL database with easy sync capabilities Foundation Development, Runtime, Operations Console & Private Store
Cloudant Local
© 2015 IBM Corporation 10
IBM MobileFirst Platform Foundation 7.0 – Component Overview
© 2015 IBM Corporation 11
MFP Foundation 7.0 Highlights
+ Enable native Android and iOS mobile app developer to store engagement data on-prem with off-line access, scalable storage, and enterprise integration
+ Make offline operations easier by removing the need to develop complicated sync and replication logic • Manipulate and query data without worrying about sync logic • Just decide when to sync and if you want to push or pull changes
Efficient and scalable app data storage
+ Leverage OAuth 2.0 security standard to securely integrate with new and existing backend services
+ Streamline usage and operations of new and existing services via a client-side REST API + Leverage MobileFirst Platform security and operational analytics capabilities when
directly integrating with RESTful enterprise services
Standard-based integration and authentication
+ Collect data and create custom reports to gain insights customized for your needs
Deep insights that help you deliver better apps
© 2015 IBM Corporation 12
IBM MFP Foundation – Typical Topology
MFP Cluster
Load Balancer
Backend 1 Backend 2
MFP Database
Web SSO Server
App
https
https
Corporate LAN
Corporate DMZ
© 2015 IBM Corporation 13
Spectrum of mobile app development approaches
Web-Native Continuum
§ HTML5, JS, and CSS3 (full site or m.site)
§ Quicker and cheaper way to mobile
§ Sub-optimal experience
§ HTML5, JS, and CSS
§ Usually leverages Cordova
§ Downloadable, app store presence, push capabilities
§ Can use native APIs
§ As previous § + more
responsive, available offline
§ Web + native code
§ Optimized user experience with native screens, controls, and navigation
§ App fully adjusted to OS
§ Some screens are multi-platform when makes sense
§ App fully adjusted to OS
§ Best attainable user experience
§ Unique development effort per OS, costly to maintain
Hybrid Pure web Pure native
Mobile web site (browser access)
Native shell
enclosing external m.site
Pre-packaged
HTML5 resources
HTML5 + native UI
Mostly native, some
HTML5 screens
Pure native
© 2015 IBM Corporation 14
MFP Studio – The IDE for hybrid app development
+ Eclipse-based IDE
+ Code assist tools with auto-complete and validation
+ Application scaffolding and componentization
+ Mobile OS-specific optimization
+ Device-specific optimization with Skins
+ 3rd-party library integration for HTML5 and native components
+ Quick access to simulators, emulators, and debugging tools
HTML5, Hybrid, and Native Coding!Optimization Framework!
Integrated Device !SDKs!
3rd Party Library Integration!
Build
Eng
ine!
MFP Studio!SDKs!
Functional !Testing!
WYSIWG Editor! and Simulator!
Blackberry!!
Android!
iOS!
Windows Phone!
Java ME!
Windows 8!
Mobile Web!
Desktop Web!
1
© 2015 IBM Corporation 15
Studio provides authoring, visual design, simulation, and runtime skins for hybrid apps
© 2015 IBM Corporation 16
Seamless integration for native development and other tools
Use your preferred IDE and tools to develop pure native or hybrid Apps Complements native IDEs with tools to perform MFP tasks
+ mfp create [?] What do you want to name your project? MyProj Project ‘MyProj’ created + cd MyProj + mfp add api [?] What do you want to name your native API? MyIosApi [?] What platform do you want to target? Android ›❯ iOS Java ME Windows Phone 8 Native api for ‘ios’ created
Simple Interactive assistance…
© 2015 IBM Corporation 17
Example CLI commands for native apps + mfp create [?] What do you want to name your project? MyProj Project ‘MyProj’ created + cd MyProj + mfp add api [?] What do you want to name your native API? MyIosApi [?] What platform do you want to target? Android ›❯ iOS Java ME Windows Phone 8 Native api for ‘ios’ created
Context aware builds + mfp build + mfp deploy
If at project level, all apps and adapters are built. If in adapters (all or single), then only those are built. If within a single app, then only that app is processed. If within a single env of app, only it is built and deployed.
Embedded MFP Server control + mfp start + mfp console + mfp stop
The “mfp run” command is a long running task that starts the server, and tails (follows) the server log file
© 2015 IBM Corporation 18
Example CLI commands for hybrid apps
+ mfp add hybrid [?] What do you want to name your app? MyHybrid
+ cd apps/MyHybrid
+ mfp add environment [?] What environments you want to add to the hybrid app? ⬢ iPhone ⬡ iPad ⬢ Android phone and tablets ⬡ BlackBerry 6 and 7 ⬡ BlackBerry 10 ›❯⬡ Windows Phone 8 ⬡ Windows 8 desktop and tablets ⬡ Mobile web app
+ mfp build + mfp deploy + mfp console
© 2015 IBM Corporation 19
Example CLI commands for adapters + mfp add adapter Accounts --type http + edit adapters/Accounts/Accounts* + mfp build && mfp deploy
Implement desired procedures
+ mfp invoke [?] Which adapter do you want to use? (Use arrow keys) ›❯ Accounts Foo [?] Which procedure do you want to invoke? (Use arrow keys) getAccountList ›❯ getAccount [?] Enter the comma-separated parameters: "111-001" Invoking Accounts:getAccount... Arguments: [ "111-001” ] Invocation result: { "id": "111-001", "balance": 623.45, . . . }
Interactively test the adapter
Ø mfp invoke Accounts:getAccount '["111-001"]’ { "id": "111-001", "name": "Checking", . . . }
Direct syntax
© 2015 IBM Corporation 20
MFP gives developers complete control over their app
+ Control default splash screen behavior + Add a custom splash screen + Start application with native screen + Control MFP framework initialization, e.g. in background
Attractive App Startup
+ Display a specified native screen in full screen + Mix native and web components on a same screen + Control native components that host web application + Use native components hosting web application inside of a
container
Engaging UI
+ Call native code from JavaScript and vise-versa + Invoke both native and JavaScript MFP Client APIs in any
order e.g. authenticate in native, UI in HTML5 Compelling
app flow
© 2015 IBM Corporation 21
Unsurpassed flexibility in hybrid development Complete freedom in mixing native and web code in the same app
Native and web components on a
same screen
Native header with button, title and icon
Native scrolling ticker
WebView with web components
© 2015 IBM Corporation 22
Bridge native and hybrid elements with an action API
+ First bullet: Use the MFP action API to enable native-hybrid communication: • L2 Send data from JavaScript to Native
• Send data from Native to JavaScript
• Register Native action handlers
• Register JavaScript action handlers
Example: Clicking native side menu button triggers web UI change
© 2015 IBM Corporation 23
Create reusable enterprise UI patterns
+ Create and reuse custom UI patterns • For corporate branding
• Improved governance: Patterns which were adequately designed, implemented and tested
+ Patterns contain HTML, CSS and JS resources
+ Package patterns inside a pre-defined archive format, so that they can be distributed among teams to re-use in their projects with MFP Studio
© 2015 IBM Corporation 24
Create custom components and templates
Shareable ZIP archives .wlc or .wlt extns
Create components
and templates
Add Components and templates to an
MFP Project
+ Save development time by reusing code
+ Help enforcing governance by providing ready-made, tested components with corporate-approved code and branding
+ Created and managed using an MFP Studio wizard
+ Custom screen patterns • HTML, CSS and JS resources • Extend the list of out-of-the-box patterns
+ Application Components • Reusable libraries (Client or server runtime)
that developers can add to apps + MFP Project Templates
• A reusable hybrid project that developers can use to jump start new application development
© 2015 IBM Corporation 25
IBM MobileFirst SDK for Xamarin
Security
Authentication
Integration
Notifications
App Management
Analytics
Xamarin Studio
Integrated Services
https://components.xamarin.com/view/ibm-worklight
IBM MFP
+ With IBM MobileFirst Platform Foundation SDK, Xamarin developers can build rich native enterprise grade mobile apps for iOS and Android devices using C# language
© 2015 IBM Corporation 26
Rapid testing of hybrid apps with the Mobile Browser Simulator
+ Accurate simulation of the app’s HTML5 screens (e.g., right fonts, sizes, and layout)
+ Supports Cordova and MFP client API
© 2015 IBM Corporation 27
Mobile Functional Test Tools
+ Comprehensive, complete, resilient functional testing • Android and iOS, native and hybrid
HTML and JQuery
• Record, edit, and run on mobile devices or emulator
• Same test runs across multiple devices in the platform family
• Natural language scripts can be used by developers and non-developers alike
+ Simple process • Record
• Author
• Playback
• Report
© 2015 IBM Corporation 28
IBM MobileFirst Platform Quality Assurance
Evidence-based prioritization – enable business and IT to collaborate on mobile strategy and user experience Over the air app distribution – get the latest in the hands of testers as soon as it is available Frictionless bug reporting – spend every minute on testing latest and greatest builds, not the hassles In-app crash reporting – rapid understanding of why an app fails Sentiment analysis – mine app ratings and reviews to extract actionable feedback before they go viral
Delivers mobile app quality across a fragmented environment with end user feedback and quality metrics available at every stage of development.
© 2015 IBM Corporation 29
Get the details behind app sentiment score at a glance
App category, app quality score, # of reviews & daily average, trend
Quality attribute, # of reviews & daily average, trend, and signals
© 2015 IBM Corporation 30
Quality attribute scorecard
© 2015 IBM Corporation 31
Compare your app against your competitors
© 2015 IBM Corporation 32
Discover what’s trending with top review clusters
© 2015 IBM Corporation 33
MobileFirst Platform Application Scanning
Application Scanning!
+ A single Eclipse Integrated Development Environment (IDE). Scan existing code projects or MFP Studio projects
+ Native and hybrid mobile applications support
+ Enhanced JavaScript analysis, which includes improved performance and additional framework support
+ Optionally connect to IBM Security AppScan Enterprise Server to share scan configurations, filters, and custom rules across all projects
Detect vulnerabilities at the time of code change to reduce risk of data leakage and breaches
© 2015 IBM Corporation 34
Security Features Mapping
Proactively enforce security updates
Remote disable Direct update
Provide robust authentication and
authorization to secure users
Authentication integration framework
Data protection
realms
Coupling device id with
user id
Streamline corporate security approval
processes
Mobile platform as a trust factor
Protect from Known Application Security Threats
Code obfuscation
SSL with server identity
verification
Proven platform security
Device provisioning integration
App authenticity
testing
Protect data on the device
Encrypted cache / DB
Offline authentication
Secure challenge-
response on startup
© 2015 IBM Corporation 35
Flexible authentication framework
+ Security tests are a series of realm tests which can be put into a sequence or all or nothing • Protecting resources, procedures and mobile apps
+ MFP provides framework for users to define the security test and the individual real test
+ There are also out-of-the-box pre-packaged realm tests and security tests (e.g. form-based auth, LTPA auth, cookie-based auth)
Security Tests
MFP Server
MFP Client SDK
HTTPs
JSON
Security Tests are triggered on startup
or on demand.
Realm1: App Authenticity Testing
Realm2: User Credential Testing (Question 1)
Realm3: User Credential Testing (Question 2)
Realm4: Custom Authentication
© 2015 IBM Corporation 36
OAuth 2.0 Support
+ MFP Server provides REST endpoints for OAuth-based authorization
+ Developers can extend the mobile-specific security and analytics capabilities of MFP to existing enterprise services
+ Approach does not require any changes to existing enterprise services
© 2015 IBM Corporation 37
User-certificate provisioning for client-side authentication
+ X509 certificates • Are installed on devices and can can be used to automate user authentication
+ Certificate provisioning options • For all apps on a device
• For a particular app
+ Benefits • Cost saving: Certificates are typically provided by MDM solutions and is quite costly (some charge $70
per device).
• Usability: Simple, automated user authentication; User’s device does not need to be managed by an MDM
© 2015 IBM Corporation 38
Protecting data on the device
Device theft Offline access Phishing, repackaging
Device provisioning integration
App authenticity
testing
Protect data on the device!
Encrypted cache / DB
Offline authentication
Secure challenge-
response on startup
+ Encrypted JSON Store
+ Offline authentication using password
+ Extended authentication with server using secure challenge response
+ App authenticity testing: server-side verification mechanism to mitigate risk of Phishing through repackaging or app forgery
+ Device provisioning integration: allow for the authentication of devices in addition to apps and users
+ HTTPS/TLS based initiation of MFP Server connectivity from MFP Client runtime using FIPS 140-2 compliant libraries - Tie in with User-Provision to use X509 Cert in establishing HTTPS/TLS connection using user certificate
- On top of the already compliancy for communication (data in transit) and for storage (JSONStore)
© 2015 IBM Corporation 39
Application Authenticity
+ Mobile apps installed on a device represent a point of vulnerability • Apps are binary packages – protected by mobile OS but that may not be enough
+ MobileFirst Platform helps protect your enterprise from compromised apps by detecting potential tampering and blocking access from the app to the enterprise
• Administrative tools make it easy to enable and monitor app authenticity
+ Application authenticity protections apply to Android, iOS, and WP8 platforms
© 2015 IBM Corporation 40
Application Security
Hacking Eavesdropping
Man-in-the-middle
Protect from Known Application
Security Threats !
Code obfuscation
SSL with server identity
verification
Proven platform security
+ Proven platform security: tested by the most demanding customers (e.g., top tier banks)
+ Client<->Middleware communications over HTTPS to prevent data leakage
+ Server certificate is automatically verified to thwart man-in-the-middle attacks
+ Developers can obfuscate application JS code to make static analysis more difficult
+ SQL adapter designed to mitigate SQL-injection
+ Built-in audit trail
© 2015 IBM Corporation 41
Protecting app source code
+ Obfuscate and minimize JavaScript resources to better protect source code in a hybrid app • Simple wizard in both Studio and CLI environments
+ Google Closure used to perform obfuscation and minification
+ Android ProGuard support makes it easy to encrypt Java resources included in an Android app
+ Predefined ProGuard configuration files are included for ease of use
© 2015 IBM Corporation 42
Block access to specified devices or apps
+ Allows MFP admin to block a device’s access to the MFP Server
+ Admin has the option to block access for the entire device or for a particular application on the device
+ Device can be marked as stolen, lost, or disabled for record keeping
© 2015 IBM Corporation 43
Key generation, encryption, and decryption APIs
+ MFP provides APIs that make it easy to secure content used by the app (PDFs, images, text documents, etc.) on a device
+ The APIs provide key generation, encryption, and decryption capabilities
+ Key generation, encryption and decryption APIs can be used in conjunction with the JSONStore
© 2015 IBM Corporation 44
Secure inter-application data sharing
+ New API allows developers to securely share data between applications in an application family
+ The API can be used to share security tokens and other small data sets • Data is always shared as a string
+ Native API support on iOS and Android in addition to JavaScript API
Hybrid applications WL.Client.setSharedToken({key: myName, value: myValue}) WL.Client.getSharedToken({key: myName}) WL.Client.clearSharedToken({key: myName})
iOS native applications
[WLSimpleDataSharing setSharedToken: myName value: myValue]; NSString* token = [WLSimpleDataSharing getSharedToken: myName]]; [WLSimpleDataSharing clearSharedToken: myName];
Android native applications
WLSimpleSharedData.setSharedToken(myName, myValue); String token = WLSimpleSharedData.getSharedToken(myName); WLSimpleSharedData.clearSharedToken(myName);
© 2015 IBM Corporation 45
Device Single Sign-On (SSO)
+ Enables a mobile user to authenticate once and gain access to all apps from the same organization (technically, with the same developer certificate) without re-authenticating.
+ Supports integration with DataPower, ISAM, and other web gateways
+ Implementation • Implemented using combination
of server-side capabilities (realms) and unique device identification (device ID)
• On successful login the authentication state is saved in the database and used for validations in subsequent sessions from the same device.
App 1
secure Mobile O
S key store
MFP Server
App 2
ID
Session x
Session y
Duplicate after receiving ID fro App 2
© 2015 IBM Corporation 46
Enforcing security updates
Can’t rely on users getting the latest
software update on their own
Proactively enforce security updates
Remote disable!
Direct update!
+ Remote Disable: shut down specific versions of a downloadable app, providing users with link to update
+ Direct Update: automatically send new versions of the locally-cached HTML/JS resources to installed apps
© 2015 IBM Corporation 47
Controlled back-end integration
+ From multiple point-to-point integrations • Multiple sets of integrations to enterprise
resources to build and maintain
• YOU manage caching, synchronization and end-to-end encryption
+ To streamlined, transparent access • MFP transforms enterprise data into
mobile-friendly, JSON format
• MFP Server manages caching, data synchronization and end-to-end encryption
ERP Engine
App DB
SQL
JSON
MFP Adapters MFP
SERVER
ERP Engine
App DB Cloud Service
Cloud Service
Windows
Android Blackberry Apple
Windows Android Blackberry Apple
SAP HTTP (REST, SOAP), JMS HTTP, CAST IRON
© 2015 IBM Corporation 48
MFP Server: Adapters
Run time + Lightweight server-side logic to expose systems of records in a
mobile-friendly way • Automatic JSON transformation of enterprise data for quick
transport and ease of consumption by mobile developer • Server-side service composition to reduce number of
requests over slow mobile network • XSLT to reduce fat SOAP responses
+ Security • Automatic enablement of server-side authentication
control and audit + Analytics
• Automatic collection of user actions and device and app properties
+ Data sync • Enables synchronization with on-device JSON Store
+ Mobile user engagement • Push notifications and geo-based event management
For the server developer + JS anywhere: Simple APIs for server-side JavaScript development + Extensibility: Java API for custom adapters
For the client developer + Easy-to-use, consistent client-side API to call any back-end system
MFP Server
SQL / JDBC
SOAP / HTTP
JMS
CAST IRON
REST
Java Extension
Enterprise back-ends and cloud services Enterprise back-ends and
cloud services Enterprise back-ends and cloud services
© 2015 IBM Corporation 49
Zero-code service integration for your apps
+ Analyze SAP (NetWeaver Gateway), REST, and SOAP services to create adapters with no manual coding
+ Discover target services and select the operations you want to use in your mobile app
+ Work with WSDL, SAP service definitions, and any RESTful endpoint over HTTP(S)
© 2015 IBM Corporation 50
Automatic adapter generation for IBM BPM workflows
+ Integrate IBM BPM workflows into your apps without manual development
+ Use Service Discovery to explore and select existing processes for integration
+ Work with IBM Business Process Manager v8.5.6 and above
+ Use a standard BPM adapter to gain REST access to processes
+ Use the BPM management console to export an MFP project or adapter from an IBM BPM process app
© 2015 IBM Corporation 51
Java Adapters
+ Enable custom service development for mobile app projects
+ Utilize JAX-RS standard-based deployment model to describe REST service
+ Accessible using standard REST conventions; URLs, and HTTP verbs
+ Leverage OAuth for MFP security protection and analytics gathering
© 2015 IBM Corporation 52
SAP Java Connector (SAP JCo) Adapter
+ Integrate your mobile apps to SAP systems without requiring NetWeaver
+ Deploy adapters that provide a direct interface to JCo functions
+ Utilize the new WL.Server.invokeSAPFunction API
+ Provide configuration info for SAP server and user authentication
© 2015 IBM Corporation 53
RESTful access pattern for adapters and enterprise services
+ Provides a RESTful invocation model for deployed adapters/existing services
+ Allows consumption of adapters by non-mobile clients
+ Enables management of adapter invocations by API Management solutions (i.e. IBM API Management)
+ Extends MFP security protections via OAuth model
+ Retains support for existing invocation model
© 2015 IBM Corporation 54
Centralized push notifications
From the complexity of many… Multiple sets of push services to manage
To the simplicity of one… Unified push management
Apple
Feature Phones
Android
Google Push
Apple Push
Windows
Microsoft Push
SMS/MMS Brokers
Android Windows
Feature Phones
Apple
SMS/MMS Brokers
Microsoft Push
Google Push
Apple Push
MFP Unified Push Framework
© 2015 IBM Corporation 55
Unified Push Notifications
+ Uniform access to push notifications providers • Register for, notify, and receive a notification via MFP APIs or SMS
+ Register for and send SMS based notifications • E.g., for feature phones
Back-end System!Back-end System!
Back-end System!Back-end System!
Polling Adapters
Message-based Adapters
Unified Push API
Notification State Database
User-Device Database
iOS Dispatcher
Android Dispatcher
Windows Phone Dispatcher
SMS Dispatcher
Apple Push Servers (APN)
Google Push Servers (GCM)
MPNS/WNS
SMS/MMS Brokers
Administrative Console Notification statistics, SMS subscription control
MFP Client-side Push Services
iOS Push API
Android Push API
Windows Push API
Broker API
MFP Client-side Push Services
MFP Client-side Push Services
Optional 2-way SMS
© 2015 IBM Corporation 56
iOS Push Notifications
+ Interactive Push Notifications • Enable developers to send Interactive Notification for iOS 8 devices
• Prompts users to take action without leaving the application they are in
• API support for defining ‘category’ to tell the device to show pre-determined set of buttons
+ Silent Push Notifications • Enable developers to send silent notification to iOS 7 onwards devices
• API support for sending and receiving\handling silent push notification
© 2015 IBM Corporation 57
Android Push Notifications
+ Android Notifications • Support for Heads-up notification for receiving high priority notifications while using the device
• Support for Cloud Sync notifications
• Provide API’s to set appropriate priority
• Notification support on the device lock screen
• Provide API’s for what to show on lock screen
+ Server side • Optional fields in GCM properties of notification attributes
GCM: { 'visibility':'' (public, private, secret) 'priority':'' (max,high,default,low,min) ‘bridge': '' (true,false) 'category':'' (promo,recommendation,social..) .. }
+ Client side • Extract all the parameters from the received notification
• Use the Notification.Builder API to build the notification object with all the extracted values
© 2015 IBM Corporation 58
Segmenting users for push notifications
+ Group notifications based on tags • Notifications are targeted to only a select set of users based on their topics of interest
• Tags allow message producers / senders to segment devices
• One or more tags can exist per application
• Defined in application-descriptor.xml – created during deployment
+ Broadcast, unicast and narrowcast notifications • New APIs available to send a notification to all the devices that installed the application
‒ Also provides for an option to opt out of receiving broadcast notifications
• Enhanced APIs to send a notification to specific user or device that installed the application
• Support for a notification targeted to devices of a particular platform that installed the application
© 2015 IBM Corporation 59
Push notification management features
+ APNS Certification Expiration Management • Detect if the application has APNS certificate and then display the ‘certification expiration date: ’ on the application catalog in the console.
• Provide warning message while deploying the app with already expired APNS certificate
• Provide REST API support for updating the expired APNS certificate and password
+ Push Notification Management API’s • Rest API’s to submit a message with the specified options to the devices specified by target
• Rest API’s to Create, Delete and update a tag
• Credential management for GCM, MPNS and certificate management for APNS
© 2015 IBM Corporation 60
Two-way SMS communication
+ Why SMS? • For feature phone users: A preferred mode of interaction
• For roaming users: When data roaming fees are not affordable
• In emerging markets: More reliable than Internet connection
+ SMS in MobileFirst Platform • HTTP integration with SMS gateway or aggregator for the SMS delivery
• Seamless backend integration, mapping of incoming SMS to the relevant backend calls
+ Mobile user à enterprise • Sends SMS messages based on
keywords published by the enterprise
+ Enterprise à mobile user • Responds to a user request
• Initiates a new request by sending an SMS notification to a subscribed user
Backend Service
MFP Server
SMS Gateway
SMS HTTPS
© 2015 IBM Corporation 61
MobileFirst Platform Geo-Location Services
Efficient, controlled acquisition of GPS, triangulation, and Wi-Fi coordinates in background and foreground
Trigger actions based on location changes
Define points of interest and geo-fences
Store
Integrate context information with business processes
Handle business events
Store while offline, Efficiently send to server
Perform analytics
API availability + Hybrid: iOS, Android, Windows Phone 8 + Native: IOS and Android
Scenarios debug-able with MFP’s Mobile Simulator
Collect and use on the mobile device
Use on the server
© 2015 IBM Corporation 62
Enhancing engagement via beacon integration
+ Detect and act based on proximity to beacons • Deliver location relevant messages, information, promotions, etc. that prompt users to take action
+ Enable developers and administrators to take advantage of beacons • Admin registers and manages beacons using command line tool
• Admin creates triggers that fire when users are in proximity of beacon
• Developer can easily query beacon information and act on proximity triggers
© 2015 IBM Corporation 63
Mobile Data support: JSON Store
+ On-device, mobile database support • Embedded JSON mobile database
• JavaScript APIs to store, query and update the data in offline mode using MongoDB-like APIs
+ Encrypt sensitive data • Using a key provided by developer or obtained
as user’s password
• Apple Touch ID support
• FIPS140-2-compliant
+ Server-to-client Sync • Retrieve, store and keep data store up-to-date
using adapters
+ Client-to-server Sync • Simplify write actions on data while the app is
offline and send these actions to the server
+ Enterprise API-based • Leverages corporate API / SOA layer to access
sensitive enterprise data
Cor
pora
te S
OA
/ E
nter
pris
e B
us MFP
Server
MFP Adapter
JSON
XML, JDBC, … Mobile App
Back-end system or database
JSON Store
© 2015 IBM Corporation 64
IBM Mobile First Platform Cloudant Local
+ The power of Cloudant NoSQL database in the privacy of your data center
+ IBM Mobile First Platform includes Cloudant Local single node license
+ Upgrade to multi-node clusters for high availability and scalability
Elastic Scalability Multi-Structured Data Data Mobility
© 2015 IBM Corporation 65
Scalable Data Service and APIs with Flexible Deployment Options
+ Rapid schemaless development limits dependency on IT
+ Consistent APIs in cloud and on premise
+ Store Data on-cloud or on-prem
+ On-cloud for fully managed, automatic scaling
+ On-prem for more control, data isolation
Mobile App
On-Device
Native CRUD
Query
Sync
Single Node License Included
Multitenant Cloudant
Device DB
Cloudant Local Single Node
Upgrade to Multi-Node Clusters for High Availability and Scalability
Multitenant Cloudant
Multitenant Cloudant
Multitenant Cloudant
Cloudant
© 2015 IBM Corporation 66
Optimized synchronization makes it easy to handle offline scenarios
+ Optimizes offline behavior and data sync • Your app decides when to sync databases
• Remote API allows you to work with latest data or data that isn’t on the device
+ Complements JSONStore sync which enables enterprise integration and encrypted storage
User/Device Data (Offline) + Generated by the user of the app + User preferences, wish list, shopping cart + Offline data, periodically synched to the cloud
Shared Data (Online) + Generated by the enterprise + Shared by multiple users/devices + e.g. Store Inventory + Queried as-needed by the app, such as
for product search or category display
Native Language Objects (new)
User Data
Local A
PI
Shared Data
User Data
Cloudant
© 2015 IBM Corporation 67
Extending enterprise services via USSD
+ Unstructured Supplementary Service Data (USSD) provides a cost-effective alternative to mobile apps in emerging markets where feature phones are still fairly common
+ USSD (Unstructured Supplementary Service Data) is a protocol used by GSM cellular telephones to communicate with the telecom provider.
MFP enables the following + Accept incoming requests from
a USSD gateway and map the USSD short codes to corresponding MFP adapters
+ Construct and respond with USSD menu options
+ Invoke corresponding backend services via MFP adapters
© 2015 IBM Corporation 68
Example: Mobile app using MFP for USSD communication
USSD Gateway
MFP
Enterprise backend
HTTP/S
Mobile User dials USSD short code
say, *123#
Telco forwards this to a USSD
gateway
Gateway maps the short code to a known URL provided by the
enterprise and creates the USSD session
MFP responds to the gateway
request with the USSD menu
options (configurable)
Enterprise
Adapter
© 2015 IBM Corporation 69
Managing mobile apps with the MFP Console
© 2015 IBM Corporation 70
Managing mobile apps with the MFP Console (continued)
© 2015 IBM Corporation 71
Managing mobile apps with the MFP Console (continued)
© 2015 IBM Corporation 72
Administrators can use CLI or REST API for management tasks
+ REST API for all administrative operations • List, deploy, delete and change applications and adapters
• Device management API
• Secured with basic authentication
• Role-based access
• XML and JSON payload
+ Ant tasks for all administrative operations • Same feature set as REST services
• ANT tasks defined in worklight-ant-deployer.jar
• Supports SSL and password encryption in ant files
• Role-based access
+ Command Line Interface for all administrative operations • Command line version of ant tasks
• Role-based access
© 2015 IBM Corporation 73
Examples of REST API, ANT tasks, and CLI
REST services
Ant tasks
Command Line interface
+ Get all applications or post a new one /management-apis/1.0/runtimes/{runtime-name}/applications
+ Get or delete an application /management-apis/1.0/runtimes/{runtime-name}/applications/{app name}
+ Retrieve or delete an adapter /management-apis/1.0/runtimes/{runtime-name}/adapters/{adapter-name}
+ Lock an application version /management-apis/1.0/runtimes/{runtime-name}/applications/{app name}/{environment}/{version}/accessRule
+ <wladm url=... user=... password=...|passwordfile=... [secure=...]> + <list-apps runtime=... /> + <delete-app-version runtime=... name=... environment=... version=... /> + <deploy-adapter runtime=... file=... /> + </wladm>
+ wladm --url= --user= ... [--passwordfile=...] lists apps [runtime-name] + wladm --url= --user= ... [--passwordfile=...] delete app version [runtime-name] app-name
environment version + wladm --url= --user= ... [--passwordfile=...] deploy adapter [runtime-name] filename.adapter
© 2015 IBM Corporation 74
MFP Operations Console and CLI secured by default
+ Standard JEE security is used in the console and CLI tools
+ Login / Logout from the console out of the box
+ Role based access to the console
+ Simplified connection to user repositories • Use standard role mapping in
WAS console , Liberty , Tomcat
© 2015 IBM Corporation 75
Role based access to administration tasks
Role Description
monitor Ability to view the deployed MFP projects and the deployed artifacts, this role is a read-only role
operator Can do all mobile application management operations but cannot add or remove application versions or adapters.
deployer same role as operator but can also deploy apps and adapters.
administrator
Ability to do all application management operations including the ability to add new versions of applications and add and remove adapters. The app administrator can also configure more information on the application itself such as runtime specific settings such as SMS proxy configuration.
© 2015 IBM Corporation 76
In-App Notification in a mobile app using the console
© 2015 IBM Corporation 77
Disable a mobile app using the console
© 2015 IBM Corporation 78
1. Web resources packaged with app to ensure initial offline availability 2. Web resources transferred to app's cache storage 3. App checks for updates on startup and foreground events 4. Updated web resources downloaded when necessary, with user confirmation or silently
MFP Server
Native Shell
Pre-packaged resources
Download
Update web resource
App Store
Web resources
Cached resources
Transfer
Check for updates
1
2
3
4
Direct Update for mobile apps on the device
© 2015 IBM Corporation 79
Direct update is flexible and optimized
+ Direct update is integrated into the MFP Server security framework and exposes a client-side API for better control and customization: • Control when to invoke Direct Update
‒ perSession, perRequest, or custom
‒ Disable Direct Update for an app
STARTED DOWNLOAD_IN_PROGRESS UNZIP_IN_PROGRESS SUCCESS FAILURE_NETWORK_PROBLEM FAILURE_DOWNLOADING FAILURE_NOT_ENOUGH_SPACE FAILURE_UNZIPPING FAILURE_ALREADY_IN_PROGRESS FAILURE_UNKNOWN
Description JavaScript
Direct update events listener class name
WLDirectUpdateListener
Invoked by MFP framework once direct update has started
onStart(statusJSON)
invoked by MFP framework once HTTP chunk has been downloaded
onProgress(statusJSON)
invoked by MFP framework once direct update has finished (with either success/failure)
onFinish(statusJSON)
© 2015 IBM Corporation 80
Direct Update optimization
+ End users receive only the web resources (html, CSS, Javascript) that have changed between updates instead of the entire web resources package
+ Users receive a differential direct update when the web resources in their app are one build behind the web resources of the application now being deployed
© 2015 IBM Corporation 81
Remote-controlled client-side log collection
+ MFP provides a native and JavaScript API for client-side logging
+ Administrator defines log collection profiles on the server which are automatically retrieved by the MFP client-side runtime • By default sent on init, resume, and 75% full – can be customized
+ Administrator can perform analysis and text search of client-side logs via server-side analytics console
© 2015 IBM Corporation 82
Unified Client and Server Analytics
+ Out-of-the-box analytics address the following: • User adoption, device and app properties
• User actions and called adapter procedures
• Performance and data usage information
• Exceptions, crashes, logs, response time
© 2015 IBM Corporation 83
Service integration analytics
+ Robust analytics for service integration usage including average response time, average data usage, and server usage statistics
© 2015 IBM Corporation 84
Device analytics
+ Automatically captures information about mobile OS type, mobile OS version, and device model type
© 2015 IBM Corporation 85
Server and client log inspection made easy
+ MFP Analytics Console enables easy searching of both client and server logs
© 2015 IBM Corporation 86
Security Analytics
+ Monitor authentication attempts to better protect against potential attacks
+ Discover reasons for authentication failures and use information to improve user experience
+ Trace authentication failures back to specific device, network transaction, user, etc.
+ Visualize which resources are protected
© 2015 IBM Corporation 87
Create custom reports for your organization
+ Save Reports + Delete Reports + Edit Report Definition + Secure Reports
© 2015 IBM Corporation 88
Application Center for managing the app testing phase
+ Share apps across developers, testers, and other stakeholders • iOS, Android, Windows Phone 8, Windows 8,
and BlackBerry 6 and 7
Developers + Access all feedback in a centralized manner
Testers + Provide rating and feedback directly
from the device
Testers + Easily find apps and versions to test
Developers + Easily distribute app to testers
© 2015 IBM Corporation 89
The value of MFP for Hybrid Apps
Focus more on business logic + Proven optimization framework including Skins + Robust and extensible enterprise integration
framework + API discovery for SAP and SOAP + MFP app runtime for quick data-driven
hybrid apps + Encrypted JSON Store with bi-directional
synchronization + Efficient geo-location services and geo-fencing
Decrease development cost + Instant hybrid app preview + Accurate mobile simulator + visual location
simulator + Automated functional testing for hybrid apps + Out of the box operational analytics
Manage the mobile app lifecycle + Console for app management, version
enforcement, and fine-grained user control + Custom app templates and screen templates + Custom app components and shell + Support for enterprise SDLC integration + App Center for managing distributed test
process
Support the mobile ecosystem + Cordova is shipped with MFP; IBM provides
bug fixes and production-level support for version shipped with MFP
+ Proven timely support for new OS versions + Support for use of third party libraries and
services
© 2015 IBM Corporation 90
The value of MFP for Native Apps
Focus more on business logic + Robust and extensible enterprise integration
framework + Proven user and app security framework + API discovery for SAP and SOAP + Encrypted JSON Store with bi-directional
synchronization + Efficient geo-location services and geo-fencing
Decrease development cost + Standard server API for push engagement + Automated functional testing for native apps + Out of the box operational analytics
Manage the mobile app lifecycle + Console for app management, version
enforcement, and fine-grained user control + Support for enterprise SDLC integration + App Center for managing distributed
test process
Support the mobile ecosystem + Proven timely support for new OS versions + Support for use of third party libraries
and services
© 2015 IBM Corporation 91
IBM MobileFirst Platform Key Differentiators
+ Tooling for HTML 5 development and device adaptation + Application lifecycle management of HTML5 artifacts + Leveraging de-facto standards to provide added value for developers
Standards-based
+ Native / hybrid / web + Full coverage of the hybrid spectrum + Leverage any 3rd Party JavaScript Framework: More choice!
Flexibility and choice
+ For developers: easy learning curve, small number of programming models, JS anywhere, small footprint
+ Collaborative development + Quick and easy Installation and deployment
Consumability
+ Flexible security model + Portfolio integration + Advanced in-app security features
Security
+ IBM products already leveraging MFP as a mobile standard + Starting to build a catalog for third-party APIs + MobileFirst solutions for testing, team dev, analytics, security and mgmt
Ecosystem
© 2015 IBM Corporation 92
Three Ways to Get Started with IBM
1! Get MFP Developer Edition here: !https://developer.ibm.com/mobilefirstplatform/documentation/getting-started/ !
Talk with your IBM representative or Business Partner to find the right next step for you 2!
3! Learn more at http://www.ibm.com/mobilefirst Interact with us @ibmmobile and #ibmmobile!
© 2015 IBM Corporation 94
© Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, Rational, the Rational logo, Telelogic, the Telelogic logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
https://developer.ibm.com/mobilefirstplatform/documentation/getting-started/