More Related Content
Similar to IBM MobileFirst Platform v7 Tech Overview (20)
More from Banking at Ho Chi Minh city (20)
IBM MobileFirst Platform v7 Tech Overview
- 1. © 2015 IBM Corporation
IBM MobileFirst Platform
Overview
Additional information line, e.g. presenter name, presentation tagline etc.
Presentation date or version identifier
- 2. © 2015 IBM Corporation 2
Key enterprise challenges for a successful
mobile journey
“I need my development teams focused on creating
great app experiences, not figuring out how to
integrate or store data.”
“Mobile opens up a new set of security considerations.
Our reputation is on the line.”
“Mobile app users are demanding. If my app is not
delivering a great experience I need to know.”
“My users want to be even more productive. Personalization
based on the device’s context is a huge opportunity. ”
- 3. © 2015 IBM Corporation 3
Mobile app users are demanding – I need to
understand if their needs are being met
The IBM MobileFirst Platform helps IT collect user feedback and analyze app store ratings,
resulting in reduced app development cycles from 6 to 2 weeks. Achieved highest in Customer
Satisfaction Among the Midsize Retail Banks in J.D. Power’s Canadian Retail Banking
Customer Satisfaction Study.
Tangerine Bank
100% online
banking
Customers can execute
any banking transactions
securely while on the go
Customers can provide
feedback – on services
offered and app
experience Customer feedback
incorporated back into
the app quickly
5 Star App Rating
- 4. © 2015 IBM Corporation 4
Mobile opens up a new set of security
considerations. Our reputation is on the line
The IBM MobileFirst Platform helps authenticate users and secure the app against spoofing.
It also enabled the Mobile app to scale to secure 3.62 billion tickets during 40 day spring
festival.
Demand from ~2B
passengers for ticket
sales far surpasses
supply Created “ticket
scalper” environment
Hackers created
“fake apps” to sell
tickets at a premium
China Ministry of Railways
- 5. © 2015 IBM Corporation 5
My users want to be even more productive.
Personalization based on the device’s
context is a huge opportunity
Elmec
Employees needed to be more
productive while on a service call
Scans asset barcode, automatic pull of
product and service information, and
provides suggested action
Real-time log update of
changes in asset position
using geo-location
Drive up-sell opportunities
The IBM MobileFirst Platform used GPS, photo, and video features to deliver a contextual
app to manage lease equipment based on location, leveraging a catalog of over 60,000
products. Mobile app includes service and support capabilities.
- 6. © 2015 IBM Corporation 6
Mobile apps need data to be rich, but
integrating and storing data in a scalable
way slows down delivery
RunKeeper
Top Rated Health and
Fitness Mobile App
App has 30M users and
integrates with 100 3rd party
devices and services
As user base grew, app
hit scalability threshold,
performance was effected
GPS tracks outdoor fitness activities,
including duration, distance, pace, speed,
and path traveled on a map.
IBM MobileFirst Platform provided seamless data scalability, while delivering a responsive
experience users demanded. Reduced application development and maintenance costs,
improved time-to-market and enhance mobile application governance and security
- 7. © 2015 IBM Corporation 7
Great apps share common traits
To your
customers
For your
enterprise
What that
means…
I can do more
on my device
I can trust that
my data is safe
It’s better, faster
or more
functional than it
was yesterday
It knows me…
where I am, what
I’m doing and
what I like
My customers
(and other users)
make better
decisions faster
We ensure
sensitive
enterprise data
is secure, in
transit and at
rest.
We easily manage
new releases and
assess and act on
performance and
usage issues
We have deep
insights in our users’
and their mobile
experiences
Data rich Secure
Always
improving Relevant
- 8. © 2015 IBM Corporation 8
IBM MobileFirst Platform provides a
comprehensive set of services delivered in
a modular fashion
Software or SaaSOn premises Cloud
Contextualize
& PersonalizeSecure
Continuously
Improve Data Rich
New or Existing Apps
Native Hybrid HTML5 3rd Party Tools, Services, Apps
Modular Services
Systems of Record
Enterprise APIs
Systems of Engagement Cloud Services
3rd Party APIs
- 9. © 2015 IBM Corporation 9
The IBM MobileFirst Platform
Integrated mobile app development with continuous delivery
Application Center
Quality Assurance
Application
Scanning
Development Continuous Delivery
Studio Console
Server Runtime
Application Scanning
Detect code vulnerabilities at the
time of development
Quality Assurance
Collect beta test feedback, crashes
and analyze user sentiment
Cloudant Local
Store mobile app data in a NoSQL
database with easy sync capabilities
Foundation
Development, Runtime, Operations
Console & Private Store
Cloudant Local
- 10. © 2015 IBM Corporation 10
IBM MobileFirst Platform Foundation 7.0 –
Component Overview
- 11. © 2015 IBM Corporation 11
MFP Foundation 7.0 Highlights
+ Enable native Android and iOS mobile app developer to store engagement data on-prem
with off-line access, scalable storage, and enterprise integration
+ Make offline operations easier by removing the need to develop complicated sync and
replication logic
• Manipulate and query data without worrying about sync logic
• Just decide when to sync and if you want to push or pull changes
Efficient and scalable app data storage
+ Leverage OAuth 2.0 security standard to securely integrate with new and existing
backend services
+ Streamline usage and operations of new and existing services via a client-side REST API
+ Leverage MobileFirst Platform security and operational analytics capabilities when
directly integrating with RESTful enterprise services
Standard-based integration and authentication
+ Collect data and create custom reports to gain insights customized for your needs
Deep insights that help you deliver better apps
- 12. © 2015 IBM Corporation 12
IBM MFP Foundation – Typical Topology
MFP
Cluster
Load
Balancer
Backend 1 Backend 2
MFP
Database
Web SSO
Server
App
https
https
Corporate LAN
Corporate DMZ
- 13. © 2015 IBM Corporation 13
Spectrum of mobile app development
approaches
Web-Native Continuum
§ HTML5, JS, and
CSS3 (full site or
m.site)
§ Quicker and
cheaper way to
mobile
§ Sub-optimal
experience
§ HTML5, JS, and
CSS
§ Usually
leverages
Cordova
§ Downloadable,
app store
presence, push
capabilities
§ Can use native
APIs
§ As previous
§ + more
responsive,
available offline
§ Web + native
code
§ Optimized user
experience with
native screens,
controls, and
navigation
§ App fully
adjusted to OS
§ Some screens
are multi-
platform when
makes sense
§ App fully
adjusted to OS
§ Best attainable
user experience
§ Unique
development
effort per OS,
costly to
maintain
HybridPure web Pure native
Mobile
web site
(browser
access)
Native
shell
enclosing
external
m.site
Pre-
packaged
HTML5
resources
HTML5 +
native UI
Mostly
native,
some
HTML5
screens
Pure
native
- 14. © 2015 IBM Corporation 14
MFP Studio – The IDE for hybrid app
development
+ Eclipse-based IDE
+ Code assist tools with auto-complete and
validation
+ Application scaffolding and
componentization
+ Mobile OS-specific optimization
+ Device-specific optimization with Skins
+ 3rd-party library integration for HTML5
and native components
+ Quick access to simulators, emulators,
and debugging tools
HTML5, Hybrid, and
Native Coding!
Optimization
Framework!
Integrated Device !
SDKs!
3rd Party Library
Integration!
BuildEngine!
MFP Studio!
SDKs!
Functional !
Testing!
WYSIWG Editor!
and Simulator!
Blackberry!
!
Android!
iOS!
Windows
Phone!
Java ME!
Windows 8!
Mobile Web!
Desktop Web!
1
- 15. © 2015 IBM Corporation 15
Studio provides authoring, visual design,
simulation, and runtime skins for hybrid apps
- 16. © 2015 IBM Corporation 16
Seamless integration for native development
and other tools
Use your preferred IDE and tools to develop pure native or hybrid Apps
Complements native IDEs with tools to perform MFP tasks
+ mfp create
[?] What do you want to name your project? MyProj
Project ‘MyProj’ created
+ cd MyProj
+ mfp add api
[?] What do you want to name your native API? MyIosApi
[?] What platform do you want to target?
Android
›❯ iOS
Java ME
Windows Phone 8
Native api for ‘ios’ created
Simple Interactive assistance…
- 17. © 2015 IBM Corporation 17
Example CLI commands for native apps
+ mfp create
[?] What do you want to name your project? MyProj
Project ‘MyProj’ created
+ cd MyProj
+ mfp add api
[?] What do you want to name your native API? MyIosApi
[?] What platform do you want to target?
Android
›❯ iOS
Java ME
Windows Phone 8
Native api for ‘ios’ created
Context aware builds
+ mfp build
+ mfp deploy
If at project level, all apps and adapters are built.
If in adapters (all or single), then only those are built.
If within a single app, then only that app is processed.
If within a single env of app, only it is built and deployed.
Embedded MFP Server control
+ mfp start
+ mfp console
+ mfp stop
The “mfp run” command is a long running task that starts
the server, and tails (follows) the server log file
- 18. © 2015 IBM Corporation 18
Example CLI commands for hybrid apps
+ mfp add hybrid
[?] What do you want to name your app? MyHybrid
+ cd apps/MyHybrid
+ mfp add environment
[?] What environments you want to add to the hybrid app?
⬢ iPhone
⬡ iPad
⬢ Android phone and tablets
⬡ BlackBerry 6 and 7
⬡ BlackBerry 10
›❯⬡ Windows Phone 8
⬡ Windows 8 desktop and tablets
⬡ Mobile web app
+ mfp build
+ mfp deploy
+ mfp console
- 19. © 2015 IBM Corporation 19
Example CLI commands for adapters
+ mfp add adapter Accounts --type http
+ edit adapters/Accounts/Accounts*
+ mfp build && mfp deploy
Implement desired procedures
+ mfp invoke
[?] Which adapter do you want to use? (Use arrow keys)
›❯ Accounts
Foo
[?] Which procedure do you want to invoke? (Use arrow keys)
getAccountList
›❯ getAccount
[?] Enter the comma-separated parameters: "111-001"
Invoking Accounts:getAccount...
Arguments:
[ "111-001” ]
Invocation result:
{
"id": "111-001",
"balance": 623.45,
. . .
}
Interactively test the adapter
Ø mfp invoke Accounts:getAccount '["111-001"]’
{
"id": "111-001",
"name": "Checking",
. . .
}
Direct syntax
- 20. © 2015 IBM Corporation 20
MFP gives developers complete control
over their app
+ Control default splash screen behavior
+ Add a custom splash screen
+ Start application with native screen
+ Control MFP framework initialization, e.g. in background
Attractive
App Startup
+ Display a specified native screen in full screen
+ Mix native and web components on a same screen
+ Control native components that host web application
+ Use native components hosting web application inside of a
container
Engaging UI
+ Call native code from JavaScript and vise-versa
+ Invoke both native and JavaScript MFP Client APIs in any
order e.g. authenticate in native, UI in HTML5
Compelling
app flow
- 21. © 2015 IBM Corporation 21
Unsurpassed flexibility in hybrid development
Complete freedom in mixing native and web code in the same app
Native and web
components on a
same screen
Native header with
button, title and icon
Native scrolling ticker
WebView with web
components
- 22. © 2015 IBM Corporation 22
Bridge native and hybrid elements with an
action API
+ First bullet: Use the MFP action API to enable native-hybrid
communication:
• L2 Send data from JavaScript to Native
• Send data from Native to JavaScript
• Register Native action handlers
• Register JavaScript action handlers
Example: Clicking native side menu button triggers web UI change
- 23. © 2015 IBM Corporation 23
Create reusable enterprise UI patterns
+ Create and reuse custom UI patterns
• For corporate branding
• Improved governance: Patterns which were
adequately designed, implemented and tested
+ Patterns contain HTML, CSS and JS
resources
+ Package patterns inside a pre-defined
archive format, so that they can be
distributed among teams to re-use in
their projects with MFP Studio
- 24. © 2015 IBM Corporation 24
Create custom components and templates
Shareable ZIP archives
.wlc or .wlt extns
Create
components
and
templates
Add
Components and
templates to an
MFP Project
+ Save development time by reusing code
+ Help enforcing governance by providing
ready-made, tested components with
corporate-approved code and branding
+ Created and managed using an MFP
Studio wizard
+ Custom screen patterns
• HTML, CSS and JS resources
• Extend the list of out-of-the-box patterns
+ Application Components
• Reusable libraries (Client or server runtime)
that developers can add to apps
+ MFP Project Templates
• A reusable hybrid project that developers can
use to jump start new application development
- 25. © 2015 IBM Corporation 25
IBM MobileFirst SDK for Xamarin
Security
Authentication
Integration
Notifications
App Management
Analytics
Xamarin
Studio
Integrated
Services
https://
components.xamarin.com/
view/ibm-worklight
IBM MFP
+ With IBM MobileFirst Platform Foundation SDK, Xamarin developers can build rich
native enterprise grade mobile apps for iOS and Android devices using C# language
- 26. © 2015 IBM Corporation 26
Rapid testing of hybrid apps with the Mobile
Browser Simulator
+ Accurate simulation of the app’s HTML5 screens (e.g., right fonts, sizes, and layout)
+ Supports Cordova and MFP client API
- 27. © 2015 IBM Corporation 27
Mobile Functional Test Tools
+ Comprehensive, complete, resilient functional testing
• Android and iOS, native and hybrid
HTML and JQuery
• Record, edit, and run on mobile devices or emulator
• Same test runs across multiple devices in the platform family
• Natural language scripts can be used by developers and non-developers alike
+ Simple process
• Record
• Author
• Playback
• Report
- 28. © 2015 IBM Corporation 28
IBM MobileFirst Platform Quality Assurance
Evidence-based prioritization – enable
business and IT to collaborate on mobile strategy
and user experience
Over the air app distribution – get the latest in
the hands of testers as soon as it is available
Frictionless bug reporting – spend every minute
on testing latest and greatest builds,
not the hassles
In-app crash reporting – rapid understanding
of why an app fails
Sentiment analysis – mine app ratings and
reviews to extract actionable feedback before they
go viral
Delivers mobile app quality across a fragmented environment with end user
feedback and quality metrics available at every stage of development.
- 29. © 2015 IBM Corporation 29
Get the details behind app sentiment score
at a glance
App category, app quality score, # of reviews & daily average, trend
Quality attribute, # of reviews & daily
average, trend, and signals
- 30. © 2015 IBM Corporation 30
Quality attribute scorecard
- 31. © 2015 IBM Corporation 31
Compare your app against your competitors
- 32. © 2015 IBM Corporation 32
Discover what’s trending with top review
clusters
- 33. © 2015 IBM Corporation 33
MobileFirst Platform Application Scanning
Application
Scanning!
+ A single Eclipse Integrated Development
Environment (IDE). Scan existing code
projects or MFP Studio projects
+ Native and hybrid mobile applications support
+ Enhanced JavaScript analysis, which
includes improved performance and
additional framework support
+ Optionally connect to IBM Security AppScan
Enterprise Server to share scan
configurations, filters, and custom rules
across all projects
Detect vulnerabilities at the time of code change to reduce risk of data leakage
and breaches
- 34. © 2015 IBM Corporation 34
Security Features Mapping
Proactively enforce
security updates
Remote
disable
Direct update
Provide robust
authentication and
authorization to secure users
Authentication
integration
framework
Data
protection
realms
Coupling
device id with
user id
Streamline corporate
security approval
processes
Mobile
platform as a
trust factor
Protect from
Known Application
Security Threats
Code
obfuscation
SSL with
server
identity
verification
Proven
platform
security
Device
provisioning
integration
App
authenticity
testing
Protect data on the device
Encrypted
cache / DB
Offline
authentication
Secure
challenge-
response on
startup
- 35. © 2015 IBM Corporation 35
Flexible authentication framework
+ Security tests are a series of realm tests which
can be put into a sequence or all or nothing
• Protecting resources, procedures and mobile apps
+ MFP provides framework for users to define the
security test and the individual real test
+ There are also out-of-the-box pre-packaged
realm tests and security tests (e.g. form-based
auth, LTPA auth, cookie-based auth)
Security Tests
MFP
Server
MFP
Client
SDK
HTTPs
JSON
Security Tests are
triggered on startup
or on demand.
Realm1: App Authenticity Testing
Realm2: User Credential Testing (Question 1)
Realm3: User Credential Testing (Question 2)
Realm4: Custom Authentication
- 36. © 2015 IBM Corporation 36
OAuth 2.0 Support
+ MFP Server provides REST endpoints for OAuth-based authorization
+ Developers can extend the mobile-specific security and analytics capabilities
of MFP to existing enterprise services
+ Approach does not require any changes to existing enterprise services
- 37. © 2015 IBM Corporation 37
User-certificate provisioning for client-side
authentication
+ X509 certificates
• Are installed on devices and can can be used to automate user authentication
+ Certificate provisioning options
• For all apps on a device
• For a particular app
+ Benefits
• Cost saving: Certificates are typically provided by MDM solutions and is quite costly (some charge $70
per device).
• Usability: Simple, automated user authentication; User’s device does not need to be managed by an MDM
- 38. © 2015 IBM Corporation 38
Protecting data on the device
Device theft
Offline access
Phishing, repackaging
Device
provisioning
integration
App
authenticity
testing
Protect data on the device!
Encrypted
cache / DB
Offline
authentication
Secure
challenge-
response on
startup
+ Encrypted JSON Store
+ Offline authentication using password
+ Extended authentication with server using secure challenge response
+ App authenticity testing: server-side verification mechanism to mitigate risk of Phishing through
repackaging or app forgery
+ Device provisioning integration: allow for the authentication of devices in addition to apps and users
+ HTTPS/TLS based initiation of MFP Server connectivity from MFP Client runtime using FIPS 140-2
compliant libraries
- Tie in with User-Provision to use X509 Cert in establishing HTTPS/TLS connection using user certificate
- On top of the already compliancy for communication (data in transit) and for storage (JSONStore)
- 39. © 2015 IBM Corporation 39
Application Authenticity
+ Mobile apps installed on a device represent a point of vulnerability
• Apps are binary packages – protected by mobile OS but that may not be enough
+ MobileFirst Platform helps protect your enterprise from compromised apps by
detecting potential tampering and blocking access from the app to the enterprise
• Administrative tools make it easy to enable and monitor app authenticity
+ Application authenticity protections apply to Android, iOS, and WP8 platforms
- 40. © 2015 IBM Corporation 40
Application Security
Hacking
Eavesdropping
Man-in-the-middle
Protect from
Known Application
Security Threats !
Code
obfuscation
SSL with
server
identity
verification
Proven
platform
security
+ Proven platform security: tested by the most
demanding customers (e.g., top tier banks)
+ Client<->Middleware communications over
HTTPS to prevent data leakage
+ Server certificate is automatically verified
to thwart man-in-the-middle attacks
+ Developers can obfuscate application JS
code to make static analysis more difficult
+ SQL adapter designed to mitigate
SQL-injection
+ Built-in audit trail
- 41. © 2015 IBM Corporation 41
Protecting app source code
+ Obfuscate and minimize JavaScript
resources to better protect source code in
a hybrid app
• Simple wizard in both Studio and CLI environments
+ Google Closure used to perform obfuscation
and minification
+ Android ProGuard support makes it easy to
encrypt Java resources included in an
Android app
+ Predefined ProGuard configuration files are
included for ease of use
- 42. © 2015 IBM Corporation 42
Block access to specified devices or apps
+ Allows MFP admin to block a device’s access to the MFP Server
+ Admin has the option to block access for the entire device or for a particular
application on the device
+ Device can be marked as stolen, lost, or disabled for record keeping
- 43. © 2015 IBM Corporation 43
Key generation, encryption, and decryption
APIs
+ MFP provides APIs that make it easy to secure content used by the app (PDFs,
images, text documents, etc.) on a device
+ The APIs provide key generation, encryption, and decryption capabilities
+ Key generation, encryption and decryption APIs can be used in conjunction with
the JSONStore
- 44. © 2015 IBM Corporation 44
Secure inter-application data sharing
+ New API allows developers to securely share data between applications in an
application family
+ The API can be used to share security tokens and other small data sets
• Data is always shared as a string
+ Native API support on iOS and Android in addition to JavaScript API
Hybrid applications
WL.Client.setSharedToken({key: myName, value: myValue})
WL.Client.getSharedToken({key: myName})
WL.Client.clearSharedToken({key: myName})
iOS native applications
[WLSimpleDataSharing setSharedToken: myName value: myValue];
NSString* token = [WLSimpleDataSharing getSharedToken: myName]];
[WLSimpleDataSharing clearSharedToken: myName];
Android native applications
WLSimpleSharedData.setSharedToken(myName, myValue);
String token = WLSimpleSharedData.getSharedToken(myName);
WLSimpleSharedData.clearSharedToken(myName);
- 45. © 2015 IBM Corporation 45
Device Single Sign-On (SSO)
+ Enables a mobile user to authenticate once and gain access to all apps from the
same organization (technically, with the same developer certificate) without re-
authenticating.
+ Supports integration with DataPower, ISAM, and other web gateways
+ Implementation
• Implemented using combination
of server-side capabilities
(realms) and unique device
identification (device ID)
• On successful login the
authentication state is saved
in the database and used for
validations in subsequent
sessions from the same device.
App 1
secureMobileOSkeystore
MFP
Server
App 2
ID
Session x
Session y
Duplicate after receiving
ID fro App 2
- 46. © 2015 IBM Corporation 46
Enforcing security updates
Can’t rely on users
getting the latest
software update on
their own
Proactively enforce
security updates
Remote
disable!
Direct
update!
+ Remote Disable: shut down
specific versions of a
downloadable app, providing
users with link to update
+ Direct Update: automatically
send new versions of the
locally-cached HTML/JS
resources to installed apps
- 47. © 2015 IBM Corporation 47
Controlled back-end integration
+ From multiple point-to-point
integrations
• Multiple sets of integrations to enterprise
resources to build and maintain
• YOU manage caching, synchronization
and end-to-end encryption
+ To streamlined, transparent access
• MFP transforms enterprise data into
mobile-friendly, JSON format
• MFP Server manages caching, data
synchronization and end-to-end encryption
ERP
Engine
App DB
SQL
JSON
MFP Adapters
MFP
SERVER
ERP
Engine
App DB
Cloud
Service
Cloud
Service
WindowsAndroid BlackberryApple
WindowsAndroid BlackberryApple
SAP
HTTP (REST, SOAP), JMS HTTP, CAST IRON
- 48. © 2015 IBM Corporation 48
MFP Server: Adapters
Run time
+ Lightweight server-side logic to expose systems of records in a
mobile-friendly way
• Automatic JSON transformation of enterprise data for quick
transport and ease of consumption by mobile developer
• Server-side service composition to reduce number of
requests over slow mobile network
• XSLT to reduce fat SOAP responses
+ Security
• Automatic enablement of server-side authentication
control and audit
+ Analytics
• Automatic collection of user actions and device and
app properties
+ Data sync
• Enables synchronization with on-device JSON Store
+ Mobile user engagement
• Push notifications and geo-based event management
For the server developer
+ JS anywhere: Simple APIs for server-side JavaScript development
+ Extensibility: Java API for custom adapters
For the client developer
+ Easy-to-use, consistent client-side API to call any back-end system
MFP Server
SQL /
JDBC
SOAP /
HTTP
JMS
CAST
IRON
REST
Java
Extension
Enterprise back-ends and
cloud servicesEnterprise back-ends and
cloud servicesEnterprise back-ends and
cloud services
- 49. © 2015 IBM Corporation 49
Zero-code service integration for your apps
+ Analyze SAP (NetWeaver Gateway), REST, and SOAP services to create adapters
with no manual coding
+ Discover target services and select the operations you want to use in your
mobile app
+ Work with WSDL, SAP service definitions, and any RESTful endpoint over HTTP(S)
- 50. © 2015 IBM Corporation 50
Automatic adapter generation for IBM BPM
workflows
+ Integrate IBM BPM workflows into your
apps without manual development
+ Use Service Discovery to explore and
select existing processes for integration
+ Work with IBM Business Process Manager
v8.5.6 and above
+ Use a standard BPM adapter to gain REST
access to processes
+ Use the BPM management console to
export an MFP project or adapter from
an IBM BPM process app
- 51. © 2015 IBM Corporation 51
Java Adapters
+ Enable custom service development for
mobile app projects
+ Utilize JAX-RS standard-based deployment
model to describe REST service
+ Accessible using standard REST
conventions; URLs, and HTTP verbs
+ Leverage OAuth for MFP security
protection and analytics gathering
- 52. © 2015 IBM Corporation 52
SAP Java Connector (SAP JCo) Adapter
+ Integrate your mobile apps to SAP systems
without requiring NetWeaver
+ Deploy adapters that provide a direct
interface to JCo functions
+ Utilize the new
WL.Server.invokeSAPFunction API
+ Provide configuration info for SAP server
and user authentication
- 53. © 2015 IBM Corporation 53
RESTful access pattern for adapters and
enterprise services
+ Provides a RESTful invocation model for
deployed adapters/existing services
+ Allows consumption of adapters by non-
mobile clients
+ Enables management of adapter invocations
by API Management solutions (i.e. IBM API
Management)
+ Extends MFP security protections via
OAuth model
+ Retains support for existing invocation model
- 54. © 2015 IBM Corporation 54
Centralized push notifications
From the complexity of many…
Multiple sets of push services to manage
To the simplicity of one…
Unified push management
Apple
Feature
Phones
Android
Google
Push
Apple
Push
Windows
Microsoft
Push
SMS/MMS
Brokers
Android Windows Feature
Phones
Apple
SMS/MMS
Brokers
Microsoft
Push
Google
Push
Apple
Push
MFP Unified Push Framework
- 55. © 2015 IBM Corporation 55
Unified Push Notifications
+ Uniform access to push notifications providers
• Register for, notify, and receive a notification via MFP APIs or SMS
+ Register for and send SMS based notifications
• E.g., for feature phones
Back-end
System!
Back-end
System!
Back-end
System!
Back-end
System!
Polling
Adapters
Message-
based
Adapters
Unified
Push API
Notification
State
Database
User-
Device
Database
iOS
Dispatcher
Android
Dispatcher
Windows
Phone
Dispatcher
SMS
Dispatcher
Apple Push
Servers
(APN)
Google Push
Servers
(GCM)
MPNS/WNS
SMS/MMS
Brokers
Administrative Console
Notification statistics, SMS subscription control
MFP
Client-side
Push Services
iOS
Push API
Android
Push API
Windows
Push API
Broker API
MFP
Client-side
Push Services
MFP
Client-side
Push Services
Optional 2-way SMS
- 56. © 2015 IBM Corporation 56
iOS Push Notifications
+ Interactive Push Notifications
• Enable developers to send Interactive Notification for iOS 8 devices
• Prompts users to take action without leaving the application they are in
• API support for defining ‘category’ to tell the device to show pre-
determined set of buttons
+ Silent Push Notifications
• Enable developers to send silent notification to iOS 7 onwards devices
• API support for sending and receivinghandling silent push notification
- 57. © 2015 IBM Corporation 57
Android Push Notifications
+ Android Notifications
• Support for Heads-up notification for receiving high priority notifications while using the device
• Support for Cloud Sync notifications
• Provide API’s to set appropriate priority
• Notification support on the device lock screen
• Provide API’s for what to show on lock screen
+ Server side
• Optional fields in GCM properties of notification attributes
GCM: {
'visibility':'' (public, private, secret)
'priority':'' (max,high,default,low,min)
‘bridge': '' (true,false)
'category':'' (promo,recommendation,social..)
..
}
+ Client side
• Extract all the parameters from the received notification
• Use the Notification.Builder API to build the notification object with all the extracted values
- 58. © 2015 IBM Corporation 58
Segmenting users for push notifications
+ Group notifications based on tags
• Notifications are targeted to only a select set of users based on their topics of interest
• Tags allow message producers / senders to segment devices
• One or more tags can exist per application
• Defined in application-descriptor.xml – created during deployment
+ Broadcast, unicast and narrowcast notifications
• New APIs available to send a notification to all the devices that installed the application
‒ Also provides for an option to opt out of receiving broadcast notifications
• Enhanced APIs to send a notification to specific user or device that installed the application
• Support for a notification targeted to devices of a particular platform that installed the application
- 59. © 2015 IBM Corporation 59
Push notification management features
+ APNS Certification Expiration Management
• Detect if the application has APNS certificate and then display the ‘certification expiration date:
’ on the application catalog in the console.
• Provide warning message while deploying the app with already expired APNS certificate
• Provide REST API support for updating the expired APNS certificate and password
+ Push Notification Management API’s
• Rest API’s to submit a message with the specified options to the devices specified by target
• Rest API’s to Create, Delete and update a tag
• Credential management for GCM, MPNS and certificate management for APNS
- 60. © 2015 IBM Corporation 60
Two-way SMS communication
+ Why SMS?
• For feature phone users: A preferred mode of interaction
• For roaming users: When data roaming fees are not affordable
• In emerging markets: More reliable than Internet connection
+ SMS in MobileFirst Platform
• HTTP integration with SMS gateway or aggregator for the SMS delivery
• Seamless backend integration, mapping of incoming SMS to the relevant backend calls
+ Mobile user à enterprise
• Sends SMS messages based on
keywords published by the enterprise
+ Enterprise à mobile user
• Responds to a user request
• Initiates a new request by sending an
SMS notification to a subscribed user
Backend
Service
MFP
Server
SMS Gateway
SMS HTTPS
- 61. © 2015 IBM Corporation 61
MobileFirst Platform Geo-Location Services
Efficient, controlled
acquisition of GPS,
triangulation, and
Wi-Fi coordinates in
background and
foreground
Trigger actions
based on location
changes
Define points
of interest and
geo-fences
Store
Integrate context
information with
business
processes
Handle business
events
Store while offline,
Efficiently send to
server
Perform analytics
API availability
+ Hybrid: iOS, Android, Windows Phone 8
+ Native: IOS and Android
Scenarios debug-
able with MFP’s
Mobile Simulator
Collect and use on the mobile device
Use on the server
- 62. © 2015 IBM Corporation 62
Enhancing engagement via beacon integration
+ Detect and act based on proximity to beacons
• Deliver location relevant messages, information, promotions, etc. that prompt users to take action
+ Enable developers and administrators to take advantage of beacons
• Admin registers and manages beacons using command line tool
• Admin creates triggers that fire when users are in proximity of beacon
• Developer can easily query beacon information and act on proximity triggers
- 63. © 2015 IBM Corporation 63
Mobile Data support: JSON Store
+ On-device, mobile database support
• Embedded JSON mobile database
• JavaScript APIs to store, query and update the
data in offline mode using MongoDB-like APIs
+ Encrypt sensitive data
• Using a key provided by developer or obtained
as user’s password
• Apple Touch ID support
• FIPS140-2-compliant
+ Server-to-client Sync
• Retrieve, store and keep data store up-to-date
using adapters
+ Client-to-server Sync
• Simplify write actions on data while the app is
offline and send these actions to the server
+ Enterprise API-based
• Leverages corporate API / SOA layer to access
sensitive enterprise data
CorporateSOA/
EnterpriseBus
MFP
Server
MFP
Adapter
JSON
XML, JDBC, …Mobile App
Back-end
system or
database
JSON
Store
- 64. © 2015 IBM Corporation 64
IBM Mobile First Platform Cloudant Local
+ The power of Cloudant NoSQL database in the privacy of your data center
+ IBM Mobile First Platform includes Cloudant Local single node license
+ Upgrade to multi-node clusters for high availability and scalability
Elastic Scalability Multi-Structured Data Data Mobility
- 65. © 2015 IBM Corporation 65
Scalable Data Service and APIs with
Flexible Deployment Options
+ Rapid schemaless development
limits dependency on IT
+ Consistent APIs in cloud
and on premise
+ Store Data on-cloud or
on-prem
+ On-cloud for fully managed,
automatic scaling
+ On-prem for more control,
data isolation
Mobile App
On-Device
Native CRUD
Query
Sync
Single Node License Included
Multitenant
Cloudant
Device DB
Cloudant Local
Single Node
Upgrade to Multi-Node Clusters for
High Availability and Scalability
Multitenant
Cloudant
Multitenant
Cloudant
Multitenant
Cloudant
Cloudant
- 66. © 2015 IBM Corporation 66
Optimized synchronization makes it easy to
handle offline scenarios
+ Optimizes offline behavior and data sync
• Your app decides when to sync databases
• Remote API allows you to work with latest data or
data that isn’t on the device
+ Complements JSONStore sync which enables
enterprise integration and encrypted storage
User/Device Data (Offline)
+ Generated by the user of the app
+ User preferences, wish list, shopping cart
+ Offline data, periodically synched to the cloud
Shared Data (Online)
+ Generated by the enterprise
+ Shared by multiple users/devices
+ e.g. Store Inventory
+ Queried as-needed by the app, such as
for product search or category display
Native Language
Objects (new)
User Data
Local
API
Shared Data
User Data
Cloudant
- 67. © 2015 IBM Corporation 67
Extending enterprise services via USSD
+ Unstructured Supplementary Service Data (USSD) provides a cost-effective
alternative to mobile apps in emerging markets where feature phones are still
fairly common
+ USSD (Unstructured Supplementary Service Data) is a protocol used by GSM
cellular telephones to communicate with the telecom provider.
MFP enables the following
+ Accept incoming requests from
a USSD gateway and map the
USSD short codes to
corresponding MFP adapters
+ Construct and respond with
USSD menu options
+ Invoke corresponding backend
services via MFP adapters
- 68. © 2015 IBM Corporation 68
Example: Mobile app using MFP for USSD
communication
USSD
Gateway
MFP
Enterprise
backend
HTTP/S
Mobile User dials
USSD short code
say, *123#
Telco forwards
this to a USSD
gateway
Gateway maps the
short code to a known
URL provided by the
enterprise and creates
the USSD session
MFP responds to
the gateway
request with the
USSD menu
options
(configurable)
Enterprise
Adapter
- 69. © 2015 IBM Corporation 69
Managing mobile apps with the MFP Console
- 70. © 2015 IBM Corporation 70
Managing mobile apps with the MFP Console
(continued)
- 71. © 2015 IBM Corporation 71
Managing mobile apps with the MFP Console
(continued)
- 72. © 2015 IBM Corporation 72
Administrators can use CLI or REST API for
management tasks
+ REST API for all administrative operations
• List, deploy, delete and change applications and adapters
• Device management API
• Secured with basic authentication
• Role-based access
• XML and JSON payload
+ Ant tasks for all administrative operations
• Same feature set as REST services
• ANT tasks defined in worklight-ant-deployer.jar
• Supports SSL and password encryption in ant files
• Role-based access
+ Command Line Interface for all administrative operations
• Command line version of ant tasks
• Role-based access
- 73. © 2015 IBM Corporation 73
Examples of REST API, ANT tasks, and CLI
REST services
Ant tasks
Command Line interface
+ Get all applications or post a new one
/management-apis/1.0/runtimes/{runtime-name}/applications
+ Get or delete an application
/management-apis/1.0/runtimes/{runtime-name}/applications/{app name}
+ Retrieve or delete an adapter
/management-apis/1.0/runtimes/{runtime-name}/adapters/{adapter-name}
+ Lock an application version
/management-apis/1.0/runtimes/{runtime-name}/applications/{app name}/{environment}/
{version}/accessRule
+ <wladm url=... user=... password=...|passwordfile=... [secure=...]>
+ <list-apps runtime=... />
+ <delete-app-version runtime=... name=... environment=... version=... />
+ <deploy-adapter runtime=... file=... />
+ </wladm>
+ wladm --url= --user= ... [--passwordfile=...] lists apps [runtime-name]
+ wladm --url= --user= ... [--passwordfile=...] delete app version [runtime-name] app-name
environment version
+ wladm --url= --user= ... [--passwordfile=...] deploy adapter [runtime-name] filename.adapter
- 74. © 2015 IBM Corporation 74
MFP Operations Console and CLI secured
by default
+ Standard JEE security is used in the
console and CLI tools
+ Login / Logout from the console out
of the box
+ Role based access to the console
+ Simplified connection to user
repositories
• Use standard role mapping in
WAS console , Liberty , Tomcat
- 75. © 2015 IBM Corporation 75
Role based access to administration tasks
Role Description
monitor
Ability to view the deployed MFP projects and the deployed
artifacts, this role is a read-only role
operator
Can do all mobile application management operations but
cannot add or remove application versions or adapters.
deployer
same role as operator but can also deploy apps
and adapters.
administrator
Ability to do all application management operations
including the ability to add new versions of applications and
add and remove adapters. The app administrator can also
configure more information on the application itself such as
runtime specific settings such as SMS proxy configuration.
- 76. © 2015 IBM Corporation 76
In-App Notification in a mobile app using
the console
- 77. © 2015 IBM Corporation 77
Disable a mobile app using the console
- 78. © 2015 IBM Corporation 78
1. Web resources packaged with app to ensure initial offline availability
2. Web resources transferred to app's cache storage
3. App checks for updates on startup and foreground events
4. Updated web resources downloaded when necessary, with user confirmation or silently
MFP
Server
Native Shell
Pre-packaged
resources
Download
Update web
resource
App Store
Web
resources
Cached
resources
Transfer
Check for
updates
1
2
3
4
Direct Update for mobile apps on the device
- 79. © 2015 IBM Corporation 79
Direct update is flexible and optimized
+ Direct update is integrated into the MFP Server security framework and
exposes a client-side API for better control and customization:
• Control when to invoke Direct Update
‒ perSession, perRequest, or custom
‒ Disable Direct Update for an app
STARTED
DOWNLOAD_IN_PROGRESS
UNZIP_IN_PROGRESS
SUCCESS
FAILURE_NETWORK_PROBLEM
FAILURE_DOWNLOADING
FAILURE_NOT_ENOUGH_SPACE
FAILURE_UNZIPPING
FAILURE_ALREADY_IN_PROGRESS
FAILURE_UNKNOWN
Description JavaScript
Direct update events listener class
name
WLDirectUpdateListener
Invoked by MFP framework once
direct update has started
onStart(statusJSON)
invoked by MFP framework once
HTTP chunk has been downloaded
onProgress(statusJSON)
invoked by MFP framework once
direct update has finished (with either
success/failure)
onFinish(statusJSON)
- 80. © 2015 IBM Corporation 80
Direct Update optimization
+ End users receive only the web resources (html, CSS, Javascript) that have
changed between updates instead of the entire web resources package
+ Users receive a differential direct update when the web resources in their app
are one build behind the web resources of the application now being deployed
- 81. © 2015 IBM Corporation 81
Remote-controlled client-side log collection
+ MFP provides a native and JavaScript API for client-side logging
+ Administrator defines log collection profiles on the server which are
automatically retrieved by the MFP client-side runtime
• By default sent on init, resume, and 75% full – can be customized
+ Administrator can perform analysis and text search of client-side logs via
server-side analytics console
- 82. © 2015 IBM Corporation 82
Unified Client and Server Analytics
+ Out-of-the-box analytics address the following:
• User adoption, device and app properties
• User actions and called adapter procedures
• Performance and data usage information
• Exceptions, crashes, logs, response time
- 83. © 2015 IBM Corporation 83
Service integration analytics
+ Robust analytics for service integration usage including average response
time, average data usage, and server usage statistics
- 84. © 2015 IBM Corporation 84
Device analytics
+ Automatically captures information about mobile OS type, mobile OS version,
and device model type
- 85. © 2015 IBM Corporation 85
Server and client log inspection made easy
+ MFP Analytics Console enables easy searching of both client and server logs
- 86. © 2015 IBM Corporation 86
Security Analytics
+ Monitor authentication attempts to better protect against potential attacks
+ Discover reasons for authentication failures and use information to improve
user experience
+ Trace authentication failures back to specific device, network transaction, user, etc.
+ Visualize which resources are protected
- 87. © 2015 IBM Corporation 87
Create custom reports for your organization
+ Save Reports
+ Delete Reports
+ Edit Report Definition
+ Secure Reports
- 88. © 2015 IBM Corporation 88
Application Center for managing the app
testing phase
+ Share apps across developers, testers,
and other stakeholders
• iOS, Android, Windows Phone 8, Windows 8,
and BlackBerry 6 and 7
Developers
+ Access all feedback in a centralized manner
Testers
+ Provide rating and feedback directly
from the device
Testers
+ Easily find apps and versions to test
Developers
+ Easily distribute app to testers
- 89. © 2015 IBM Corporation 89
The value of MFP for Hybrid Apps
Focus more on business logic
+ Proven optimization framework including Skins
+ Robust and extensible enterprise integration
framework
+ API discovery for SAP and SOAP
+ MFP app runtime for quick data-driven
hybrid apps
+ Encrypted JSON Store with bi-directional
synchronization
+ Efficient geo-location services and geo-fencing
Decrease development cost
+ Instant hybrid app preview
+ Accurate mobile simulator + visual location
simulator
+ Automated functional testing for hybrid apps
+ Out of the box operational analytics
Manage the mobile app lifecycle
+ Console for app management, version
enforcement, and fine-grained user control
+ Custom app templates and screen templates
+ Custom app components and shell
+ Support for enterprise SDLC integration
+ App Center for managing distributed test
process
Support the mobile ecosystem
+ Cordova is shipped with MFP; IBM provides
bug fixes and production-level support for
version shipped with MFP
+ Proven timely support for new OS versions
+ Support for use of third party libraries and
services
- 90. © 2015 IBM Corporation 90
The value of MFP for Native Apps
Focus more on business logic
+ Robust and extensible enterprise integration
framework
+ Proven user and app security framework
+ API discovery for SAP and SOAP
+ Encrypted JSON Store with bi-directional
synchronization
+ Efficient geo-location services and geo-fencing
Decrease development cost
+ Standard server API for push engagement
+ Automated functional testing for native apps
+ Out of the box operational analytics
Manage the mobile app lifecycle
+ Console for app management, version
enforcement, and fine-grained user control
+ Support for enterprise SDLC integration
+ App Center for managing distributed
test process
Support the mobile ecosystem
+ Proven timely support for new OS versions
+ Support for use of third party libraries
and services
- 91. © 2015 IBM Corporation 91
IBM MobileFirst Platform Key Differentiators
+ Tooling for HTML 5 development and device adaptation
+ Application lifecycle management of HTML5 artifacts
+ Leveraging de-facto standards to provide added value for developers
Standards-based
+ Native / hybrid / web
+ Full coverage of the hybrid spectrum
+ Leverage any 3rd Party JavaScript Framework: More choice!
Flexibility and choice
+ For developers: easy learning curve, small number of programming
models, JS anywhere, small footprint
+ Collaborative development
+ Quick and easy Installation and deployment
Consumability
+ Flexible security model
+ Portfolio integration
+ Advanced in-app security features
Security
+ IBM products already leveraging MFP as a mobile standard
+ Starting to build a catalog for third-party APIs
+ MobileFirst solutions for testing, team dev, analytics, security and mgmt
Ecosystem
- 92. © 2015 IBM Corporation 92
Three Ways to Get Started with IBM
1!
Get MFP Developer Edition here: !
https://developer.ibm.com/mobilefirstplatform/
documentation/getting-started/ !
Talk with your IBM representative or Business
Partner to find the right next step for you2!
3! Learn more at http://www.ibm.com/mobilefirst
Interact with us @ibmmobile and #ibmmobile!
- 94. © 2015 IBM Corporation 94
© Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind,
express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have
the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM
software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities
referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature
availability in any way. IBM, the IBM logo, Rational, the Rational logo, Telelogic, the Telelogic logo, and other IBM products and services are trademarks of the International Business Machines
Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
https://developer.ibm.com/mobilefirstplatform/documentation/
getting-started/