Both customer and employee mobile apps must be tested across numerous devices, operating systems, carriers, etc. This generally requires specialized tools.
Monthly Archives: July 2014
Strategic Technology: Transaction Security Intelligence (IBM Trusteer)
Transaction Security Intelligence software looks at devices to determine their security state such as jail-broken, rooted, malware, fraudulent activity, etc.
Strategic Technology: Application Vulnerability Scan and Test (IBM AppScan)
The most fundamental requirement is to automatically scan application source code to identify security vulnerabilities.
IT Capability: Designing for Mobile Security
All systems of engagement need a security architecture, but this is particularly important for financial services.
Mobile apps need to have security designed into them directly to protect sensitive data that they are using or have persisted to the device.
The device also must be secured. Finding and/or wiping lost devices. Cleaning enterprise data from user-owned devices when the association between the user and the enterprise has been broken (as when an employee terminates employment) without affecting personal data.
Protecting transactions from malware, screen scrapers, key loggers, etc.
Key enablers of this capability are the security measures in mobile application platforms and vulnerability scanning software.
What is User Context?
When designing a mobile app we want to look for ways to account for the user’s context. This includes the person’s identity and location, travel speed, active apps, the weather, the task are they performing, gestures, sensor inputs, asleep or awake, etc.
IT Capability: Mobile Application and Device Management
Control of which server applications are available, how client apps are provisioned, which users and devices can access server applications, etc. Wiping of enterprise data from devices when needed.
IT Capability: Develop Systems of Engagement
Developing Omni-channel systems of engagement requires a number of subordinate capabilities:
- Designing and developing engaging user experiences across devices and touch points
- End-to-end architectures linking systems of engagement to systems of record, including data flows
- Designing for usability, dependability and scalability
- Instrument for deep analytics, including customer experience management
- Designing for privacy, deployment, management and security
- Adopting an agile development methodology.
Strategic Technology: API Gateway (Worklight)
With an API Gateway, mobile applications call REST interfaces which return data in JSON format. The API gateway integrates with other enterprise systems through Web Services, MOM, ESB, or point-to-point integration. The complexity and variation of the enterprise interfaces is hidden from the mobile applications, and the REST interfaces are published, so mobile apps may be composed quickly with standardized tools.
IBM’s API Gateway is the Worklight Server, included in IBM’s MEAP (Worklight).
Strategic Technology: Mobile Application Platform (IBM Worklight)
A Mobile Enterprise Application Platform (MEAP) such as IBM Worklight provides the ability to write once and deploy anywhere.
IBM Worklight builds upon open source Apache Cordova (a.k.a. PhoneGap).
A MEAP provides tooling to develop mobile Web, hybrid mobile and native mobile applications. The IBM tooling for Worklight is named IBM Worklight Studio. Common code can be shared across applications of different types and targeted toward different devices. Support is provided for synchronization of data. Secure the application at the device, application and network layers, and govern the app portfolio.
Developers will need to integrate mobile application development tools with Web application development tools and lightweight Web development tools to provide multichannel systems of engagement.
A MEAP provides or depends upon mobile device/application management and mobile application security technologies.
- Mobile Application Management (MAM) enables deployment of applications through an enterprise app store, keeping them up-to-date on mobile devices, monitoring performance, and performing reporting, tracking and access control. MAM is supported by IBM Endpoint Manager for Mobile Devices.
- Application Lifecycle Management (ALM) enables tracking different versions of apps and improve them efficiently.
MQ messaging can be extended to mobile devices using IBM MessageSight.
Mobile app testing can be automated using IBM Rational Test Workbench.
IT Capability: Write Once, Deploy Anywhere
Engaging customers on an exploding number of wearables, phones, phablets, tablets, pc’s, televisions…and who knows what is next…drives fragmentation and inefficiencies in the application development and maintenance process.
Write once, deploy anywhere is a technique to manage this complexity by writing applications in a common technology that can be deployed to many devices. So instead of developing for…
- Objective C for iOS
- Java for Android
- C# for Windows mobile
…a team would develop once in Web technologies such as HTML5, CSS and JavaScript, along with a mobile platform that can create a platform-specific app.
IBM Worklight is an example of a Mobile application development platform.