IBM MobileFirst Platform

Overview
Additional information line, e.g. presenter name, presentation tagline etc.
Presentation date or version identifier

2015 IBM Corporation

Key enterprise challenges for a successful

mobile journey
Mobile app users are demanding. If my app is not
delivering a great experience I need to know.

Mobile opens up a new set of security considerations.

Our reputation is on the line.
My users want to be even more productive. Personalization
based on the devices context is a huge opportunity.
I need my development teams focused on creating
great app experiences, not figuring out how to
integrate or store data.
2015 IBM Corporation

Mobile app users are demanding I need to

understand if their needs are being met
Tangerine Bank
100% online
banking

Customers can execute

any banking transactions
securely while on the go

Customers can provide

feedback on services
offered and app
experience
5 Star App Rating

Customer feedback
incorporated back into
the app quickly

The IBM MobileFirst Platform helps IT collect user feedback and analyze app store ratings,
resulting in reduced app development cycles from 6 to 2 weeks. Achieved highest in Customer
Satisfaction Among the Midsize Retail Banks in J.D. Powers Canadian Retail Banking
Customer Satisfaction Study.
2015 IBM Corporation

Mobile opens up a new set of security

considerations. Our reputation is on the line
China Ministry of Railways
Demand from ~2B
passengers for ticket
sales far surpasses
supply

Created ticket
scalper environment

Hackers created
fake apps to sell
tickets at a premium
The IBM MobileFirst Platform helps authenticate users and secure the app against spoofing.
It also enabled the Mobile app to scale to secure 3.62 billion tickets during 40 day spring
festival.
2015 IBM Corporation

My users want to be even more productive.

Personalization based on the devices
context is a huge opportunity
Elmec
Employees needed to be more
productive while on a service call
Scans asset barcode, automatic pull of
product and service information, and
provides suggested action
Real-time log update of
changes in asset position
using geo-location

Drive up-sell opportunities

The IBM MobileFirst Platform used GPS, photo, and video features to deliver a contextual
app to manage lease equipment based on location, leveraging a catalog of over 60,000
products. Mobile app includes service and support capabilities.
2015 IBM Corporation

Mobile apps need data to be rich, but

integrating and storing data in a scalable
way slows down delivery
RunKeeper
App has 30M users and
integrates with 100 3rd party
devices and services
GPS tracks outdoor fitness activities,
including duration, distance, pace, speed,
and path traveled on a map.
As user base grew, app
hit scalability threshold,
performance was effected

Top Rated Health and

Fitness Mobile App

IBM MobileFirst Platform provided seamless data scalability, while delivering a responsive
experience users demanded. Reduced application development and maintenance costs,
improved time-to-market and enhance mobile application governance and security
2015 IBM Corporation

Great apps share common traits

Always
improving

Data rich

Secure

Relevant

To your
customers

I can do more
on my device

I can trust that

my data is safe

Its better, faster

or more
functional than it
was yesterday

It knows me
where I am, what
Im doing and
what I like

For your
enterprise

My customers
(and other users)
make better
decisions faster

We ensure
sensitive
enterprise data
is secure, in
transit and at
rest.

We easily manage
new releases and
assess and act on
performance and
usage issues

We have deep
insights in our users
and their mobile
experiences

What that
means

2015 IBM Corporation

IBM MobileFirst Platform provides a

comprehensive set of services delivered in
a modular fashion
New or Existing Apps
Native

Hybrid

HTML5

3rd Party Tools, Services, Apps

Modular Services
Continuously
Improve

Secure

Data Rich

Cloud

Software or SaaS

On premises

3rd Party APIs

Enterprise APIs
Systems of Record

Contextualize
& Personalize

Systems of Engagement

2015 IBM Corporation

Cloud Services

The IBM MobileFirst Platform

Integrated mobile app development with continuous delivery

Application
Scanning

Quality Assurance Cloudant Local

Application Scanning
Detect code vulnerabilities at the
time of development

Quality Assurance
Server
Studio

Runtime
Console

Application Center

Collect beta test feedback, crashes

and analyze user sentiment

Cloudant Local
Store mobile app data in a NoSQL
database with easy sync capabilities

Foundation
Development, Runtime, Operations
Console & Private Store

Development

Continuous Delivery
2015 IBM Corporation

IBM MobileFirst Platform Foundation 7.0

Component Overview

2015 IBM Corporation

10

MFP Foundation 7.0 Highlights

Efficient and scalable app data storage
+ Enable native Android and iOS mobile app developer to store engagement data on-prem
with off-line access, scalable storage, and enterprise integration
+ Make offline operations easier by removing the need to develop complicated sync and
replication logic
Manipulate and query data without worrying about sync logic
Just decide when to sync and if you want to push or pull changes
Standard-based integration and authentication
+ Leverage OAuth 2.0 security standard to securely integrate with new and existing
backend services
+ Streamline usage and operations of new and existing services via a client-side REST API
+ Leverage MobileFirst Platform security and operational analytics capabilities when
directly integrating with RESTful enterprise services
Deep insights that help you deliver better apps
+ Collect data and create custom reports to gain insights customized for your needs
2015 IBM Corporation

11

IBM MFP Foundation Typical Topology

App
https

Corporate DMZ

Web SSO
Server
https
Load
Balancer
Corporate LAN

MFP
Cluster
MFP
Database

Backend 1

Backend 2
2015 IBM Corporation

12

Spectrum of mobile app development

approaches
Pure web

Mobile
web site
(browser
access)

Hybrid

Native
shell
enclosing
external
m.site

Prepackaged
HTML5
resources

Pure native

HTML5 +
native UI

Mostly
native,
some
HTML5
screens

Pure
native

Web-Native Continuum
HTML5, JS, and
CSS3 (full site or
m.site)
Quicker and
cheaper way to
mobile
Sub-optimal
experience

HTML5, JS, and

CSS
Usually
leverages
Cordova
Downloadable,
app store
presence, push
capabilities
Can use native
APIs

As previous
+ more
responsive,
available offline

Web + native
code
Optimized user
experience with
native screens,
controls, and
navigation

2015 IBM Corporation

App fully
adjusted to OS
Some screens
are multiplatform when
makes sense

App fully
adjusted to OS
Best attainable
user experience
Unique
development
effort per OS,
costly to
maintain

13

MFP Studio The IDE for hybrid app

development
+ Eclipse-based IDE

SDKs!

MFP Studio!

Optimization
Framework!

+ Application scaffolding and

componentization

Integrated Device !
SDKs!
3rd Party Library
Integration!

+ Mobile OS-specific optimization

+ Device-specific optimization with Skins
+ 3rd-party library integration for HTML5
and native components

Android!

HTML5, Hybrid, and

Native Coding!

WYSIWG Editor!
and Simulator!
Functional !
Testing!

Blackberry!
Build Engine!

+ Code assist tools with auto-complete and

validation

iOS!

Windows
Phone!
Windows 8!
Java ME!
Mobile Web!
Desktop Web!

+ Quick access to simulators, emulators,

and debugging tools

2015 IBM Corporation

14

Studio provides authoring, visual design,

simulation, and runtime skins for hybrid apps

2015 IBM Corporation

15

Seamless integration for native development

and other tools
Use your preferred IDE and tools to develop pure native or hybrid Apps
Complements native IDEs with tools to perform MFP tasks

Simple Interactive assistance

+ mfp create
[?] What do you want to name your project? MyProj
Project MyProj created
+ cd MyProj
+ mfp add api
[?] What do you want to name your native API? MyIosApi
[?] What platform do you want to target?
Android
iOS
Java ME
Windows Phone 8
Native api for ios created
2015 IBM Corporation

16

Example CLI commands for native apps

+ mfp create
[?] What do you want to name your project? MyProj
Project MyProj created
+ cd MyProj
+ mfp add api
[?] What do you want to name your native API? MyIosApi
[?] What platform do you want to target?
Android
iOS
Java ME
Windows Phone 8
Native api for ios created

Context aware builds

+ mfp build
+ mfp deploy

If at project level, all apps and adapters are built.

If in adapters (all or single), then only those are built.
If within a single app, then only that app is processed.
If within a single env of app, only it is built and deployed.

Embedded MFP Server control

+ mfp start
+ mfp console
+ mfp stop

The mfp run command is a long running task that starts

the server, and tails (follows) the server log file
2015 IBM Corporation

17

Example CLI commands for hybrid apps

+ mfp add hybrid
[?] What do you want to name your app? MyHybrid
+ cd apps/MyHybrid
+ mfp add environment
[?] What environments you want to add to the hybrid app?
iPhone
iPad
Android phone and tablets
BlackBerry 6 and 7
BlackBerry 10
Windows Phone 8
Windows 8 desktop and tablets
Mobile web app
+ mfp build
+ mfp deploy
+ mfp console

2015 IBM Corporation

18

Example CLI commands for adapters

+ mfp add adapter Accounts --type http
+ edit adapters/Accounts/Accounts*
+ mfp build && mfp deploy

Implement desired procedures

Interactively test the adapter

+ mfp invoke
[?] Which adapter do you want to use? (Use arrow keys)
Accounts
Foo
[?] Which procedure do you want to invoke? (Use arrow keys)
getAccountList
getAccount

Direct syntax

[?] Enter the comma-separated parameters: "111-001"

Invoking Accounts:getAccount...
Arguments:
[ "111-001 ]
Invocation result:
{
"id": "111-001",
"balance": 623.45,
. . .
}

mfp invoke Accounts:getAccount '["111-001"]

{
"id": "111-001",
"name": "Checking",
. . .
}

2015 IBM Corporation

19

MFP gives developers complete control

over their app

Attractive
App Startup

Engaging UI

Compelling
app flow

+
+
+
+

Control default splash screen behavior

Add a custom splash screen
Start application with native screen
Control MFP framework initialization, e.g. in background

+
+
+
+

Display a specified native screen in full screen

Mix native and web components on a same screen
Control native components that host web application
Use native components hosting web application inside of a
container

+ Call native code from JavaScript and vise-versa

+ Invoke both native and JavaScript MFP Client APIs in any
order e.g. authenticate in native, UI in HTML5

2015 IBM Corporation

20

Unsurpassed flexibility in hybrid development

Complete freedom in mixing native and web code in the same app
Native header with
button, title and icon

Native and web

components on a
same screen
WebView with web
components

Native scrolling ticker

2015 IBM Corporation

21

Bridge native and hybrid elements with an

action API
+ First bullet: Use the MFP action API to enable native-hybrid
communication:
L2 Send data from JavaScript to Native
Send data from Native to JavaScript
Register Native action handlers
Register JavaScript action handlers

Example: Clicking native side menu button triggers web UI change

2015 IBM Corporation

22

Create reusable enterprise UI patterns

+ Create and reuse custom UI patterns

For corporate branding

Improved governance: Patterns which were

adequately designed, implemented and tested

+ Patterns contain HTML, CSS and JS

resources
+ Package patterns inside a pre-defined
archive format, so that they can be
distributed among teams to re-use in
their projects with MFP Studio

2015 IBM Corporation

23

Create custom components and templates

Add
Components and
templates to an
MFP Project

Create
components
and
templates

Shareable ZIP archives

.wlc or .wlt extns
+ Save development time by reusing code
+ Help enforcing governance by providing
ready-made, tested components with
corporate-approved code and branding
+ Created and managed using an MFP
Studio wizard

+ Custom screen patterns

HTML, CSS and JS resources
Extend the list of out-of-the-box patterns
+ Application Components
Reusable libraries (Client or server runtime)
that developers can add to apps
+ MFP Project Templates
A reusable hybrid project that developers can
use to jump start new application development

2015 IBM Corporation

24

IBM MobileFirst SDK for Xamarin

+ With IBM MobileFirst Platform Foundation SDK, Xamarin developers can build rich
native enterprise grade mobile apps for iOS and Android devices using C# language

https://
components.xamarin.com/
view/ibm-worklight
IBM MFP
Xamarin
Studio

Security
Integrated
Services

Authentication
Integration
Notifications
App Management
Analytics

2015 IBM Corporation

25

Rapid testing of hybrid apps with the Mobile

Browser Simulator
+ Accurate simulation of the apps HTML5 screens (e.g., right fonts, sizes, and layout)
+ Supports Cordova and MFP client API

2015 IBM Corporation

26

Mobile Functional Test Tools

+ Comprehensive, complete, resilient functional testing
Android and iOS, native and hybrid
HTML and JQuery
Record, edit, and run on mobile devices or emulator
Same test runs across multiple devices in the platform family
Natural language scripts can be used by developers and non-developers alike

+ Simple process
Record
Author
Playback
Report

2015 IBM Corporation

27

IBM MobileFirst Platform Quality Assurance

Delivers mobile app quality across a fragmented environment with end user
feedback and quality metrics available at every stage of development.
Evidence-based prioritization enable
business and IT to collaborate on mobile strategy
and user experience
Over the air app distribution get the latest in
the hands of testers as soon as it is available
Frictionless bug reporting spend every minute
on testing latest and greatest builds,
not the hassles
In-app crash reporting rapid understanding
of why an app fails
Sentiment analysis mine app ratings and
reviews to extract actionable feedback before they
go viral
2015 IBM Corporation

28

Get the details behind app sentiment score

at a glance
App category, app quality score, # of reviews & daily average, trend

Quality attribute, # of reviews & daily

average, trend, and signals

2015 IBM Corporation

29

Quality attribute scorecard

2015 IBM Corporation

30

Compare your app against your competitors

2015 IBM Corporation

31

Discover whats trending with top review

clusters

2015 IBM Corporation

32

MobileFirst Platform Application Scanning

Detect vulnerabilities at the time of code change to reduce risk of data leakage
and breaches
+ A single Eclipse Integrated Development
Environment (IDE). Scan existing code
projects or MFP Studio projects
+ Native and hybrid mobile applications support
+ Enhanced JavaScript analysis, which
includes improved performance and
additional framework support
+ Optionally connect to IBM Security AppScan
Enterprise Server to share scan
configurations, filters, and custom rules
across all projects

2015 IBM Corporation

Application
Scanning!

33

Security Features Mapping

Proactively enforce
security updates

Protect data on the device

Encrypted
cache / DB

Offline
authentication

Secure
challengeresponse on
startup

App
authenticity
testing

Mobile
platform as a
trust factor

Authentication
integration
framework

Data
protection
realms

Coupling
device id with
user id

Streamline corporate
security approval
processes

Device
provisioning
integration

Proven
platform
security

Provide robust
authentication and
authorization to secure users
2015 IBM Corporation

Remote
disable

SSL with
server
identity
verification

Direct update

Code
obfuscation

Protect from
Known Application
Security Threats
34

Flexible authentication framework

+ Security tests are a series of realm tests which
can be put into a sequence or all or nothing
MFP
Client
SDK

JSON
HTTPs

Protecting resources, procedures and mobile apps

MFP
Server

+ MFP provides framework for users to define the

security test and the individual real test
+ There are also out-of-the-box pre-packaged
realm tests and security tests (e.g. form-based
auth, LTPA auth, cookie-based auth)

Security Tests are

triggered on startup
or on demand.

Security Tests

Realm4: Custom Authentication

Realm3: User Credential Testing (Question 2)
Realm2: User Credential Testing (Question 1)
Realm1: App Authenticity Testing
2015 IBM Corporation

35

OAuth 2.0 Support

+ MFP Server provides REST endpoints for OAuth-based authorization
+ Developers can extend the mobile-specific security and analytics capabilities
of MFP to existing enterprise services
+ Approach does not require any changes to existing enterprise services

2015 IBM Corporation

36

User-certificate provisioning for client-side

authentication
+ X509 certificates
Are installed on devices and can can be used to automate user authentication

+ Certificate provisioning options

For all apps on a device
For a particular app

+ Benefits
Cost saving: Certificates are typically provided by MDM solutions and is quite costly (some charge $70
per device).
Usability: Simple, automated user authentication; Users device does not need to be managed by an MDM

2015 IBM Corporation

37

Protecting data on the device

Protect data on the device!

Encrypted
cache / DB

Offline
authentication

Secure
challengeresponse on
startup

App
authenticity
testing

Device theft
Offline access
Phishing, repackaging

Device
provisioning
integration

+ Encrypted JSON Store

+ Offline authentication using password
+ Extended authentication with server using secure challenge response
+ App authenticity testing: server-side verification mechanism to mitigate risk of Phishing through
repackaging or app forgery
+ Device provisioning integration: allow for the authentication of devices in addition to apps and users
+ HTTPS/TLS based initiation of MFP Server connectivity from MFP Client runtime using FIPS 140-2
compliant libraries
- Tie in with User-Provision to use X509 Cert in establishing HTTPS/TLS connection using user certificate
- On top of the already compliancy for communication (data in transit) and for storage (JSONStore)
2015 IBM Corporation

38

Application Authenticity
+Mobile apps installed on a device represent a point of vulnerability
Apps are binary packages protected by mobile OS but that may not be enough

+MobileFirst Platform helps protect your enterprise from compromised apps by

detecting potential tampering and blocking access from the app to the enterprise
Administrative tools make it easy to enable and monitor app authenticity

+Application authenticity protections apply to Android, iOS, and WP8 platforms

2015 IBM Corporation

39

Application Security
Proven
platform
security

SSL with
server
identity
verification

Code
obfuscation

+ Proven platform security: tested by the most

demanding customers (e.g., top tier banks)
+ Client<->Middleware communications over
HTTPS to prevent data leakage

Protect from
Known Application
Security Threats !

+ Server certificate is automatically verified

to thwart man-in-the-middle attacks
+ Developers can obfuscate application JS
code to make static analysis more difficult
+ SQL adapter designed to mitigate
SQL-injection
+ Built-in audit trail

Hacking
Eavesdropping
Man-in-the-middle

2015 IBM Corporation

40

Protecting app source code

+ Obfuscate and minimize JavaScript
resources to better protect source code in
a hybrid app
Simple wizard in both Studio and CLI environments

+ Google Closure used to perform obfuscation

and minification
+ Android ProGuard support makes it easy to
encrypt Java resources included in an
Android app
+ Predefined ProGuard configuration files are
included for ease of use

2015 IBM Corporation

41

Block access to specified devices or apps

+ Allows MFP admin to block a devices access to the MFP Server
+ Admin has the option to block access for the entire device or for a particular
application on the device
+ Device can be marked as stolen, lost, or disabled for record keeping

2015 IBM Corporation

42

Key generation, encryption, and decryption

APIs
+ MFP provides APIs that make it easy to secure content used by the app (PDFs,
images, text documents, etc.) on a device
+ The APIs provide key generation, encryption, and decryption capabilities
+ Key generation, encryption and decryption APIs can be used in conjunction with
the JSONStore

2015 IBM Corporation

43

Secure inter-application data sharing

+ New API allows developers to securely share data between applications in an
application family
+ The API can be used to share security tokens and other small data sets
Data is always shared as a string

+ Native API support on iOS and Android in addition to JavaScript API

Hybrid applications
WL.Client.setSharedToken({key: myName, value: myValue})
WL.Client.getSharedToken({key: myName})
WL.Client.clearSharedToken({key: myName})
iOS native applications
[WLSimpleDataSharing setSharedToken: myName value: myValue];
NSString* token = [WLSimpleDataSharing getSharedToken: myName]];
[WLSimpleDataSharing clearSharedToken: myName];
Android native applications
WLSimpleSharedData.setSharedToken(myName, myValue);
String token = WLSimpleSharedData.getSharedToken(myName);
WLSimpleSharedData.clearSharedToken(myName);
2015 IBM Corporation

44

Device Single Sign-On (SSO)

+ Enables a mobile user to authenticate once and gain access to all apps from the
same organization (technically, with the same developer certificate) without reauthenticating.
+ Supports integration with DataPower, ISAM, and other web gateways

Implemented using combination

of server-side capabilities
(realms) and unique device
identification (device ID)

Session x

MFP
Server

App 1
ID

Duplicate after receiving

ID fro App 2
Session y

App 2

On successful login the

authentication state is saved
in the database and used for
validations in subsequent
sessions from the same device.

2015 IBM Corporation

45

secure Mobile OS key store

+ Implementation

Enforcing security updates

Cant rely on users
getting the latest
software update on
their own

+ Remote Disable: shut down

specific versions of a
downloadable app, providing
users with link to update

Proactively enforce
security updates

Remote
disable!

Direct
update!

+ Direct Update: automatically

send new versions of the
locally-cached HTML/JS
resources to installed apps

2015 IBM Corporation

46

Controlled back-end integration

+ From multiple point-to-point
integrations

+ To streamlined, transparent access

MFP transforms enterprise data into
mobile-friendly, JSON format

Multiple sets of integrations to enterprise

resources to build and maintain

MFP Server manages caching, data

synchronization and end-to-end encryption

YOU manage caching, synchronization

and end-to-end encryption

App

App

DB

ERP
Engine

Cloud
Service

ERP
Engine

DB

SQL
HTTP (REST, SOAP), JMS

Cloud
Service

SAP
HTTP, CAST IRON

MFP Adapters
MFP
SERVER
JSON

Apple

Android

Blackberry

Windows
Apple
2015 IBM Corporation

Android

Blackberry

Windows

47

MFP Server: Adapters

+
+

+
+

Run time
Lightweight server-side logic to expose systems of records in a
mobile-friendly way
Automatic JSON transformation of enterprise data for quick
transport and ease of consumption by mobile developer
Server-side service composition to reduce number of
requests over slow mobile network
XSLT to reduce fat SOAP responses
Security
Automatic enablement of server-side authentication
control and audit
Analytics
Automatic collection of user actions and device and
app properties
Data sync
Enables synchronization with on-device JSON Store
Mobile user engagement
Push notifications and geo-based event management

For the server developer

+ JS anywhere: Simple APIs for server-side JavaScript development
+ Extensibility: Java API for custom adapters
For the client developer
+ Easy-to-use, consistent client-side API to call any back-end system
2015 IBM Corporation

SQL /
JDBC

SOAP /
HTTP

JMS

REST

CAST
IRON

Java
Extension

MFP Server
Enterprise back-ends and
Enterprise
back-ends and
cloud services
Enterprise
back-ends and
cloud services
cloud services

48

Zero-code service integration for your apps

+ Analyze SAP (NetWeaver Gateway), REST, and SOAP services to create adapters
with no manual coding
+ Discover target services and select the operations you want to use in your
mobile app
+ Work with WSDL, SAP service definitions, and any RESTful endpoint over HTTP(S)

2015 IBM Corporation

49

Automatic adapter generation for IBM BPM

workflows
+ Integrate IBM BPM workflows into your
apps without manual development
+ Use Service Discovery to explore and
select existing processes for integration
+ Work with IBM Business Process Manager
v8.5.6 and above
+ Use a standard BPM adapter to gain REST
access to processes
+ Use the BPM management console to
export an MFP project or adapter from
an IBM BPM process app

2015 IBM Corporation

50

Java Adapters
+ Enable custom service development for
mobile app projects
+ Utilize JAX-RS standard-based deployment
model to describe REST service
+ Accessible using standard REST
conventions; URLs, and HTTP verbs
+ Leverage OAuth for MFP security
protection and analytics gathering

2015 IBM Corporation

51

SAP Java Connector (SAP JCo) Adapter

+ Integrate your mobile apps to SAP systems
without requiring NetWeaver
+ Deploy adapters that provide a direct
interface to JCo functions
+ Utilize the new
WL.Server.invokeSAPFunction API
+ Provide configuration info for SAP server
and user authentication

2015 IBM Corporation

52

RESTful access pattern for adapters and

enterprise services
+ Provides a RESTful invocation model for
deployed adapters/existing services
+ Allows consumption of adapters by nonmobile clients
+ Enables management of adapter invocations
by API Management solutions (i.e. IBM API
Management)
+ Extends MFP security protections via
OAuth model
+ Retains support for existing invocation model

2015 IBM Corporation

53

Centralized push notifications

To the simplicity of one
Unified push management

From the complexity of many

Multiple sets of push services to manage

SMS/MMS
Brokers

MFP Unified Push Framework

Google
Push
Apple
Push

Microsoft
Push

Google
Push

Microsoft
Push

SMS/MMS
Brokers

Feature
Phones

Android
Apple

Apple
Push

Windows

Apple

2015 IBM Corporation

Android

Windows

Feature
Phones

54

Unified Push Notifications

+ Uniform access to push notifications providers
Register for, notify, and receive a notification via MFP APIs or SMS

+ Register for and send SMS based notifications

E.g., for feature phones

Back-end
Back-end
System!
System!

Notification
State
Database

Polling
Adapters

Unified
Push API

Back-end
Back-end
System!
System!

Messagebased
Adapters

UserDevice
Database

Administrative Console

iOS
Dispatcher

iOS
Push API

Apple Push
Servers
(APN)

MFP
Client-side
Push Services

Android
Dispatcher

Android
Push API

Google Push
Servers
(GCM)

MFP
Client-side
Push Services

Windows
Phone
Dispatcher

Windows
Push API

MPNS/WNS

MFP
Client-side
Push Services

Broker API

SMS/MMS
Brokers

SMS
Dispatcher

2015 IBM Corporation

Notification statistics, SMS subscription
control

Optional 2-way SMS

55

iOS Push Notifications

+ Interactive Push Notifications
Enable developers to send Interactive Notification for iOS 8 devices
Prompts users to take action without leaving the application they are in
API support for defining category to tell the device to show predetermined set of buttons

+ Silent Push Notifications

Enable developers to send silent notification to iOS 7 onwards devices
API support for sending and receiving\handling silent push notification

2015 IBM Corporation

56

Android Push Notifications

+ Android Notifications
Support for Heads-up notification for receiving high priority notifications while using the device
Support for Cloud Sync notifications
Provide APIs to set appropriate priority
Notification support on the device lock screen
Provide APIs for what to show on lock screen

+ Server side
Optional fields in GCM properties of notification attributes
GCM: {
'visibility':''
(public, private, secret)
'priority':''
(max,high,default,low,min)
bridge': ''
(true,false)
'category':'' (promo,recommendation,social..)
..
}

+ Client side
Extract all the parameters from the received notification
Use the Notification.Builder API to build the notification object with all the extracted values
2015 IBM Corporation

57

Segmenting users for push notifications

+ Group notifications based on tags
Notifications are targeted to only a select set of users based on their topics of interest
Tags allow message producers / senders to segment devices
One or more tags can exist per application
Defined in application-descriptor.xml created during deployment

+ Broadcast, unicast and narrowcast notifications

New APIs available to send a notification to all the devices that installed the application
Also provides for an option to opt out of receiving broadcast notifications
Enhanced APIs to send a notification to specific user or device that installed the application
Support for a notification targeted to devices of a particular platform that installed the application

2015 IBM Corporation

58

Push notification management features

+ APNS Certification Expiration Management
Detect if the application has APNS certificate and then display the certification expiration date:
on the application catalog in the console.
Provide warning message while deploying the app with already expired APNS certificate
Provide REST API support for updating the expired APNS certificate and password

+ Push Notification Management APIs

Rest APIs to submit a message with the specified options to the devices specified by target
Rest APIs to Create, Delete and update a tag
Credential management for GCM, MPNS and certificate management for APNS

2015 IBM Corporation

59

Two-way SMS communication

+ Why SMS?
For feature phone users: A preferred mode of interaction
For roaming users: When data roaming fees are not affordable
In emerging markets: More reliable than Internet connection

+ SMS in MobileFirst Platform

HTTP integration with SMS gateway or aggregator for the SMS delivery
Seamless backend integration, mapping of incoming SMS to the relevant backend calls

+ Mobile user enterprise

SMS

HTTPS

MFP
Server

Backend
Service

Sends SMS messages based on

keywords published by the enterprise

+ Enterprise mobile user

Responds to a user request

SMS Gateway

Initiates a new request by sending an

SMS notification to a subscribed user

2015 IBM Corporation

60

MobileFirst Platform Geo-Location Services

Collect and use on the mobile device
Efficient, controlled
acquisition of GPS,
triangulation, and
Wi-Fi coordinates in
background and
foreground

Define points
of interest and
geo-fences

Trigger actions
based on location
changes

Store while offline,

Efficiently send to
server

Use on the server

Store

Integrate context
information with
business
processes

API availability
+ Hybrid: iOS, Android, Windows Phone 8
+ Native: IOS and Android

Handle business
events

Perform analytics

Scenarios debugable with MFPs

Mobile Simulator
2015 IBM Corporation

61

Enhancing engagement via beacon integration

+ Detect and act based on proximity to beacons
Deliver location relevant messages, information, promotions, etc. that prompt users to take action

+ Enable developers and administrators to take advantage of beacons

Admin registers and manages beacons using command line tool
Admin creates triggers that fire when users are in proximity of beacon
Developer can easily query beacon information and act on proximity triggers

2015 IBM Corporation

62

Mobile Data support: JSON Store

+ On-device, mobile database support

+ Server-to-client Sync

Embedded JSON mobile database

JavaScript APIs to store, query and update the
data in offline mode using MongoDB-like APIs

Retrieve, store and keep data store up-to-date

using adapters

+ Client-to-server Sync

+ Encrypt sensitive data

Using a key provided by developer or obtained
as users password

Simplify write actions on data while the app is

offline and send these actions to the server

+ Enterprise API-based

Apple Touch ID support

FIPS140-2-compliant

MFP
Server
JSON
Store

Mobile App

JSON

MFP
Adapter
2015 IBM Corporation

XML, JDBC,

Corporate SOA /
Enterprise Bus

Leverages corporate API / SOA layer to access

sensitive enterprise data

Back-end
system or
database
63

IBM Mobile First Platform Cloudant Local

+ The power of Cloudant NoSQL database in the privacy of your data center
+ IBM Mobile First Platform includes Cloudant Local single node license
+ Upgrade to multi-node clusters for high availability and scalability

Elastic Scalability

Multi-Structured Data

2015 IBM Corporation

Data Mobility

64

Scalable Data Service and APIs with

Flexible Deployment Options
+ Rapid schemaless development
limits dependency on IT

Cloudant

+ Store Data on-cloud or

on-prem

+ Consistent APIs in cloud

and on premise
Multitenant
Cloudant
Mobile App

+ On-cloud for fully managed,

automatic scaling
+ On-prem for more control,
data isolation

Native CRUD
Query
Sync

Device DB
Multitenant
Cloudant

On-Device
Cloudant Local
Single Node

Single Node License Included

2015 IBM Corporation

Multitenant Multitenant
Cloudant
Cloudant

Upgrade to Multi-Node Clusters for

High Availability and Scalability

65

Optimized synchronization makes it easy to

handle offline scenarios
+ Optimizes offline behavior and data sync
Your app decides when to sync databases
Remote API allows you to work with latest data or
data that isnt on the device

Shared Data (Online)

+ Generated by the enterprise
+ Shared by multiple users/devices
+ e.g. Store Inventory
+ Queried as-needed by the app, such as
for product search or category display

+ Complements JSONStore sync which enables

enterprise integration and encrypted storage
Native Language
Objects (new)

Shared Data

Local
API
Cloudant
User Data

User Data

User/Device Data (Offline)

+ Generated by the user of the app
+ User preferences, wish list, shopping cart
+ Offline data, periodically
synched
2015 IBM
Corporation to the cloud

66

Extending enterprise services via USSD

+ Unstructured Supplementary Service Data (USSD) provides a cost-effective
alternative to mobile apps in emerging markets where feature phones are still
fairly common
+ USSD (Unstructured Supplementary Service Data) is a protocol used by GSM
cellular telephones to communicate with the telecom provider.
MFP enables the following
+ Accept incoming requests from
a USSD gateway and map the
USSD short codes to
corresponding MFP adapters
+ Construct and respond with
USSD menu options
+ Invoke corresponding backend
services via MFP adapters
2015 IBM Corporation

67

Example: Mobile app using MFP for USSD

communication
MFP responds to
the gateway
request with the
USSD menu
options
(configurable)

Telco forwards
this to a USSD
gateway

HTTP/S

USSD
Gateway

Mobile User dials

USSD short code
say, *123#

Gateway maps the

short code to a known
URL provided by the
enterprise and creates
the USSD session

2015 IBM Corporation

MFP
Adapter

Enterprise
backend

Enterprise
68

Managing mobile apps with the MFP Console

2015 IBM Corporation

69

Managing mobile apps with the MFP Console

(continued)

2015 IBM Corporation

70

Managing mobile apps with the MFP Console

(continued)

2015 IBM Corporation

71

Administrators can use CLI or REST API for

management tasks
+ REST API for all administrative operations
List, deploy, delete and change applications and adapters
Device management API
Secured with basic authentication
Role-based access
XML and JSON payload

+ Ant tasks for all administrative operations

Same feature set as REST services
ANT tasks defined in worklight-ant-deployer.jar
Supports SSL and password encryption in ant files
Role-based access

+ Command Line Interface for all administrative operations

Command line version of ant tasks
Role-based access

2015 IBM Corporation

72

Examples of REST API, ANT tasks, and CLI

REST services
+ Get all applications or post a new one
/management-apis/1.0/runtimes/{runtime-name}/applications
+ Get or delete an application
/management-apis/1.0/runtimes/{runtime-name}/applications/{app name}
+ Retrieve or delete an adapter
/management-apis/1.0/runtimes/{runtime-name}/adapters/{adapter-name}
+ Lock an application version
/management-apis/1.0/runtimes/{runtime-name}/applications/{app name}/{environment}/
{version}/accessRule

Ant tasks
+ <wladm url=... user=... password=...|passwordfile=... [secure=...]>
+ <list-apps runtime=... />
+ <delete-app-version runtime=... name=... environment=... version=... />
+
<deploy-adapter runtime=... file=... />
+ </wladm>

Command Line interface

+ wladm --url= --user= ... [--passwordfile=...] lists apps [runtime-name]
+ wladm --url= --user= ... [--passwordfile=...] delete app version [runtime-name] app-name
environment version
+ wladm --url= --user= ... [--passwordfile=...] deploy adapter [runtime-name] filename.adapter
2015 IBM Corporation

73

MFP Operations Console and CLI secured

by default
+ Standard JEE security is used in the
console and CLI tools
+ Login / Logout from the console out
of the box
+ Role based access to the console
+ Simplified connection to user
repositories
Use standard role mapping in
WAS console , Liberty , Tomcat

2015 IBM Corporation

74

Role based access to administration tasks

Role

Description

monitor

Ability to view the deployed MFP projects and the deployed

artifacts, this role is a read-only role

operator

Can do all mobile application management operations but

cannot add or remove application versions or adapters.

deployer

same role as operator but can also deploy apps

and adapters.

administrator

Ability to do all application management operations

including the ability to add new versions of applications and
add and remove adapters. The app administrator can also
configure more information on the application itself such as
runtime specific settings such as SMS proxy configuration.
2015 IBM Corporation

75

In-App Notification in a mobile app using

the console

2015 IBM Corporation

76

Disable a mobile app using the console

2015 IBM Corporation

77

Direct Update for mobile apps on the device

Native Shell
Download

Pre-packaged
resources

App Store

2
3
MFP
Server

1.
2.
3.
4.

Check for
updates

Web
resources

Transfer

Cached
resources

Update web
resource

Web resources packaged with app to ensure initial offline availability

Web resources transferred to app's cache storage
App checks for updates on startup and foreground events
Updated web resources downloaded when necessary, with user confirmation or silently

2015 IBM Corporation

78

Direct update is flexible and optimized

+ Direct update is integrated into the MFP Server security framework and
exposes a client-side API for better control and customization:
Control when to invoke Direct Update
perSession, perRequest, or custom
Disable Direct Update for an app

Description

JavaScript

Direct update events listener class

name

WLDirectUpdateListener

Invoked by MFP framework once

direct update has started

onStart(statusJSON)

invoked by MFP framework once

HTTP chunk has been downloaded

onProgress(statusJSON)

invoked by MFP framework once

onFinish(statusJSON)
direct update has finished (with either
success/failure)

2015 IBM Corporation

STARTED
DOWNLOAD_IN_PROGRESS
UNZIP_IN_PROGRESS
SUCCESS
FAILURE_NETWORK_PROBLEM
FAILURE_DOWNLOADING
FAILURE_NOT_ENOUGH_SPACE
FAILURE_UNZIPPING
FAILURE_ALREADY_IN_PROGRESS
FAILURE_UNKNOWN

79

Direct Update optimization

+ End users receive only the web resources (html, CSS, Javascript) that have
changed between updates instead of the entire web resources package
+ Users receive a differential direct update when the web resources in their app
are one build behind the web resources of the application now being deployed

2015 IBM Corporation

80

Remote-controlled client-side log collection

+ MFP provides a native and JavaScript API for client-side logging
+ Administrator defines log collection profiles on the server which are

automatically retrieved by the MFP client-side runtime

By default sent on init, resume, and 75% full can be customized

+ Administrator can perform analysis and text search of client-side logs via

server-side analytics console

2015 IBM Corporation

81

Unified Client and Server Analytics

+ Out-of-the-box analytics address the following:
User adoption, device and app properties
User actions and called adapter procedures
Performance and data usage information
Exceptions, crashes, logs, response time

2015 IBM Corporation

82

Service integration analytics

+ Robust analytics for service integration usage including average response
time, average data usage, and server usage statistics

2015 IBM Corporation

83

Device analytics
+ Automatically captures information about mobile OS type, mobile OS version,
and device model type

2015 IBM Corporation

84

Server and client log inspection made easy

+ MFP Analytics Console enables easy searching of both client and server logs

2015 IBM Corporation

85

Security Analytics
+ Monitor authentication attempts to better protect against potential attacks
+ Discover reasons for authentication failures and use information to improve
user experience
+ Trace authentication failures back to specific device, network transaction, user, etc.
+ Visualize which resources are protected

2015 IBM Corporation

86

Create custom reports for your organization

+
+
+
+

2015 IBM Corporation

Save Reports
Delete Reports
Edit Report Definition
Secure Reports
87

Application Center for managing the app

testing phase
+ Share apps across developers, testers,
and other stakeholders
iOS, Android, Windows Phone 8, Windows 8,
and BlackBerry 6 and 7

Developers
+ Easily distribute app to testers

Testers
+ Easily find apps and versions to test

Testers
+ Provide rating and feedback directly
from the device

Developers
+ Access all feedback in a centralized manner
2015 IBM Corporation

88

The value of MFP for Hybrid Apps

Focus more on business logic

Decrease development cost

+ Proven optimization framework including Skins

+ Robust and extensible enterprise integration
framework
+ API discovery for SAP and SOAP
+ MFP app runtime for quick data-driven
hybrid apps
+ Encrypted JSON Store with bi-directional
synchronization
+ Efficient geo-location services and geo-fencing

+ Instant hybrid app preview

+ Accurate mobile simulator + visual location
simulator
+ Automated functional testing for hybrid apps
+ Out of the box operational analytics

Manage the mobile app lifecycle

Support the mobile ecosystem

+ Console for app management, version

enforcement, and fine-grained user control
+ Custom app templates and screen templates
+ Custom app components and shell
+ Support for enterprise SDLC integration
+ App Center for managing distributed test
process

+ Cordova is shipped with MFP; IBM provides

bug fixes and production-level support for
version shipped with MFP
+ Proven timely support for new OS versions
+ Support for use of third party libraries and
services

2015 IBM Corporation

89

The value of MFP for Native Apps

Focus more on business logic

Decrease development cost

+ Robust and extensible enterprise integration

framework
+ Proven user and app security framework
+ API discovery for SAP and SOAP
+ Encrypted JSON Store with bi-directional
synchronization
+ Efficient geo-location services and geo-fencing

+ Standard server API for push engagement

+ Automated functional testing for native apps
+ Out of the box operational analytics

Manage the mobile app lifecycle

Support the mobile ecosystem

+ Console for app management, version

enforcement, and fine-grained user control
+ Support for enterprise SDLC integration
+ App Center for managing distributed
test process

+ Proven timely support for new OS versions

+ Support for use of third party libraries
and services

2015 IBM Corporation

90

IBM MobileFirst Platform Key Differentiators

Standards-based
Flexibility and choice
Consumability
Security
Ecosystem

+ Tooling for HTML 5 development and device adaptation

+ Application lifecycle management of HTML5 artifacts
+ Leveraging de-facto standards to provide added value for developers

+ Native / hybrid / web

+ Full coverage of the hybrid spectrum
+ Leverage any 3rd Party JavaScript Framework: More choice!
+ For developers: easy learning curve, small number of programming
models, JS anywhere, small footprint
+ Collaborative development
+ Quick and easy Installation and deployment
+ Flexible security model
+ Portfolio integration
+ Advanced in-app security features

+ IBM products already leveraging MFP as a mobile standard

+ Starting to build a catalog for third-party APIs
+ MobileFirst solutions for testing, team dev, analytics, security and mgmt

2015 IBM Corporation

91

Three Ways to Get Started with IBM

1!
2!
3!

Get MFP Developer Edition here: !

https://developer.ibm.com/mobilefirstplatform/
documentation/getting-started/ !

Talk with your IBM representative or Business

Partner to find the right next step for you
Learn more at http://www.ibm.com/mobilefirst
Interact with us @ibmmobile and #ibmmobile!

2015 IBM Corporation

92

https://developer.ibm.com/mobilefirstplatform/documentation/
getting-started/
Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind,
express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have
the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM
software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities
referenced in these materials may change at any time at IBMs sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature
availability in any way. IBM, the IBM logo, Rational, the Rational logo, Telelogic, the Telelogic logo, and other IBM products and services are trademarks of the International Business Machines
Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
2015 IBM Corporation

94