IBM MobileFirst Platform v7 Tech Overview

IBM MobileFirst Platform
Overview
Additional information line, e.g. presenter name, presentation tagline etc.
Presentation date or version identifier
2015 IBM Corporation
Key enterprise challenges for a successful

mobile journey
Mobile app users are demanding. If my app is not
delivering a great experience I need to know.
Mobile opens up a new set of security considerations.

Our reputation is on the line.
My users want to be even more productive. Personalization
based on the devices context is a huge opportunity.
I need my development teams focused on creating
great app experiences, not figuring out how to
integrate or store data.
Mobile app users are demanding I need to

understand if their needs are being met
Tangerine Bank
100% online
banking
Customers can execute

any banking transactions
securely while on the go
Customers can provide

feedback on services
offered and app
experience
5 Star App Rating
Customer feedback
incorporated back into
the app quickly
The IBM MobileFirst Platform helps IT collect user feedback and analyze app store ratings,
resulting in reduced app development cycles from 6 to 2 weeks. Achieved highest in Customer
Satisfaction Among the Midsize Retail Banks in J.D. Powers Canadian Retail Banking
Customer Satisfaction Study.
Mobile opens up a new set of security

considerations. Our reputation is on the line
China Ministry of Railways
Demand from ~2B
passengers for ticket
sales far surpasses
supply
Created ticket
scalper environment
Hackers created
fake apps to sell
tickets at a premium
The IBM MobileFirst Platform helps authenticate users and secure the app against spoofing.
It also enabled the Mobile app to scale to secure 3.62 billion tickets during 40 day spring
festival.
My users want to be even more productive.

Personalization based on the devices
context is a huge opportunity
Elmec
Employees needed to be more
productive while on a service call
Scans asset barcode, automatic pull of
product and service information, and
provides suggested action
Real-time log update of
changes in asset position
using geo-location
Drive up-sell opportunities
The IBM MobileFirst Platform used GPS, photo, and video features to deliver a contextual
app to manage lease equipment based on location, leveraging a catalog of over 60,000
products. Mobile app includes service and support capabilities.
Mobile apps need data to be rich, but

integrating and storing data in a scalable
way slows down delivery
RunKeeper
App has 30M users and
integrates with 100 3rd party
devices and services
GPS tracks outdoor fitness activities,
including duration, distance, pace, speed,
and path traveled on a map.
As user base grew, app
hit scalability threshold,
performance was effected
Top Rated Health and

Fitness Mobile App
IBM MobileFirst Platform provided seamless data scalability, while delivering a responsive
experience users demanded. Reduced application development and maintenance costs,
improved time-to-market and enhance mobile application governance and security
Great apps share common traits

Always
improving
Data rich
Secure
Relevant
To your
customers
I can do more
on my device
I can trust that

my data is safe
Its better, faster

or more
functional than it
was yesterday
It knows me
where I am, what
Im doing and
what I like
For your
enterprise
My customers
(and other users)
make better
decisions faster
We ensure
sensitive
enterprise data
is secure, in
transit and at
rest.
We easily manage
new releases and
assess and act on
performance and
usage issues
We have deep
insights in our users
and their mobile
experiences
What that
means
IBM MobileFirst Platform provides a

comprehensive set of services delivered in
a modular fashion
New or Existing Apps
Native
Hybrid
HTML5
3rd Party Tools, Services, Apps
Modular Services
Continuously
Improve
Secure
Data Rich
Cloud
Software or SaaS
On premises
3rd Party APIs
Enterprise APIs
Systems of Record
Contextualize
& Personalize
Systems of Engagement
Cloud Services
The IBM MobileFirst Platform

Integrated mobile app development with continuous delivery
Application
Scanning
Quality Assurance Cloudant Local
Application Scanning
Detect code vulnerabilities at the
time of development
Quality Assurance
Server
Studio
Runtime
Console
Application Center
Collect beta test feedback, crashes

and analyze user sentiment
Cloudant Local
Store mobile app data in a NoSQL
database with easy sync capabilities
Foundation
Development, Runtime, Operations
Console & Private Store
Development
Continuous Delivery
IBM MobileFirst Platform Foundation 7.0

Component Overview
10
MFP Foundation 7.0 Highlights

Efficient and scalable app data storage
+ Enable native Android and iOS mobile app developer to store engagement data on-prem
with off-line access, scalable storage, and enterprise integration
+ Make offline operations easier by removing the need to develop complicated sync and
replication logic
Manipulate and query data without worrying about sync logic
Just decide when to sync and if you want to push or pull changes
Standard-based integration and authentication
+ Leverage OAuth 2.0 security standard to securely integrate with new and existing
backend services
+ Streamline usage and operations of new and existing services via a client-side REST API
+ Leverage MobileFirst Platform security and operational analytics capabilities when
directly integrating with RESTful enterprise services
Deep insights that help you deliver better apps
+ Collect data and create custom reports to gain insights customized for your needs
11
IBM MFP Foundation Typical Topology

App
https
Corporate DMZ
Web SSO
Server
https
Load
Balancer
Corporate LAN
MFP
Cluster
MFP
Database
Backend 1
Backend 2
12
Spectrum of mobile app development

approaches
Pure web
Mobile
web site
(browser
access)
Hybrid
Native
shell
enclosing
external
m.site
Prepackaged
HTML5
resources
Pure native
HTML5 +
native UI
Mostly
native,
some
HTML5
screens
Pure
native
Web-Native Continuum
HTML5, JS, and
CSS3 (full site or
m.site)
Quicker and
cheaper way to
mobile
Sub-optimal
experience
HTML5, JS, and

CSS
Usually
leverages
Cordova
Downloadable,
app store
presence, push
capabilities
Can use native
APIs
As previous
+ more
responsive,
available offline
Web + native
code
Optimized user
experience with
native screens,
controls, and
navigation
App fully
adjusted to OS
Some screens
are multiplatform when
makes sense
App fully
adjusted to OS
Best attainable
user experience
Unique
development
effort per OS,
costly to
maintain
13
MFP Studio The IDE for hybrid app

development
+ Eclipse-based IDE
SDKs!
MFP Studio!
Optimization
Framework!
+ Application scaffolding and

componentization
Integrated Device !
SDKs!
3rd Party Library
Integration!
+ Mobile OS-specific optimization

+ Device-specific optimization with Skins
+ 3rd-party library integration for HTML5
and native components
Android!
HTML5, Hybrid, and

Native Coding!
WYSIWG Editor!
and Simulator!
Functional !
Testing!
Blackberry!
Build Engine!
+ Code assist tools with auto-complete and

validation
iOS!
Windows
Phone!
Windows 8!
Java ME!
Mobile Web!
Desktop Web!
+ Quick access to simulators, emulators,

and debugging tools
14
Studio provides authoring, visual design,

simulation, and runtime skins for hybrid apps
15
Seamless integration for native development

and other tools
Use your preferred IDE and tools to develop pure native or hybrid Apps
Complements native IDEs with tools to perform MFP tasks
Simple Interactive assistance

+ mfp create
[?] What do you want to name your project? MyProj
Project MyProj created
+ cd MyProj
+ mfp add api
[?] What do you want to name your native API? MyIosApi
[?] What platform do you want to target?
Android
iOS
Java ME
Windows Phone 8
Native api for ios created
16
Example CLI commands for native apps

+ mfp create
[?] What do you want to name your project? MyProj
Project MyProj created
+ cd MyProj
+ mfp add api
[?] What do you want to name your native API? MyIosApi
[?] What platform do you want to target?
Android
iOS
Java ME
Windows Phone 8
Native api for ios created
Context aware builds

+ mfp build
+ mfp deploy
If at project level, all apps and adapters are built.

If in adapters (all or single), then only those are built.
If within a single app, then only that app is processed.
If within a single env of app, only it is built and deployed.
Embedded MFP Server control

+ mfp start
+ mfp console
+ mfp stop
The mfp run command is a long running task that starts

the server, and tails (follows) the server log file
17
Example CLI commands for hybrid apps

+ mfp add hybrid
[?] What do you want to name your app? MyHybrid
+ cd apps/MyHybrid
+ mfp add environment
[?] What environments you want to add to the hybrid app?
iPhone
iPad
Android phone and tablets
BlackBerry 6 and 7
BlackBerry 10
Windows Phone 8
Windows 8 desktop and tablets
Mobile web app
+ mfp build
+ mfp deploy
+ mfp console
18
Example CLI commands for adapters

+ mfp add adapter Accounts --type http
+ edit adapters/Accounts/Accounts*
+ mfp build && mfp deploy
Implement desired procedures
Interactively test the adapter

+ mfp invoke
[?] Which adapter do you want to use? (Use arrow keys)
Accounts
Foo
[?] Which procedure do you want to invoke? (Use arrow keys)
getAccountList
getAccount
Direct syntax
[?] Enter the comma-separated parameters: "111-001"

Invoking Accounts:getAccount...
Arguments:
[ "111-001 ]
Invocation result:
{
"id": "111-001",
"balance": 623.45,
. . .
}
mfp invoke Accounts:getAccount '["111-001"]

{
"id": "111-001",
"name": "Checking",
. . .
}
19
MFP gives developers complete control

over their app
Attractive
App Startup
Engaging UI
Compelling
app flow
+
+
+
+
Control default splash screen behavior

Add a custom splash screen
Start application with native screen
Control MFP framework initialization, e.g. in background
+
+
+
+
Display a specified native screen in full screen

Mix native and web components on a same screen
Control native components that host web application
Use native components hosting web application inside of a
container
+ Call native code from JavaScript and vise-versa

+ Invoke both native and JavaScript MFP Client APIs in any
order e.g. authenticate in native, UI in HTML5
20
Unsurpassed flexibility in hybrid development

Complete freedom in mixing native and web code in the same app
Native header with
button, title and icon
Native and web

components on a
same screen
WebView with web
components
Native scrolling ticker

21
Bridge native and hybrid elements with an

action API
+ First bullet: Use the MFP action API to enable native-hybrid
communication:
L2 Send data from JavaScript to Native
Send data from Native to JavaScript
Register Native action handlers
Register JavaScript action handlers
Example: Clicking native side menu button triggers web UI change
22
Create reusable enterprise UI patterns

+ Create and reuse custom UI patterns
For corporate branding
Improved governance: Patterns which were

adequately designed, implemented and tested
+ Patterns contain HTML, CSS and JS

resources
+ Package patterns inside a pre-defined
archive format, so that they can be
distributed among teams to re-use in
their projects with MFP Studio
23
Create custom components and templates
Add
Components and
templates to an
MFP Project
Create
components
and
templates
Shareable ZIP archives

.wlc or .wlt extns
+ Save development time by reusing code
+ Help enforcing governance by providing
ready-made, tested components with
corporate-approved code and branding
+ Created and managed using an MFP
Studio wizard
+ Custom screen patterns

HTML, CSS and JS resources
Extend the list of out-of-the-box patterns
+ Application Components
Reusable libraries (Client or server runtime)
that developers can add to apps
+ MFP Project Templates
A reusable hybrid project that developers can
use to jump start new application development
24
IBM MobileFirst SDK for Xamarin

+ With IBM MobileFirst Platform Foundation SDK, Xamarin developers can build rich
native enterprise grade mobile apps for iOS and Android devices using C# language
https://
components.xamarin.com/
view/ibm-worklight
IBM MFP
Xamarin
Studio
Security
Integrated
Services
Authentication
Integration
Notifications
App Management
Analytics
25
Rapid testing of hybrid apps with the Mobile

Browser Simulator
+ Accurate simulation of the apps HTML5 screens (e.g., right fonts, sizes, and layout)
+ Supports Cordova and MFP client API
26
Mobile Functional Test Tools

+ Comprehensive, complete, resilient functional testing
Android and iOS, native and hybrid
HTML and JQuery
Record, edit, and run on mobile devices or emulator
Same test runs across multiple devices in the platform family
Natural language scripts can be used by developers and non-developers alike
+ Simple process
Record
Author
Playback
Report
27
IBM MobileFirst Platform Quality Assurance

Delivers mobile app quality across a fragmented environment with end user
feedback and quality metrics available at every stage of development.
Evidence-based prioritization enable
business and IT to collaborate on mobile strategy
and user experience
Over the air app distribution get the latest in
the hands of testers as soon as it is available
Frictionless bug reporting spend every minute
on testing latest and greatest builds,
not the hassles
In-app crash reporting rapid understanding
of why an app fails
Sentiment analysis mine app ratings and
reviews to extract actionable feedback before they
go viral
28
Get the details behind app sentiment score

at a glance
App category, app quality score, # of reviews & daily average, trend
Quality attribute, # of reviews & daily

average, trend, and signals
29
Quality attribute scorecard
30
Compare your app against your competitors
31
Discover whats trending with top review

clusters
32
MobileFirst Platform Application Scanning
Detect vulnerabilities at the time of code change to reduce risk of data leakage
and breaches
+ A single Eclipse Integrated Development
Environment (IDE). Scan existing code
projects or MFP Studio projects
+ Native and hybrid mobile applications support
+ Enhanced JavaScript analysis, which
includes improved performance and
additional framework support
+ Optionally connect to IBM Security AppScan
Enterprise Server to share scan
configurations, filters, and custom rules
across all projects
Application
Scanning!
33
Security Features Mapping

Proactively enforce
security updates
Protect data on the device
Encrypted
cache / DB
Offline
authentication
Secure
challengeresponse on
startup
App
authenticity
testing
Mobile
platform as a
trust factor
Authentication
integration
framework
Data
protection
realms
Coupling
device id with
user id
Streamline corporate
security approval
processes
Device
provisioning
integration
Proven
platform
security
Provide robust
authentication and
authorization to secure users
Remote
disable
SSL with
server
identity
verification
Direct update
Code
obfuscation
Protect from
Known Application
Security Threats
34
Flexible authentication framework

+ Security tests are a series of realm tests which
can be put into a sequence or all or nothing
MFP
Client
SDK
JSON
HTTPs
Protecting resources, procedures and mobile apps
MFP
Server
+ MFP provides framework for users to define the

security test and the individual real test
+ There are also out-of-the-box pre-packaged
realm tests and security tests (e.g. form-based
auth, LTPA auth, cookie-based auth)
Security Tests are

triggered on startup
or on demand.
Security Tests
Realm4: Custom Authentication

Realm3: User Credential Testing (Question 2)
Realm2: User Credential Testing (Question 1)
Realm1: App Authenticity Testing
35
OAuth 2.0 Support

+ MFP Server provides REST endpoints for OAuth-based authorization
+ Developers can extend the mobile-specific security and analytics capabilities
of MFP to existing enterprise services
+ Approach does not require any changes to existing enterprise services
36
User-certificate provisioning for client-side

authentication
+ X509 certificates
Are installed on devices and can can be used to automate user authentication
+ Certificate provisioning options

For all apps on a device
For a particular app
+ Benefits
Cost saving: Certificates are typically provided by MDM solutions and is quite costly (some charge $70
per device).
Usability: Simple, automated user authentication; Users device does not need to be managed by an MDM
37
Protecting data on the device

Protect data on the device!
Encrypted
cache / DB
Offline
authentication
Secure
challengeresponse on
startup
App
authenticity
testing
Device theft
Offline access
Phishing, repackaging
Device
provisioning
integration
+ Encrypted JSON Store

+ Offline authentication using password
+ Extended authentication with server using secure challenge response
+ App authenticity testing: server-side verification mechanism to mitigate risk of Phishing through
repackaging or app forgery
+ Device provisioning integration: allow for the authentication of devices in addition to apps and users
+ HTTPS/TLS based initiation of MFP Server connectivity from MFP Client runtime using FIPS 140-2
compliant libraries
- Tie in with User-Provision to use X509 Cert in establishing HTTPS/TLS connection using user certificate
- On top of the already compliancy for communication (data in transit) and for storage (JSONStore)
38
Application Authenticity
+Mobile apps installed on a device represent a point of vulnerability
Apps are binary packages protected by mobile OS but that may not be enough
+MobileFirst Platform helps protect your enterprise from compromised apps by

detecting potential tampering and blocking access from the app to the enterprise
Administrative tools make it easy to enable and monitor app authenticity
+Application authenticity protections apply to Android, iOS, and WP8 platforms
39
Application Security
Proven
platform
security
SSL with
server
identity
verification
Code
obfuscation
+ Proven platform security: tested by the most

demanding customers (e.g., top tier banks)
+ Client<->Middleware communications over
HTTPS to prevent data leakage
Protect from
Known Application
Security Threats !
+ Server certificate is automatically verified

to thwart man-in-the-middle attacks
+ Developers can obfuscate application JS
code to make static analysis more difficult
+ SQL adapter designed to mitigate
SQL-injection
+ Built-in audit trail
Hacking
Eavesdropping
Man-in-the-middle
40
Protecting app source code

+ Obfuscate and minimize JavaScript
resources to better protect source code in
a hybrid app
Simple wizard in both Studio and CLI environments
+ Google Closure used to perform obfuscation

and minification
+ Android ProGuard support makes it easy to
encrypt Java resources included in an
Android app
+ Predefined ProGuard configuration files are
included for ease of use
41
Block access to specified devices or apps

+ Allows MFP admin to block a devices access to the MFP Server
+ Admin has the option to block access for the entire device or for a particular
application on the device
+ Device can be marked as stolen, lost, or disabled for record keeping
42
Key generation, encryption, and decryption

APIs
+ MFP provides APIs that make it easy to secure content used by the app (PDFs,
images, text documents, etc.) on a device
+ The APIs provide key generation, encryption, and decryption capabilities
+ Key generation, encryption and decryption APIs can be used in conjunction with
the JSONStore
43
Secure inter-application data sharing

+ New API allows developers to securely share data between applications in an
application family
+ The API can be used to share security tokens and other small data sets
Data is always shared as a string
+ Native API support on iOS and Android in addition to JavaScript API

Hybrid applications
WL.Client.setSharedToken({key: myName, value: myValue})
WL.Client.getSharedToken({key: myName})
WL.Client.clearSharedToken({key: myName})
iOS native applications
[WLSimpleDataSharing setSharedToken: myName value: myValue];
NSString* token = [WLSimpleDataSharing getSharedToken: myName]];
[WLSimpleDataSharing clearSharedToken: myName];
Android native applications
WLSimpleSharedData.setSharedToken(myName, myValue);
String token = WLSimpleSharedData.getSharedToken(myName);
WLSimpleSharedData.clearSharedToken(myName);
44
Device Single Sign-On (SSO)

+ Enables a mobile user to authenticate once and gain access to all apps from the
same organization (technically, with the same developer certificate) without reauthenticating.
+ Supports integration with DataPower, ISAM, and other web gateways
Implemented using combination

of server-side capabilities
(realms) and unique device
identification (device ID)
Session x
MFP
Server
App 1
ID
Duplicate after receiving

ID fro App 2
Session y
App 2
On successful login the

authentication state is saved
in the database and used for
validations in subsequent
sessions from the same device.
45
secure Mobile OS key store
+ Implementation
Enforcing security updates

Cant rely on users
getting the latest
software update on
their own
+ Remote Disable: shut down

specific versions of a
downloadable app, providing
users with link to update
Proactively enforce
security updates
Remote
disable!
Direct
update!
+ Direct Update: automatically

send new versions of the
locally-cached HTML/JS
resources to installed apps
46
Controlled back-end integration

+ From multiple point-to-point
integrations
+ To streamlined, transparent access

MFP transforms enterprise data into
mobile-friendly, JSON format
Multiple sets of integrations to enterprise

resources to build and maintain
MFP Server manages caching, data

synchronization and end-to-end encryption
YOU manage caching, synchronization

and end-to-end encryption
App
App
DB
ERP
Engine
Cloud
Service
ERP
Engine
DB
SQL
HTTP (REST, SOAP), JMS
Cloud
Service
SAP
HTTP, CAST IRON
MFP Adapters
MFP
SERVER
JSON
Apple
Android
Blackberry
Windows
Apple
Android
Blackberry
Windows
47
MFP Server: Adapters
+
+
+
+
Run time
Lightweight server-side logic to expose systems of records in a
mobile-friendly way
Automatic JSON transformation of enterprise data for quick
transport and ease of consumption by mobile developer
Server-side service composition to reduce number of
requests over slow mobile network
XSLT to reduce fat SOAP responses
Security
Automatic enablement of server-side authentication
control and audit
Analytics
Automatic collection of user actions and device and
app properties
Data sync
Enables synchronization with on-device JSON Store
Mobile user engagement
Push notifications and geo-based event management
For the server developer

+ JS anywhere: Simple APIs for server-side JavaScript development
+ Extensibility: Java API for custom adapters
For the client developer
+ Easy-to-use, consistent client-side API to call any back-end system
SQL /
JDBC
SOAP /
HTTP
JMS
REST
CAST
IRON
Java
Extension
MFP Server
Enterprise back-ends and
Enterprise
back-ends and
cloud services
Enterprise
back-ends and
cloud services
cloud services
48
Zero-code service integration for your apps

+ Analyze SAP (NetWeaver Gateway), REST, and SOAP services to create adapters
with no manual coding
+ Discover target services and select the operations you want to use in your
mobile app
+ Work with WSDL, SAP service definitions, and any RESTful endpoint over HTTP(S)
49
Automatic adapter generation for IBM BPM

workflows
+ Integrate IBM BPM workflows into your
apps without manual development
+ Use Service Discovery to explore and
select existing processes for integration
+ Work with IBM Business Process Manager
v8.5.6 and above
+ Use a standard BPM adapter to gain REST
access to processes
+ Use the BPM management console to
export an MFP project or adapter from
an IBM BPM process app
50
Java Adapters
+ Enable custom service development for
mobile app projects
+ Utilize JAX-RS standard-based deployment
model to describe REST service
+ Accessible using standard REST
conventions; URLs, and HTTP verbs
+ Leverage OAuth for MFP security
protection and analytics gathering
51
SAP Java Connector (SAP JCo) Adapter

+ Integrate your mobile apps to SAP systems
without requiring NetWeaver
+ Deploy adapters that provide a direct
interface to JCo functions
+ Utilize the new
WL.Server.invokeSAPFunction API
+ Provide configuration info for SAP server
and user authentication
52
RESTful access pattern for adapters and

enterprise services
+ Provides a RESTful invocation model for
deployed adapters/existing services
+ Allows consumption of adapters by nonmobile clients
+ Enables management of adapter invocations
by API Management solutions (i.e. IBM API
Management)
+ Extends MFP security protections via
OAuth model
+ Retains support for existing invocation model
53
Centralized push notifications

To the simplicity of one
Unified push management
From the complexity of many

Multiple sets of push services to manage
SMS/MMS
Brokers
MFP Unified Push Framework
Google
Push
Apple
Push
Microsoft
Push
Google
Push
Microsoft
Push
SMS/MMS
Brokers
Feature
Phones
Android
Apple
Apple
Push
Windows
Apple
Android
Windows
Feature
Phones
54
Unified Push Notifications

+ Uniform access to push notifications providers
Register for, notify, and receive a notification via MFP APIs or SMS
+ Register for and send SMS based notifications

E.g., for feature phones
Back-end
Back-end
System!
System!
Notification
State
Database
Polling
Adapters
Unified
Push API
Back-end
Back-end
System!
System!
Messagebased
Adapters
UserDevice
Database
Administrative Console
iOS
Dispatcher
iOS
Push API
Apple Push
Servers
(APN)
MFP
Client-side
Push Services
Android
Dispatcher
Android
Push API
Google Push
Servers
(GCM)
MFP
Client-side
Push Services
Windows
Phone
Dispatcher
Windows
Push API
MPNS/WNS
MFP
Client-side
Push Services
Broker API
SMS/MMS
Brokers
SMS
Dispatcher

Notification statistics, SMS subscription
control
Optional 2-way SMS
55
iOS Push Notifications

+ Interactive Push Notifications
Enable developers to send Interactive Notification for iOS 8 devices
Prompts users to take action without leaving the application they are in
API support for defining category to tell the device to show predetermined set of buttons
+ Silent Push Notifications

Enable developers to send silent notification to iOS 7 onwards devices
API support for sending and receiving\handling silent push notification
56
Android Push Notifications

+ Android Notifications
Support for Heads-up notification for receiving high priority notifications while using the device
Support for Cloud Sync notifications
Provide APIs to set appropriate priority
Notification support on the device lock screen
Provide APIs for what to show on lock screen
+ Server side
Optional fields in GCM properties of notification attributes
GCM: {
'visibility':''
(public, private, secret)
'priority':''
(max,high,default,low,min)
bridge': ''
(true,false)
'category':'' (promo,recommendation,social..)
..
}
+ Client side
Extract all the parameters from the received notification
Use the Notification.Builder API to build the notification object with all the extracted values
57
Segmenting users for push notifications

+ Group notifications based on tags
Notifications are targeted to only a select set of users based on their topics of interest
Tags allow message producers / senders to segment devices
One or more tags can exist per application
Defined in application-descriptor.xml created during deployment
+ Broadcast, unicast and narrowcast notifications

New APIs available to send a notification to all the devices that installed the application
Also provides for an option to opt out of receiving broadcast notifications
Enhanced APIs to send a notification to specific user or device that installed the application
Support for a notification targeted to devices of a particular platform that installed the application
58
Push notification management features

+ APNS Certification Expiration Management
Detect if the application has APNS certificate and then display the certification expiration date:
on the application catalog in the console.
Provide warning message while deploying the app with already expired APNS certificate
Provide REST API support for updating the expired APNS certificate and password
+ Push Notification Management APIs

Rest APIs to submit a message with the specified options to the devices specified by target
Rest APIs to Create, Delete and update a tag
Credential management for GCM, MPNS and certificate management for APNS
59
Two-way SMS communication

+ Why SMS?
For feature phone users: A preferred mode of interaction
For roaming users: When data roaming fees are not affordable
In emerging markets: More reliable than Internet connection
+ SMS in MobileFirst Platform

HTTP integration with SMS gateway or aggregator for the SMS delivery
Seamless backend integration, mapping of incoming SMS to the relevant backend calls
+ Mobile user enterprise

SMS
HTTPS
MFP
Server
Backend
Service
Sends SMS messages based on

keywords published by the enterprise
+ Enterprise mobile user

Responds to a user request
SMS Gateway
Initiates a new request by sending an

SMS notification to a subscribed user
60
MobileFirst Platform Geo-Location Services

Collect and use on the mobile device
Efficient, controlled
acquisition of GPS,
triangulation, and
Wi-Fi coordinates in
background and
foreground
Define points
of interest and
geo-fences
Trigger actions
based on location
changes
Store while offline,

Efficiently send to
server
Use on the server
Store
Integrate context
information with
business
processes
API availability
+ Hybrid: iOS, Android, Windows Phone 8
+ Native: IOS and Android
Handle business
events
Perform analytics
Scenarios debugable with MFPs

Mobile Simulator
61
Enhancing engagement via beacon integration

+ Detect and act based on proximity to beacons
Deliver location relevant messages, information, promotions, etc. that prompt users to take action
+ Enable developers and administrators to take advantage of beacons

Admin registers and manages beacons using command line tool
Admin creates triggers that fire when users are in proximity of beacon
Developer can easily query beacon information and act on proximity triggers
62
Mobile Data support: JSON Store

+ On-device, mobile database support
+ Server-to-client Sync
Embedded JSON mobile database

JavaScript APIs to store, query and update the
data in offline mode using MongoDB-like APIs
Retrieve, store and keep data store up-to-date

using adapters
+ Client-to-server Sync
+ Encrypt sensitive data

Using a key provided by developer or obtained
as users password
Simplify write actions on data while the app is

offline and send these actions to the server
+ Enterprise API-based
Apple Touch ID support

FIPS140-2-compliant
MFP
Server
JSON
Store
Mobile App
JSON
MFP
Adapter
XML, JDBC,
Corporate SOA /
Enterprise Bus
Leverages corporate API / SOA layer to access

sensitive enterprise data
Back-end
system or
database
63
IBM Mobile First Platform Cloudant Local
+ The power of Cloudant NoSQL database in the privacy of your data center
+ IBM Mobile First Platform includes Cloudant Local single node license
+ Upgrade to multi-node clusters for high availability and scalability
Elastic Scalability
Multi-Structured Data
Data Mobility
64
Scalable Data Service and APIs with

Flexible Deployment Options
+ Rapid schemaless development
limits dependency on IT
Cloudant
+ Store Data on-cloud or

on-prem
+ Consistent APIs in cloud

and on premise
Multitenant
Cloudant
Mobile App
+ On-cloud for fully managed,

automatic scaling
+ On-prem for more control,
data isolation
Native CRUD
Query
Sync
Device DB
Multitenant
Cloudant
On-Device
Cloudant Local
Single Node
Single Node License Included

Multitenant Multitenant
Cloudant
Cloudant
Upgrade to Multi-Node Clusters for

High Availability and Scalability
65
Optimized synchronization makes it easy to

handle offline scenarios
+ Optimizes offline behavior and data sync
Your app decides when to sync databases
Remote API allows you to work with latest data or
data that isnt on the device
Shared Data (Online)

+ Generated by the enterprise
+ Shared by multiple users/devices
+ e.g. Store Inventory
+ Queried as-needed by the app, such as
for product search or category display
+ Complements JSONStore sync which enables

enterprise integration and encrypted storage
Native Language
Objects (new)
Shared Data
Local
API
Cloudant
User Data
User Data
User/Device Data (Offline)

+ Generated by the user of the app
+ User preferences, wish list, shopping cart
+ Offline data, periodically
synched
2015 IBM
Corporation to the cloud
66
Extending enterprise services via USSD

+ Unstructured Supplementary Service Data (USSD) provides a cost-effective
alternative to mobile apps in emerging markets where feature phones are still
fairly common
+ USSD (Unstructured Supplementary Service Data) is a protocol used by GSM
cellular telephones to communicate with the telecom provider.
MFP enables the following
+ Accept incoming requests from
a USSD gateway and map the
USSD short codes to
corresponding MFP adapters
+ Construct and respond with
USSD menu options
+ Invoke corresponding backend
services via MFP adapters
67
Example: Mobile app using MFP for USSD

communication
MFP responds to
the gateway
request with the
USSD menu
options
(configurable)
Telco forwards
this to a USSD
gateway
HTTP/S
USSD
Gateway
Mobile User dials

USSD short code
say, *123#
Gateway maps the

short code to a known
URL provided by the
enterprise and creates
the USSD session
MFP
Adapter
Enterprise
backend
Enterprise
68
Managing mobile apps with the MFP Console
69

(continued)
70

(continued)
71
Administrators can use CLI or REST API for

management tasks
+ REST API for all administrative operations
List, deploy, delete and change applications and adapters
Device management API
Secured with basic authentication
Role-based access
XML and JSON payload
+ Ant tasks for all administrative operations

Same feature set as REST services
ANT tasks defined in worklight-ant-deployer.jar
Supports SSL and password encryption in ant files
Role-based access
+ Command Line Interface for all administrative operations

Command line version of ant tasks
Role-based access
72
Examples of REST API, ANT tasks, and CLI

REST services
+ Get all applications or post a new one
/management-apis/1.0/runtimes/{runtime-name}/applications
+ Get or delete an application
/management-apis/1.0/runtimes/{runtime-name}/applications/{app name}
+ Retrieve or delete an adapter
/management-apis/1.0/runtimes/{runtime-name}/adapters/{adapter-name}
+ Lock an application version
/management-apis/1.0/runtimes/{runtime-name}/applications/{app name}/{environment}/
{version}/accessRule
Ant tasks
+ <wladm url=... user=... password=...|passwordfile=... [secure=...]>
+ <list-apps runtime=... />
+ <delete-app-version runtime=... name=... environment=... version=... />
+
<deploy-adapter runtime=... file=... />
+ </wladm>
Command Line interface

+ wladm --url= --user= ... [--passwordfile=...] lists apps [runtime-name]
+ wladm --url= --user= ... [--passwordfile=...] delete app version [runtime-name] app-name
environment version
+ wladm --url= --user= ... [--passwordfile=...] deploy adapter [runtime-name] filename.adapter
73
MFP Operations Console and CLI secured

by default
+ Standard JEE security is used in the
console and CLI tools
+ Login / Logout from the console out
of the box
+ Role based access to the console
+ Simplified connection to user
repositories
Use standard role mapping in
WAS console , Liberty , Tomcat
74
Role based access to administration tasks

Role
Description
monitor
Ability to view the deployed MFP projects and the deployed

artifacts, this role is a read-only role
operator
Can do all mobile application management operations but

cannot add or remove application versions or adapters.
deployer
same role as operator but can also deploy apps

and adapters.
administrator
Ability to do all application management operations

including the ability to add new versions of applications and
add and remove adapters. The app administrator can also
configure more information on the application itself such as
runtime specific settings such as SMS proxy configuration.
75
In-App Notification in a mobile app using

the console
76
Disable a mobile app using the console
77
Direct Update for mobile apps on the device

Native Shell
Download
Pre-packaged
resources
App Store
2
3
MFP
Server
1.
2.
3.
4.
Check for
updates
Web
resources
Transfer
Cached
resources
Update web
resource
Web resources packaged with app to ensure initial offline availability

Web resources transferred to app's cache storage
App checks for updates on startup and foreground events
Updated web resources downloaded when necessary, with user confirmation or silently
78
Direct update is flexible and optimized

+ Direct update is integrated into the MFP Server security framework and
exposes a client-side API for better control and customization:
Control when to invoke Direct Update
perSession, perRequest, or custom
Disable Direct Update for an app
Description
JavaScript
Direct update events listener class

name
WLDirectUpdateListener
Invoked by MFP framework once

direct update has started
onStart(statusJSON)
invoked by MFP framework once

HTTP chunk has been downloaded
onProgress(statusJSON)
invoked by MFP framework once

onFinish(statusJSON)
direct update has finished (with either
success/failure)
STARTED
DOWNLOAD_IN_PROGRESS
UNZIP_IN_PROGRESS
SUCCESS
FAILURE_NETWORK_PROBLEM
FAILURE_DOWNLOADING
FAILURE_NOT_ENOUGH_SPACE
FAILURE_UNZIPPING
FAILURE_ALREADY_IN_PROGRESS
FAILURE_UNKNOWN
79
Direct Update optimization

+ End users receive only the web resources (html, CSS, Javascript) that have
changed between updates instead of the entire web resources package
+ Users receive a differential direct update when the web resources in their app
are one build behind the web resources of the application now being deployed
80
Remote-controlled client-side log collection

+ MFP provides a native and JavaScript API for client-side logging
+ Administrator defines log collection profiles on the server which are
automatically retrieved by the MFP client-side runtime

By default sent on init, resume, and 75% full can be customized
+ Administrator can perform analysis and text search of client-side logs via
server-side analytics console
81
Unified Client and Server Analytics

+ Out-of-the-box analytics address the following:
User adoption, device and app properties
User actions and called adapter procedures
Performance and data usage information
Exceptions, crashes, logs, response time
82
Service integration analytics

+ Robust analytics for service integration usage including average response
time, average data usage, and server usage statistics
83
Device analytics
+ Automatically captures information about mobile OS type, mobile OS version,
and device model type
84
Server and client log inspection made easy

+ MFP Analytics Console enables easy searching of both client and server logs
85
Security Analytics
+ Monitor authentication attempts to better protect against potential attacks
+ Discover reasons for authentication failures and use information to improve
user experience
+ Trace authentication failures back to specific device, network transaction, user, etc.
+ Visualize which resources are protected
86
Create custom reports for your organization
+
+
+
+
Save Reports
Delete Reports
Edit Report Definition
Secure Reports
87
Application Center for managing the app

testing phase
+ Share apps across developers, testers,
and other stakeholders
iOS, Android, Windows Phone 8, Windows 8,
and BlackBerry 6 and 7
Developers
+ Easily distribute app to testers
Testers
+ Easily find apps and versions to test
Testers
+ Provide rating and feedback directly
from the device
Developers
+ Access all feedback in a centralized manner
88
The value of MFP for Hybrid Apps

Focus more on business logic
Decrease development cost
+ Proven optimization framework including Skins

+ Robust and extensible enterprise integration
framework
+ API discovery for SAP and SOAP
+ MFP app runtime for quick data-driven
hybrid apps
+ Encrypted JSON Store with bi-directional
synchronization
+ Efficient geo-location services and geo-fencing
+ Instant hybrid app preview

+ Accurate mobile simulator + visual location
simulator
+ Automated functional testing for hybrid apps
+ Out of the box operational analytics
Manage the mobile app lifecycle
Support the mobile ecosystem
+ Console for app management, version

enforcement, and fine-grained user control
+ Custom app templates and screen templates
+ Custom app components and shell
+ Support for enterprise SDLC integration
+ App Center for managing distributed test
process
+ Cordova is shipped with MFP; IBM provides

bug fixes and production-level support for
version shipped with MFP
+ Proven timely support for new OS versions
+ Support for use of third party libraries and
services
89
The value of MFP for Native Apps

Focus more on business logic
Decrease development cost
+ Robust and extensible enterprise integration

framework
+ Proven user and app security framework
+ API discovery for SAP and SOAP
+ Encrypted JSON Store with bi-directional
synchronization
+ Efficient geo-location services and geo-fencing
+ Standard server API for push engagement

+ Automated functional testing for native apps
+ Out of the box operational analytics
Manage the mobile app lifecycle
Support the mobile ecosystem
+ Console for app management, version

enforcement, and fine-grained user control
+ Support for enterprise SDLC integration
+ App Center for managing distributed
test process
+ Proven timely support for new OS versions

+ Support for use of third party libraries
and services
90
IBM MobileFirst Platform Key Differentiators
Standards-based
Flexibility and choice
Consumability
Security
Ecosystem
+ Tooling for HTML 5 development and device adaptation

+ Application lifecycle management of HTML5 artifacts
+ Leveraging de-facto standards to provide added value for developers
+ Native / hybrid / web

+ Full coverage of the hybrid spectrum
+ Leverage any 3rd Party JavaScript Framework: More choice!
+ For developers: easy learning curve, small number of programming
models, JS anywhere, small footprint
+ Collaborative development
+ Quick and easy Installation and deployment
+ Flexible security model
+ Portfolio integration
+ Advanced in-app security features
+ IBM products already leveraging MFP as a mobile standard

+ Starting to build a catalog for third-party APIs
+ MobileFirst solutions for testing, team dev, analytics, security and mgmt
91
Three Ways to Get Started with IBM
1!
2!
3!
Get MFP Developer Edition here: !

https://developer.ibm.com/mobilefirstplatform/
documentation/getting-started/ !
Talk with your IBM representative or Business

Partner to find the right next step for you
Learn more at http://www.ibm.com/mobilefirst
Interact with us @ibmmobile and #ibmmobile!
92
https://developer.ibm.com/mobilefirstplatform/documentation/
getting-started/
Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind,
express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have
the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM
software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities
referenced in these materials may change at any time at IBMs sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature
availability in any way. IBM, the IBM logo, Rational, the Rational logo, Telelogic, the Telelogic logo, and other IBM products and services are trademarks of the International Business Machines
Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
94

IBM MobileFirst Platform v7 Tech Overview

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

IBM MobileFirst Platform v7 Tech Overview

Uploaded by

Copyright:

Available Formats

IBM MobileFirst Platform

2015 IBM Corporation

Key enterprise challenges for a successful

Mobile opens up a new set of security considerations.

Mobile app users are demanding I need to

Customers can execute

Customers can provide

Mobile opens up a new set of security

My users want to be even more productive.

Drive up-sell opportunities

Mobile apps need data to be rich, but

Top Rated Health and

Great apps share common traits

I can trust that

Its better, faster

2015 IBM Corporation

IBM MobileFirst Platform provides a

3rd Party Tools, Services, Apps

3rd Party APIs

2015 IBM Corporation

The IBM MobileFirst Platform

Quality Assurance Cloudant Local

Collect beta test feedback, crashes

IBM MobileFirst Platform Foundation 7.0

2015 IBM Corporation

MFP Foundation 7.0 Highlights

IBM MFP Foundation Typical Topology

Spectrum of mobile app development

HTML5, JS, and

2015 IBM Corporation

MFP Studio The IDE for hybrid app

+ Application scaffolding and

+ Mobile OS-specific optimization

HTML5, Hybrid, and

+ Code assist tools with auto-complete and

+ Quick access to simulators, emulators,

2015 IBM Corporation

Studio provides authoring, visual design,

2015 IBM Corporation

Seamless integration for native development

Simple Interactive assistance

Example CLI commands for native apps

Context aware builds

If at project level, all apps and adapters are built.

Embedded MFP Server control

The mfp run command is a long running task that starts

Example CLI commands for hybrid apps

2015 IBM Corporation

Example CLI commands for adapters

Implement desired procedures

Interactively test the adapter

[?] Enter the comma-separated parameters: "111-001"

mfp invoke Accounts:getAccount '["111-001"]

2015 IBM Corporation

MFP gives developers complete control

Control default splash screen behavior

Display a specified native screen in full screen

+ Call native code from JavaScript and vise-versa

2015 IBM Corporation

Unsurpassed flexibility in hybrid development

Native and web

Native scrolling ticker

Bridge native and hybrid elements with an

Example: Clicking native side menu button triggers web UI change