Worklight Introduction

Lennert de Waal lennert.dewaal@nl.ibm.com Worklight Introduction

6 November Oslo Worklight Workshop at the IBM office On the agenda IBM Mobile Foundation overview Demo What can Worklight do? Introduction to app development using Worklight Server and application management Advanced client-side development 3 LABs Lab 1 Developing your first Worklight application Lab 2 Securing and managing a mobile application Lab 3 Implementing Environment optimization and basic APIs Contact: Imran Zafar zafar@no.ibm.com 2

3

4

5

Be where your customers expect you to be Today's Customers are... Today's Customers are looking for... Mainstream and technically sophisticated Use a variety of access points (multi-devices) Frequently move in and out of channels or channel switching Go where they want, on their terms Are critical and impatient of channels that do not deliver Best in class experiences Consistent content and messaging across channels Not necessarily identical experience across channels and devices Seamless movement between channels and devices Experiences that play on strengths of each channel and device 6

The mobile reality 7

Mobile is the next stage in the evolution of computing Mobile/Wireless/Cloud Web/Desktop Client/Server Host/Mainframe Mobile is different: Ubiquitous computing Mixed models web/native/hybrid A different type of app context aware Revolutionary to business models 8

What s next? Is today s mobile discussion merely a prelude to a much larger technical change in computing? Android Vehicles Todays smartphones are 60 times faster than a CRAY-1 supercomputer of 1982... Source: Linpack JAVA Floating Point benchmarks http://www.greenecomputing.com/apps/linpack/linpack-top-10/ Android Microwave Android Televisions Android Fridge Android sunglasses Smartphones Tablets THE INTERNET OF THINGS 9

Mobile handset dominance keeps shifting 1995 Palm 500,000 units sold in 6mts. 70% market share 2001 Nokia 40% Market share of all mobile phones 2013+ Android Has 43.7 of the US smartphone market 10/11 2008 RIM Fastest growing stock. 56% of smartphones, 77% 3yr CAGR (19.7% share in 10/11 2015+?? 2011 Apple Most valuable company in the world, 27.3% of US smartphones 10

Mobile is a mandatory transformation 20 Billion connected devices by 2020 61% of CIOs put mobile as priority increased productivity 45%with mobile apps 11

Fundamentally changing industries Retail Financial Services Distribution Mobile banking will be the most widely used banking channel by 2020, if not sooner. This was predicted in 2010 by Deloitte. NL: in 2012 Mobile Banking traffic exceeded internet ebanking! Source: Mobile banking: A catalyst for improving bank performance, Deloitte, 2010 Source: http://www.emerce.nl/nieuws/mobile-convention-abn-amro-groter-mobiel-web 12

With enormous opportunities Business to Consumer Business to Enterprise Improved customer satisfaction Deeper customer engagement and loyalty Increased sales through personalized offers Customer service Competitive differentiator Improve brand perception Deeper insight into customer buying behavior for up sell and cross sell Improved buying experience with mobile concierge services Extend existing applications to mobile workers Increased worker productivity Faster business processing Increased employee responsiveness and decision making speed Reduced fuel, gas, or physical asset maintenance costs Increase revenue through sales engagements Resolve internal IT issues faster Reduce personnel cost (utilizing personal owned instead of corporate issued devices) 13

Mobile brings new opportunites, but also business and IT challenges Enterprise Business Model Changes New business opportunities based upon geolocation Anytime, anywhere business transactions Importance of social business interactions App Development Lifecycle Complexity Complexity of multiple device platforms with fragmented Web, native, and hybrid model landscape Connecting the enterprise back-end services in a secure and scalable manner Unique mobile requirements (user interface, connected/disconnected use, version upgrades, etc.) Mobile Security and Management Protection of privacy and confidential information Use of client-owned smartphones and tablets Top Mobile Adoption Concerns: 1. Security/privacy (53%) 2. Cost of developing for multiple mobile platforms (52%) 3. Integrating cloud services to mobile devices (51%) Source: 2011 IBM Tech Trends Report https://www.ibm.com/developerworks/mydeveloperworks/blogs/techtrends/entry/home?lang=en 14

Mobile Challenges in 2012 2013 Mastering development, integration and management challenges to deliver apps to end-users in an increasingly complex world Multi-OS - developing cross-platform apps and re-using integration layers to deliver the best user experience for each OS Multi-device supporting smartphone and tablet devices with different sizes, densities, capabilities and user experience Multi-app managing multiple app projects and associated versions as well as overall mobile infrastructure across LOBs Multi-scenario delivering a single mobile strategy for B2C, B2B and B2E scenarios with different user expectations and enterprise requirements 15

Why mobile matters? 16

Mobile game changers Mobile changes interaction patterns Customers and business get access to previously hidden data Context aware, situational UI, in-the-moment offers, etc New revenue streams Retaining customers Loyalty is low (telecom, utility) Mobile offers a direct channel to each end-user New interaction models Cost control of multi-x-development Exposure (financial, data, malicious tx) caused by uncontrolled apps Short TTM cycles Across many client technologies App management how to control all those apps in-the-wild Load on and integration of backend systems Direct access model and aggregation backend systems 17

IBM Mobile Foundation 18

IBM strategy addresses client mobile initiatives Extend & Transform Extend existing business capabilities to mobile devices Transform the business by creating new opportunities Build & Connect Build mobile applications Connect to, and run backend systems in support of mobile Manage & Secure Manage mobile devices and applications Secure my mobile business 19

IBM strategy addresses client mobile initiatives Build & Connect Build mobile applications Connect to, and run backend systems in support of mobile Worklight directly addresses building & continuous delivery of apps for the mobile form factor Integration services ensure existing assets are readily mobile accessible Rational tools provide comprehensive end-toend tools to scale team development 20 Manage & Secure Manage mobile devices and applications Secure my mobile business Extend & Transform Extend existing business capabilities to mobile devices Transform the business by creating new opportunities IBM Security Division provides capabilities for mobile identity and entitlements management Secure and centrally manage mobile devices (incl. BYOD) with IBM Endpoint Manager CoreMetrics, Cognos, and Tealeaf provide deep analytics into the customer experience Security Division threat detection technology integrates into the mobile infrastructure Multi-channel management capabilities from Lotus address the convergence of desktop, web, and mobile

A look at Build & Connect capabilities Extend & Transform Extend existing business capabilities to mobile devices Transform the business by creating new opportunities Build & Connect Build mobile applications Connect to, and run backend systems in support of mobile Manage & Secure Manage mobile devices and applications Secure my mobile business Build enterprise mobile applications that: Run on multiple mobile devices Connect to enterprise back-end applications and information systems Fulfills fast time-to-market requirements and can be rapidly updated with new releases Deliver high quality user experience IBM Worklight an open, complete, and advanced mobile application Development and Runtime platform for HTML, hybrid, and native applications 21

Mobile development challenges Mobile is now strategic, mandating control over development and delivery There are multiple approaches to mobile development: Approach Shortcomings 100% native development Expensive development and maintenance Long time to market & limited scalability of development Scarce and costly resources In-house development using open source tools such as HTML5/PhoneGap and JavaScript/HTML Frameworks Mobile Enterprise Application Platforms (MEAP) Lacking enterprise-grade functionality Limited access to device features No integration and services layer Limiting WYSIWYG IDEs Proprietary scripting languages & limited scalability of development Professional Service-based business models Lack of Strong ROI App testing, mobile-specific security threats, and management in a BYOD environment present additional challenges 22

The IBM Worklight Mobile Platform addresses these needs Mobile Application Development -- Worklight Studio The most complete, extensible environment with maximum code reuse and per-device optimization Mobile Application Runtime -- Worklight Server Unified notifications, runtime skins, version management, security, integration and delivery 1001010101011 1010010100100 1010111010010 0110101010101 0010010010111 1001001100101 0101001010100 Mobile Application Runtime -- Worklight Runtime Components Extensive libraries and client APIs that expose and interface with native device functionality Mobile Application Management -- Worklight Console A web-based console for real-time analytics and control of your mobile apps and infrastructure 23

IBM Worklight Mobile Platform Architecture 24

Mobile Application Development 25

Worklight mobile development models 26

Mobile Development Models 27

Mobile Development Models 28

Mobile Development Models 29

Hybrid development can leverage an ecosystem of open technologies Prominent HTML5 libraries and tools: 30

Worklight Studio Eclipse Based IDE Native, hybrid and standard web development Environment-specific optimization Common code with overrides/extensions Native development options Runtime skins 3rd-party library integration Device SDK integration Access to emulators and debugging tools Supports auto-complete and validation 31

Design perspective with WYSIWIG and source code editor WYSIWYG editor Palette supports HTML5 and Dojo 32

Quickly test mobile applications during development Use the Mobile Browser Simulator to quickly test your mobile applications without requiring actual devices or heavyweight emulators Test with Native Device SDK s (android, blackberry) 33

Provide different user experiences with runtime skins Different Screen Sizes Different Screen Densities Different Input Method Support for HTML5 34

Shell-based application development Customizable Native Shell Code Enhance developer and organizational productivity with an effective approach to separation of concerns Leverage core teams to create enterprise-wide shells that contain native functionality, enterprise security, and company branding artifacts Enable development teams to consume and build upon the enterprise-wide and approved shell Mobile Browser Inner Application Web Code Customizable Web Shell Code Device APIs Ease of Development Control and Governance Centralized Shell development Distributed app development Centralized inspection Automatic policy enforcement 35

Mobile Middleware 36

Worklight Server An middleware component which deliveries unified notifications, runtime skinning, version management, security features, and integration Services Distribution of mobile web apps Enterprise connectivity: Secure client/server connectivity Direct access to enterprise back-end data and transaction capabilities Authentication enforcement Adapters (WMB, CastIron, SQL, REST, SOAP and more) Client control: Application version management and remote disabling Direct update of application code Push Notifications administration Aggregation of usage statistics 37

Worklight Security Streamline Corporate Security Approval Processes Protect Local Application Data Integrate with User Security Solutions Proactively Enforce Security Updates Application Security Objectives Protect From Known Application Security Threats Application Security Design: Develop secure mobile apps using corporate best practices Code obfuscation Encrypted local storage for data, Offline user access Challenge response on startup App authenticity validation Enforcement of organizational security policies 38

Mobile Security Protect data on the device Malware, Jailbreaking Offline access Device theft Phishing, repackaging Encrypted device storage Enforce security updates Be proactive: can t rely on users getting the latest software update on their own Limit exposure by prohibiting access to out of date apps Streamline Corporate security approval processes Complex Time-consuming Shell as an organizational sandbox Provide robust authentication and authorization Existing authentication infrastructure Passwords are more vulnerable Protect from the classic threats to the application security Hacking Eavesdropping (SSL with mutual certs) Man-in-the-middle 39

Securing mobile application access IBM Worklight delivers a robust and extensible security framework that consists of Authenticators and Login Modules Authenticators are responsible for defining how user credentials are collected Login Modules are responsible for validating supplied user credentials The platform ships with several pre-implemented Authenticators and Login Modules Authenticators: Form-based, Basic, Header, Persistent Cookie, Adapter (customized), and LTPA Login Modules: Non-validating, Database, Header, and WASLTPAModule Built-in support for collecting and validating LTPA tokens using existing WebSphere Application Server configuration Pluggable framework allows the creation of custom Authenticators and Login Modules 1. Call Protected Procedure IBM Worklight Server 2. Request Authentication Session authentication 40

Backend connectivity via Worklight Adapters Universality Supports multiple integration technologies and back-end information systems Query 1 2 3 SQL Invoke adapter procedure Response Caching Mechanism WS Worklight Update data HTTP Data/Result as JSON 4 Read-only as well as Transactional Capabilities Adapters support read-only and transactional access modes to back-end systems Fast Development Defined using simple XML syntax, and easily configure with JavaScript API Security Use of flexible authentication facilities to create connections with backend systems Adapters offer control over the identity of the connected user Caching Caching utilized to store retrieved back-end data Transparency Data retrieved from back-end applications is exposed in a uniform manner regardless of the adapter type 41

Unified Push Notifications Architecture Back-end Back-end System System Back-end Back-end System System Polling Adapters Message based Adapters Unified Push API Notification State Database User- Device Database ios Dispatcher Android Dispatcher SMS Dispatcher ios Push API Android Push API Broker API Apple Push Servers (APN) Google Push Servers (C2DM) SMS/MMS Brokers Worklight Client side libraries Administrative Console Worklight libraries 42

Secure Push (private and sensitive data transmission) DMZ C2DM MQTT Worklight WebSphere Connectivity & Integration MQ Worklight Shell and On-device services DataPower HTTP MQTT APNS WebSphere Cache Apple Push Data Channel Control Channel Control Channel 43

Worklight Device Runtime Extensive libraries and client APIs that expose and interface with native device functionality and the Worklight server Cross-Platform Compatibility Layer Secure Server Integration Framework Push registration Encrypted Storage (HTML5 Cache and on-device JSON database) Offline Authentication Runtime Skinning Statistics and Diagnostics Reporting App remote updates and disable 44

Direct Application Update via Worklight On-device Libraries Over The Air updates capabilities of Customer Apps Native Shell App Store 1 Download Pre-packaged resources 1. Web resources packaged with app to ensure initial offline availability 2. Web resources transferred to app's cache storage 2 Transfer 3. App checks for updates 3 Check for updates On startup On foreground Worklight Server Web resources Cached resources 4. Updated web resources downloaded when necessary 4 Update web resource 45

Securely store data on the device Worklight s client-side JavaScript library includes a keyvalue cache API Applications use the API to manage and interact with the cache APIs to create, open, close, and destroy the cache APIs to read, insert, update, and remove data from the cache All data stored in the device-side cache provided by Worklight is encrypted for secure storage Native Shell Resources: Prepackaged OverTheAir Device cache can be used in conjunction with Worklight connectivity APIs to provide offline functionality Authenticate users without a server connection Provide full or restricted access to application functionality without a server connection Encrypted cache NEW: Worklight adapter to bi-directionally sync encrypted database contents and updates! Encrypted JSON database 46

Mobile Database support Embedded JSON mobile database JavaScript APIs to store, query and update the data in offline mode Encrypt sensitive data, using a key provided by developer or obtained as user s password Server-to-client Sync: Retrieve, store and keep data store up-todate using adapters Client-to-server Sync: Simplify write actions on data while the app is offline and send these actions to the server when connectivity is restored 47

Mobile Application Management 48

Worklight Console Application Version Management Push management Usage reports and analytics Reports of custom application events Configurable audit log Administrative dashboards for: Deployed applications Installed adapters Push notifications Data export to BI enterprise systems 49

Application Versioning Device specific versions are uncoupled Supports multiple versions on the same platform 50

Analyze application usage with out-of-the-box reports Worklight utilizes audited information to provide several usage reports for your consumption Daily visits per application Daily hits per application Total visits per application Newly detected devices per application Total unique devices per server or cluster Access reports via Eclipse using the BIRT plugin The BIRT reports are fully customizable and extensible Fully documented data model to allow other reporting or BI tools to create additional custom reports 51

IBM Worklight Application Center The Application Center provides a means for developers and testers to publish and share applications with key stakeholders during the delivery cycle Application owners upload applications to the Application Center and provide various information about the application Stakeholders install the Application Center mobile application to view, install, rate, and provide feedback on applications in the Application Center The Application Center is included with IBM Worklight and comes pre-installed on the Worklight Server Users must install the mobile application to their device 52

Summary 53

How Worklight is Different Open, standards-based Developer flexibility Avoid vendor lock-in Extremely easy to learn and use Few days to full productivity No Worklight involvement HTML5 as core development technology Cross-platform technology strongly promoted by all mobile vendors Leverage existing web development skills in IT Focus on new devices and OS s ios, Android, BlackBerry, Windows Phone Phones and tablets Native, hybrid, and web apps Cater to high-end enterprise needs B2C and B2E App capabilities, development process, integration, security, scalability, and management 54

IBM Worklight Mobile Development Platform Significant Return-on-Investment over native development Key Worklight Efficiencies: Web development skills commonly available Shared code base across devices Highly efficient optimization of apps if required Use of ready-made UI libraries and visual editor Reusable enterprise connectivity and integration layer Out-of-the-box security and authentication components Native vs Hybrid Mobile App Development 10 8 6 Cost 4 2 Return-on-Investment: Reduced development effort on 2 nd and 3 rd devices (up to 90%) Cost savings increased with additional apps Reduced overhead of IT integration and mobile infrastructure (minimal effort) Lower maintenance cost of app versions and updates over time Dramatically reduced Time-to-Market for app deployment (weeks instead of months) 0 1 2 3 4 5 6 7 8 9 10 No of Apps Hybrid Native 55

Summary Mobile is more than an app in the app-store Mobile is becoming an essential part of the multi-channel strategy. Mobile provides new business opportunities, but also challenges: New: multi-platform and app management; Traditional: security, connectivity, scalability. IBM is approaching Mobility from an Enterprise perspective. A hybrid approach is more future-proof and skills are more easily available. Apps and Devices should be managed. A Mobile Strategy helps make the right business and IT decisions. 56

In summary: Worklight addresses the Top Mobile Apps Challenges Creating rich, yet cost-effective mobile apps in a fragmented technological landscape Connecting the enterprise back-end services in a secure and scalable manner Controlling the growing portfolio of applications deployed in the wild 57

Customer Stories 58

Customer Story: TBC Corporation Nation's largest vertically integrated marketer of tires delivers B2C and B2E mobile apps The Need: Marketing and commerce teams began evaluating the mobile channel as a means to create new revenue and brand differentiation opportunities. Support the growing need of customers to engage in mobile commerce via a store locator application Address the BYOD trend in the market and enable their employees to access relevant backend data on the go The Solution: IBM Worklight helped in-house development team to create 5-6 apps in the initial phase and more going forward. Hybrid HTML5 apps delivered to +6000 associates under the TBC brand and millions of end-users We estimate that the Worklight platform has already saved between 80%-90% of development time for our 2 nd and 3 rd target devices due to the inherent cross-device capabilities. The Benefit: Support large scale mobile development (9-12 apps) Maintain complete control of advanced user experience using commonly available web development skills Rapid integration with enterprise data and infrastructure with Worklight s middle-tier integration layer Strong coverage of B2E and B2C mobile requirements 59

Customer Story: TBC Corporation From outline... to app 21 Days from installation to 3 applications in beta No New Resources - full lifecycle process using existing design, development, QA, and infrastructure team 60

Customer Story: Lotte Credit Card a leading Credit Card company in the South Korean market delivering rich mobile functionality. Augmenting offerings with a mobile platform The Need: Korean companies are facing a demand for mobile apps from over 7 million smartphone users, up from only 800,000 in 2009, forcing them to vigorously explore options for value-added services. The Solution: To capitalize quickly on this rapidly growing trend, Lotte Credit Card turned to IBM Worklight to develop an advanced application with a rich and engaging user experience using over 100 screens, location-based features and scannable mobile coupons. The application incorporates augmented reality components a first in the region helping users find the retail locations of its reward partners on the go. We chose IBM Worklight because it was the best technology for Lotte to consolidate application development, enhancement and maintenance, while ensuring cost savings and timely delivery to our customers. Kim, Young Sam, IT Planning Team Leader, Lotte Credit Card Solution components: The Benefit: Reduced time to market and associated costs IBM Worklight Finance All Solutions (FAS) Deployment of one of the region s most advanced financial mobile applications Enabling better customer and employee user experience across more devices 61

Customer Story: Lotte Credit Card B2C for a Korean credit card company 100+ screens build using web technologies and shared across platforms Only native component provides augmented reality so you can discover locations within the card network 62

Customer Story: Lotte Credit Card From idea... to APP. Which stores partner with the Lotte Card? Augmented reality overlays the Lotte Card Icon on stores accepting the card! Business Problem Summary: A leading credit card company in the South Korean market Wanted to develop a rich application for credit card and benefit management for their client base App needs to include sophisticated functionality such as augmented reality and barcode reader App needs to comply with the security regulations of the Korean government 63

Next Steps 64

Next steps Read, Watch, Try Web sites: IBM Mobile Enterprise landing page Worklight free download Worklight Tutorials You Tube: Worklight overview Worklight Hybrid Coding IBM Mobile Security White Papers: Worklight v5 Overview Native, web or hybrid mobile-app dev IBM Endpoint Manager Getting a better grip on mobile devices Seven questions on BYOD 65

6 November Oslo Worklight Workshop at the IBM office On the agenda IBM Mobile Foundation overview Demo What can Worklight do? Introduction to app development using Worklight Server and application management Advanced client-side development 3 LABs Lab 1 Developing your first Worklight application Lab 2 Securing and managing a mobile application Lab 3 Implementing Environment optimization and basic APIs Contact: Imran Zafar zafar@no.ibm.com 66

Next steps: (Free of charge) One Day Mobility Workshop Brief Introduction on high level value points of IBM Worklight Client reviews current mobility plans Mobile Platform Discussion IBM Worklight terminology, concepts and tools How IBM Worklight, IBM s End Pt Mgr, etc fit in current application Operational and deployment details Sizing discussions and Caching Significance Least invasive approaches /other design points Integration with IBM Stack Products Features of Worklight that can be immediately exploited. Technical, business and political challenges and risk mitigation 67

www.ibm.com Copyright IBM Corporation 2012. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, Rational, the Rational logo, Telelogic, the Telelogic logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. 68

Backup Mobile Device Management 69

A (short) look at Manage & Secure capabilities Extend & Transform Extend existing business capabilities to mobile devices Transform the business by creating new opportunities Build & Connect Build mobile applications Connect to, and run backend systems in support of mobile Manage & Secure Manage mobile devices and applications Secure my mobile business Customers can now: Use IBM Endpoint Manager for mobile visibility, security and management Use IBM Security Access Manager to authenticate and authorize mobile users and devices Utilize managed services for complete mobile landscape management IBM Endpoint Manager for Mobile Devices extending visibility, control and automation for mobile 70

Extending visibility, control and automation to mobile devices IBM Endpoint Manager for Mobile Devices Building on the July 2010 BigFix acquisition Systems management Common management agent and console Near-instant deployment of new features Security management Introduced in March 2012: Advanced management for ios, Android, Symbian, and Windows Phone Unified management automatically enables VPN access based on security compliance IBM Endpoint Manager Integration with back-end IT management systems such as service desk, CMDB, and SIEM Security threat detection and automated remediation Extends IBM s existing 500,000 endpoint deployment 71 Desktop / laptop / server endpoint Mobile endpoint Purpose-specific endpoint

Allows management of mobile devices for managing applications and security considerations into the enterprise 72

Detect Security Problems and non-compliance 73

Applications can be provisioned to devices targeting different populations of users 74

Enterprises can de-provision the enterprise portion of the device if needed 75

IBM is extending their security capabilities across their entire portfolio Achieve Visibility & Enable Adaptive Security Posture IBM QRadar System-wide Mobile Security Awareness Risk Assessment Threat Detection Secure Data & the Device IBM WorkLight Runtime for safe mobile apps Encrypted data cache App validation IBM Endpoint Manager for Mobile Configure, Provision, Monitor Set appropriate security policies Enable endpoint access Ensure compliance Protect Access to Enterprise Apps & Data IBM Security Access Manager (for Mobile) Context aware authentication & Authorization of users and devices Standards Support: OAuth, SAML, OpenID Single Sign-On & Identity Mediation IBM Mobile Connect Secure Connectivity App level VPN Build & Run Safe Mobile Apps IBM WorkLight Develop safe mobile apps Direct Updates & version mgt IBM AppScan(for Mobile) Vulnerability testing Dynamic & Static analysis of Hybrid and Mobile web apps IBM DataPower Protect enterprise applications XML security & message protection Protocol Transformation & Mediation Internet 76