Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguished Engineer, CA Technologies

2,285 views

Published on

Scott Morrison presented "APIs Fueling the Connected Car Opportunity" at Auto Apps Evolution in Berlin.

Published in: Technology
  • Be the first to comment

APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguished Engineer, CA Technologies

  1. 1. APIs Fueling the “Connected Car” Opportunity K. Scott Morrison SVP & Distinguished Engineer September 22, 2014
  2. 2. Auto Customer Lifecycle Moving from customer acquisition to customer development Avg. 6 Year Vehicle Ownership 2 © 2014 CA. ALL RIGHTS RESERVED. AWARENESS NURTURE PURCHASE
  3. 3. Auto Customer Lifecycle Moving from customer acquisition to customer development Premium services ADVOCACY 3 © 2014 CA. ALL RIGHTS RESERVED. CUSTOMER ACQUISITION CUSTOMER DEVELOPMENT Auto commerce Infotainment Companion apps Web onboarding Mobile onboarding Avg. 6 Year Vehicle Ownership AWARENESS NURTURE PURCHASE LOYALTY
  4. 4. The “Connected Car” Ecosystem Complexities Of Connectivity APIs Enable with APIs and Control with Identity 4 © 2014 CA. ALL RIGHTS RESERVED.
  5. 5. APIs Connect Everything Accelerate app delivery and expand routes to market through secure integration EXTERNALIZE DATA & OPTIMIZE TRAFFIC MANAGE API & DEVELOPER LIFECYCLES 5 © 2014 CA. ALL RIGHTS RESERVED. SECURE API ACCESS API API API API API API
  6. 6. How APIs Can Help with Connected Car Business Scenarios
  7. 7. Onboard Prospects via Web & Mobile “More Than 50 Percent Of Customers Make Their Decision Online”* COMPOSITE WEB & MOBILE APPS SOCIAL LOGIN INTEGRATION 7 © 2014 CA. ALL RIGHTS RESERVED. FRICTIONLESS CONSUMER EXPERIENCE *www.mckinsey.com/client_service/marketing_and_sales/latest_thinking/eight_trends_shaping_digital_marketing_in_t he_auto_industry
  8. 8. Remote Companion Auto Apps “Owners Request Remote Door Unlock Assistance More Than 60K Times Per Month”* ONBOARD INTERNAL DEVELOPERS DELIVER PRIVILEDGED USER ACCESS 8 © 2014 CA. ALL RIGHTS RESERVED. ACCELERATE SECURE APP DELIVERY *www.media.gm.com/media/us/en/gm/news.detail.html/content/Pages/news/us/en/2013/Jun/0605-remote-link-app.html
  9. 9. In-Car Infotainment Apps “Games And Infotainment Apps Market Worth $65bn By 2016”* MANAGE APIs & EXTERNAL DEVELOPERS END-TO-END APP SECURITY 9 © 2014 CA. ALL RIGHTS RESERVED. ACCELERATE SECURE APP DELIVERY *http://www.itp.net/589730-games-and-infotainment-apps-market-worth-65bn-by-2016#.Uz7UMPldW8ARoadmap
  10. 10. Automotive Commerce “Nearly 90% of survey participants were open to buying a UBI policy”* PARTNER & PAYMENT APIs COMPLY WITH STANDARDS & REGULATIONS 10 © 2014 CA. ALL RIGHTS RESERVED. COMPLIANT PARTNER COMMERCE *www.towerswatson.com/en/Insights/Newsletters/Americas/americas-insights/2013/Usage-Based-Insurance-Consumer- Survey
  11. 11. Premium Service Integration AUTO SUPPLY CHAIN APIs FLEET TRACKING APIs 11 © 2014 CA. ALL RIGHTS RESERVED. TRAFFIC MANAGEMENT APIs
  12. 12. APIs Improving Lifestyle beyond Auto 12 © 2014 CA. ALL RIGHTS RESERVED.
  13. 13. An “Agile” Digital Platform Emerges APIs provide connectivity while identity provides the control point IDENTITIES APP API DATA 13 © 2014 CA. ALL RIGHTS RESERVED. Seamlessly connect Enterprise Data to Your Digital Ecosystem Accelerates Mobile App Development Enables multi-channel engagement Extend Reach into new markets
  14. 14. API Architecture of the Connected Car that delivers Security while Improving UX
  15. 15. 15 © 2014 CA. ALL RIGHTS RESERVED. Connected Car Service Provider 3rd party service/soc ial APIs APIs APIs APIs Of The Connected Car App App App
  16. 16. 16 © 2014 CA. ALL RIGHTS RESERVED. Connected Car Service Provider 3rd party service/soc ial Companion App APIs APIs APIs { unlock} { unlock}
  17. 17. Mobile Powered Car Sharing Service {book it} 17 © 2014 CA. ALL RIGHTS RESERVED. Connected Car Service Provider {pickup} {find it} 3rd party service/soc ial APIs APIs APIs
  18. 18. Security Matters Too “My Car Was Hacked” SAFETY When cars can be controlled remotely… 18 © 2014 CA. ALL RIGHTS RESERVED. PRIVACY  Locate users  Abuse of driver history data APIs are becoming the attack vector of choice for the new generation of hackers
  19. 19. Public vs Confidential Apps Public devices and public clients shift burden of authentication to a user (lowering UX) Pattern: Secure API flows which assert registered device/client Mobile 19 © 2014 CA. ALL RIGHTS RESERVED. Connected Car Service Provider {prove possession} Register device, app HSM In-car app
  20. 20. UX Disruptors  Key defensive techniques, such as user authentication disrupt UX  The impact on user experience is more severe in mobile context  Compounding factors: CHALLENGE FREQUENCY NUMBER OF SECRETS SECRET COMPLEXITY 20 © 2014 CA. ALL RIGHTS RESERVED.
  21. 21. Reconciling UX And Security 21 © 2014 CA. ALL RIGHTS RESERVED. IDENTIFY YOURSELF SHOW ME MY DATA
  22. 22. User-Managed Delegation Users delegate applications to act on their behalf Pattern: revocation should be as easy as delegation Authorize app, device … later, device lost or stolen Revoke app, device 22 © 2014 CA. ALL RIGHTS RESERVED. Connected Car Service Provider Connected Car Service Provider
  23. 23. Risk And Context-Based Authorization 23 © 2014 CA. ALL RIGHTS RESERVED. LOW Must have valid session MEDIUM Must have a ‘fresh’ session HIGH Registered device only Challenge user every x minutes  Multifactor – Infotainment + mobile Risk associated with API call
  24. 24. API-Enabled Connected Car Service Provider Driving New Business Models And Partnerships Beyond enhancing the user experience, APIs enable new business and partnership 250M connected cars = big data  Telemetry history  APIs lets you monetize this information 24 © 2014 CA. ALL RIGHTS RESERVED. Connected car API infrastructure Correlate Anonymize Secure Insurance Urban planning Real-time traffic info [your idea here] Emergency response
  25. 25. What An API Management Solution Should Look Like
  26. 26. API Infrastructure For The Connected Car CA API Management Solutions ENABLE INNOVATION App developer services Internal/3rd party developer on boarding API discovery App registration API Key issuing Analytics Billing Mobile SDKs DELIVER, SCALE AND SECURE API 26 © 2014 CA. ALL RIGHTS RESERVED. Runtime API services Secure API delivery Access control Enterprise integration Identity brokering Device registration Social/cloud integration Threat protection, sanitization
  27. 27. What An API Delivery & Management Platform Should Look Like Transformation Routing Traffic Control Throttling Prioritization Caching Composition Authentication Entitlements API Keys Single Sign On Security Secure & Manage Interface + Data Token Service Performance Global Staging Developer Enrollment Plans Reporting Analytics Manage Developers Access to APIs Health Tracking Workflow 27 © 2014 CA. ALL RIGHTS RESERVED. API Docs Forums API Explorer Quotas Rankings Config Migration Patch Management Policy Migration Manage Lifecycle & Availability of API OAuth 1.x OAuth 2.0 OpenIDConnect Manage Access & Credentialing to API API
  28. 28. Addresses Critical API & Application Economy Needs ENABLE APP DEVELOPERS  Accelerate application delivery by providing flexible access  Provide ‘speed tracks with guard rails’ – embed security into mobile app APIs  Deliver portal to to define and easily expose a set of APIs for development, testing, deployment, security runtime, hosting and delivery PROTECT APPs & APPLICATIONS  Enforce authentication, access controls and authorization policies for APIs  Secure API inputs and API outputs and provide application security, eg XSS and schema validation  Simplify SSO and federation to apps and services through API brokering INTEGRATE EVERYTHING  Streamline integration of cloud, on-premise and PaaS services  Comprehensive, extensive mapping and protocol transformations – anything to anything  Flexible deployment models – cloud portal and on-prem gateway 28 © 2014 CA. ALL RIGHTS RESERVED. MONETIZION & THE BUSINESS OF APIS  Easy-to-use and flexible way to generate revenue for the use of APIs  Provide analytics and reporting on API activity  Deliver billing system integration to facilitate a single view into APIs and billing
  29. 29. K. Scott Morrison SVP & Distinguished Engineer Scott.Morrison@ca.com @KScottMorrison slideshare.net/CAinc linkedin.com/KScottMorrison ca.com
  30. 30. Copyright © 2014 CA. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies. THIS PRESENTATION IS FOR YOUR INFORMATIONAL PURPOSES ONLY. CA assumes no responsibility for the accuracy or completeness of the information. TO THE EXTENT PERMITTED BY APPLICABLE LAW, CA PROVIDES THIS DOCUMENT “AS IS” WITHOUT WARRANTY OF ANY KIND, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT. In no event will CA be liable for any loss or damage, direct or indirect, in connection with this presentation, including, without limitation, lost profits, lost investment, business interruption, goodwill, or lost data, even if CA is expressly advised in advance of the possibility of such damages. 30 © 2014 CA. ALL RIGHTS RESERVED.

×