Uploaded byTechWell
317 views

Architect a Winning Mobile Application

This document summarizes a presentation titled "Architect a Winning Mobile Application" given by Shadi Saifan of FIS Mobile. The presentation covered key topics for developing successful mobile applications such as selecting a mobile development approach, security considerations, performance, data access, and connectivity. It compared native, web, and hybrid mobile app frameworks and outlined advantages and disadvantages of each. The presentation emphasized starting with the right architecture and making design decisions early that consider user experience, value, security, and long-term maintenance needs.

Embed presentation

Download to read offline
  T10 Session   4/16/2015  3:15  PM         "Architect a Winning Mobile Application"   Presented by: Shadi Saifan FIS Mobile                       Brought  to  you  by:         340  Corporate  Way,  Suite  300,  Orange  Park,  FL  32073   888-­‐268-­‐8770  ·∙  904-­‐278-­‐0524  ·∙  sqeinfo@sqe.com  ·∙  www.sqe.com
Shadi Saifan FIS Mobile Director of engineering at FIS Mobile, Shadi Saifan is leading solution strategy and solution engineering and QA for all FIS Mobile client initiatives. Shadi is a professional technology leader with fifteen years of experience in delivering distributed, mobile, and enterprise solutions—with a focus on architecture, design, and development. With extensive knowledge in mobile technologies and platforms, he has worked with a large number of clients, cross-functional teams, and a network of service providers to implement highly scalable distributed projects for the mobile channel. Shadi previously worked for Deloitte Consulting, IBM Global Services, and Hewlett-Packard in various design and technical roles.  
4/8/15 1 ©2015  FIS  and/or  its  subsidiaries.  All  Rights  Reserved.   FIS  confiden?al  and  proprietary  informa?on.     ARCHITECTING A WINNING MOBILE APPLICATION Shadi Saifan Director of Client Services Engineering FIS Mobile AGENDA: KEY TAKEAWAYS •  Selecting your approach to mobile development •  Comparing and contrasting development options •  Importance of security considerations •  Benefits of starting with the right architecture
4/8/15 2 •  Design ensures that apps look as great on the inside as they do outside •  Making design decisions at the end of a project is costly •  Design and development often fail to consider support and maintenance •  Design decisions drive adoption Why is it important to invest in planning? FRAMEWORK OR MOBILE APP APPROACH DATA ACCESS SECURITY PERFORMANCE CONNECTIVITY Decisions in Building a Wining Mobile App ValuetoCustomer UserExperience
4/8/15 3 MOBILE FRAMEWORK AND APPROACH Selecting a framework is not about right or wrong, it’s about what’s best for your business <!DOCTYPE HTML PUBLIC "-//W3C// DTD HTML 4.0// EN" "http:// www.w3.org/TR/ REC-html40/ strict.dtd"> Web Code Mobile Browser Device API Native Application 1001100010100 0101010010101 0010101001010 1010101010101 0100101010100   Device API Native Container <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http:// www.w3.org/TR/ REC-html40/ strict.dtd"> Web Code Types of Mobile App Frameworks Mobile Web Hybrid Native Pure Native
4/8/15 4 •  A mobile-friendly website designed to work with all smartphones •  Loads within a mobile browser, i.e. Safari or Chrome, and often developed to be responsive •  Typically native wrappers are used to publish on app stores •  Easy opportunity to bring content to the mobile channel •  Dependent on internet connection <!DOCTYPE HTML PUBLIC "-//W3C// DTD HTML 4.0// EN" "http:// www.w3.org/TR/ REC-html40/ strict.dtd"> Web Code Mobile Browser Mobile Web App ADVANTAGES DISADVANTAGES •  Rapid speed-to-market •  Requires common web skills •  One code base for many devices •  Ability to leverage existing mobile sites •  Easy to make changes on-the-fly as no app push required •  Web look and feel •  Limited access to device capabilities •  Dependent on browser and performance of internet Advantages and Disadvantages of Mobile Web App
4/8/15 5 •  Smartphone app coded in specific language, i.e. Objective-C for iOS and Java for Android •  Published to and downloaded from each relevant app store •  Designed and coded for a specific device type •  Fast, reliable and provides the best responsive experience Native Mobile App Device API Native Application 1001100010100 0101010010101 0010101001010 1010101010101 0100101010100   ADVANTAGES DISADVANTAGES •  Best performance •  Consistent look and feel with other apps on device •  Full access to device capabilities •  Fast, reliable and provides best responsive experience •  Supports offline mode •  Slower to market •  Require specialized skills •  Multiple code base to support different devices •  App changes typically require a new app push Advantages and Disadvantages of Native App
4/8/15 6 •  Combines elements of native and web apps •  Cross-platform compatibility •  Capability to access device resources •  Build once, use across multiple devices •  Improvement on browser-based app, but not truly native •  Typically built with cross-compatible web technologies, i.e. JavaScript and HTML5 •  Usually only a portion of native code must be rewritten to function with different kinds of devices   Hybrid Mobile App Device API Native Container <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http:// www.w3.org/TR/ REC-html40/ strict.dtd"> Web Code ADVANTAGES DISADVANTAGES •  One code base for various devices/OS •  Rapid speed-to-market for multiple platforms •  Based on common web skills •  Consistent look and feel across app platforms •  Access to device capabilities as supported by third parties •  Can support offline mode •  Third party dependencies •  Certain native features require some native code •  App changes likely to require a new app push •  Wrapping native modules/ SDK can be challenging •  Potentially very complex when trying to achieve exact parity with native Advantages and Disadvantages of Hybrid App
4/8/15 7 The Big Picture NATIVE Native look and feel Developers with native experience Per platform experience Faster upgrade Slower to market HYBRID Slower upgrade Custom look and feel Faster to market JavaScript and web experience Cross-platform experience MOBILE WEB Faster upgrade (if needed) Web look and feel Fastest to market JavaScript, HTML5 and web experience Web experience Requires new submission Easy integration with third party SDKs Native access to all device resources Requires new submission Harder integration with third party SDKs Access to devices resources Doesn’t require new submission Hardest integration with third party SDKs Limited access to device resources •  Evaluate pros and cons of each approach and consider your business needs •  Factor in your audience when considering tradeoffs, i.e. consumer vs. enterprise needs •  Evaluate your needs regarding quality testing, testing automation, frequency of app releases, maintenance and upgrades •  Evaluate any white-labeling needs, multi-language support and device resource dependencies •  Evaluate data dependencies (local vs. server) •  Are your goals focused on content delivery and servicing or interactivity? How to Decide on Your Approach to Mobile
4/8/15 8 MOBILE SECURITY Perimeter Integrated Time + Information + Technology •  There is an increased reliance on apps to perform critical business operations and process sensitive data •  Mobile apps run in unsafe environments; an increasing number of owners root their devices How has mobile changed?
4/8/15 9 HARDWARE LAYER APPLICATION LAYER OPERATING SYSTEM LAYER Jailbreaks exploit defects in operating systems Apps have access to your data Using memory corruption defects to firmware NETWORK LAYER Over-the-air interception Mobile Security: Layers of Security Risk •  Major operating systems’ security has improved, yet hackers’ techniques have also improved •  Web services are exposed – making apps an easy target for security attacks •  Mobile devices can be lost or stolen and on-device data is always at risk •  Token-based authentication and authorization is popular •  Tokens and data can be captured via packet sniffing or any other “man in the middle” attack •  Ensuring app security is more important than securing the device •  Develop with an “application integrity” mindset and focus on app “self-protection” measures   Mobile Security Overview
4/8/15 10 Highly confidential data should never be stored on device Use encryption when storing data on device and ensure encryption key is not stored on device Secure end points, and ensure all communication between apps and APIs are via secure connection (SSL/TLS) If storing sensitive data, store on server and retrieve during active session Set expirations for all tokens used in sessions 1 3 5 2 4 Mobile Security Considerations Mobile Security Considerations Use layered security; mobile app, transport and communication, web services and back-end integration Leverage multi-factor authentication, beyond usernames/passwords Identify source of request for your web services API Utilize obfuscation when possible Employ device capability for security management (i.e. device fingerprints) Follow coding best practices and stay up-to-date Secure-scan your app, including run-time scanning ü      ü      ü      ü      ü      ü      ü     
4/8/15 11 PERFORMANCE •  Performance is often ignored during rapid app development until problems arise toward the end of project •  Still lags behind desktop (approx. one-third of capability) •  Variable data connections speeds due to WiFi and network coverage •  Performance should be considered early, at design stage •  Mobile platforms and framework have app performance effects •  Designers should implement common design best practices related to performance •  Some architectural decisions can limit performance, which can be difficult change later in the project Mobile Performance Overview
4/8/15 12 Performance Considerations •  Utilize web services API to return required data •  Only return data when the app requires it •  Early fetching and paging techniques can be used at the server layer •  Conserve bandwidth by using lightweight format, i.e. JSON •  Utilize push notifications instead of constant pulling of data and background processing. If pulling is a must, be cautious of battery life •  Keep CPU-intensive processing on server •  Follow code-level best practices for optimizing performance for your mobile platform and framework; number of unnecessary objects created, threads, releasing/auto-releasing, etc. DATA ACCESS
4/8/15 13 •  Mobile platforms aren’t designed to support remote database access for security and performance reasons •  While restriction based on client certificate, VPN, and other methods is possible, it is not cost effective and affect performance •  Justifies the inclusion and wide use of a web service layer •  With a web service layer, authentication and authorization can be used along with business roles and data validation •  While server session is active, authorization logic should continue being checked by web service layer •  Web services help connect different data systems and assist in paging, pre-fetching, etc. Data Access Overview •  Define web services API and interaction model early in your design •  Evaluate impact of time to obtain and access required data and avoid expensive calls •  Consider pre-fetching data and server-side caching if back-end request is time consuming •  Factor in security and performance while accessing data •  Keep session alive on server when needed, and send only data essential to presentation when possible •  Evaluate your needs for logging, monitoring and analyzing data Data Access Considerations
4/8/15 14 CONNECTIVITY •  24/7 connection to high-speed internet is a false assumption •  Anticipate low network speed, switching between WiFi and providers’ networks and users going offline •  Mobile web, enterprise and consumer-based apps may all require different considerations •  In some cases, offline access may not be justifiable for your business •  For the majority of apps, there is business value in supporting some offline functionality or, at minimum, managing the offline experience •  Some developers struggle in managing live sessions and syncing sessions between app and web services on server side •  More complex apps load content from third parties Connectivity Overview
4/8/15 15 •  Anticipate design needs early for offline access and data synchronization using caching and queuing •  Caching enables retrieval of larger data sets, in a background thread, or copying data sets •  Implement caching expiration, be selective in what data you cache and never cache sensitive data •  Queuing should leverage local, on-device storage in case app or device shuts down •  Notify users of queuing conflict/errors and provide correction mechanisms •  Ping API method to keep session alive on server •  Include “session is about to expire” message when loading third party web view Connectivity Considerations Summary SUMMARY •  Invest early in architectural decisions •  Always look at the whole picture •  Mobile is more than a content delivery channel
4/8/15 16 Any  questions?   Q & A THANK YOU Shadi Saifan shadis@fismobile.com

More Related Content

PDF
VMware Workspace One
byJürgen Ambrosi
 
PDF
Faster and more efficient processes by combining BPM and Mobile – yes we can!
bySebastian Faulhaber
 
PDF
Enabling the-Connected-Car-Java
byterrencebarr
 
PDF
JavaOne 2015: CON3434 - Bringing IoT Cloud Services ...
byterrencebarr
 
PDF
JavaOne 2015: CON 3437 - Smart Devices for the Internet of Things ...
byterrencebarr
 
PDF
SWM_WP_MaturityModel_July15
byMike Lemons
 
PPTX
Mark Carlile, EMEA Enterprise Lead at Airwatch - Mobile content strategies an...
byGlobal Business Events
 
PPTX
Compliance technical controls and you rva sec 2019
byDerek Banks
 
VMware Workspace One
byJürgen Ambrosi
 
Faster and more efficient processes by combining BPM and Mobile – yes we can!
bySebastian Faulhaber
 
Enabling the-Connected-Car-Java
byterrencebarr
 
JavaOne 2015: CON3434 - Bringing IoT Cloud Services ...
byterrencebarr
 
JavaOne 2015: CON 3437 - Smart Devices for the Internet of Things ...
byterrencebarr
 
SWM_WP_MaturityModel_July15
byMike Lemons
 
Mark Carlile, EMEA Enterprise Lead at Airwatch - Mobile content strategies an...
byGlobal Business Events
 
Compliance technical controls and you rva sec 2019
byDerek Banks
 

What's hot

PDF
Vmware’s move to a digital workspace
bysporta72
 
PPTX
E-Signature Basics and Innovation
byeSignLive by VASCO
 
PDF
CIS 2015 Easy Federation in Cloud and on Premises - Ian Jaffe
byCloudIDSummit
 
PDF
Enabling the Enterprise with Next-Generation Mobile Architectures - Mark Vand...
bymfrancis
 
PDF
Anti key logging and real-time encrypting software | keystrokes encrypting so...
byMike Taylor
 
PDF
CIS13: Bootcamp: PingOne as a Simple Identity Service
byCloudIDSummit
 
PPTX
Leave visual studio behind an end to end business app in 30 mins using a paas
byDr Ganesh Iyer
 
PPTX
MDM - airwatch
byBharat Sinha
 
PPTX
Riverbed Performance Management
byRiverbed Technology
 
PPTX
AUDITime information Systems (I) Pvt. Ltd.
byshiriskumar
 
PDF
What the Internet of Things means for the mobile enterprise - Ian Evans, AirW...
byInternet World
 
PDF
React commonest security flaws and remedial measures!
byShelly Megan
 
PDF
MuleSoft Meetup Dubai Anypoint security with api-led Connectivity
bysatyasekhar123
 
PPTX
4 Best Practices for Delivering Exceptional VDI User Experience
byeG Innovations
 
PDF
Industrial Wireless Security (Japanese)
byDigital Bond
 
PDF
Assuring the Delivery of Business Transactions and Services
byCA Technologies
 
PPTX
Open source vs commercial esb and api management platform draft wh1 for smals
byIgnacio Gil Bárez
 
PDF
Mobile Devices & BYOD Security – Deployment & Best Practices
byCisco Canada
 
PPTX
Why citizen developers should be your new best friend - Oracle APEX
byDavidPeake15
 
PPTX
The Rise of the Open Source ESB
byJason Bloomberg
 
Vmware’s move to a digital workspace
bysporta72
 
E-Signature Basics and Innovation
byeSignLive by VASCO
 
CIS 2015 Easy Federation in Cloud and on Premises - Ian Jaffe
byCloudIDSummit
 
Enabling the Enterprise with Next-Generation Mobile Architectures - Mark Vand...
bymfrancis
 
Anti key logging and real-time encrypting software | keystrokes encrypting so...
byMike Taylor
 
CIS13: Bootcamp: PingOne as a Simple Identity Service
byCloudIDSummit
 
Leave visual studio behind an end to end business app in 30 mins using a paas
byDr Ganesh Iyer
 
MDM - airwatch
byBharat Sinha
 
Riverbed Performance Management
byRiverbed Technology
 
AUDITime information Systems (I) Pvt. Ltd.
byshiriskumar
 
What the Internet of Things means for the mobile enterprise - Ian Evans, AirW...
byInternet World
 
React commonest security flaws and remedial measures!
byShelly Megan
 
MuleSoft Meetup Dubai Anypoint security with api-led Connectivity
bysatyasekhar123
 
4 Best Practices for Delivering Exceptional VDI User Experience
byeG Innovations
 
Industrial Wireless Security (Japanese)
byDigital Bond
 
Assuring the Delivery of Business Transactions and Services
byCA Technologies
 
Open source vs commercial esb and api management platform draft wh1 for smals
byIgnacio Gil Bárez
 
Mobile Devices & BYOD Security – Deployment & Best Practices
byCisco Canada
 
Why citizen developers should be your new best friend - Oracle APEX
byDavidPeake15
 
The Rise of the Open Source ESB
byJason Bloomberg
 

Similar to Architect a Winning Mobile Application

PPTX
Beyond Strategy: Building Your Mobile Capabilities
byTexas.gov
 
PPTX
Beyond Beyond Strategy - Building Mobile Capabilities at TASSCC Technology Le...
bypolikepati
 
PPTX
Interactive Mobile Applications in the Enterprise: Are You Ready?
byCITYTECH, Inc.
 
PDF
Cti av3
byJeffrey Hammond
 
PPTX
Scube's mobile application development
byarti yadav
 
PPTX
S cube's mobile application development
byarti yadav
 
PDF
Agile IT: Modern Architecture for Rapid Mobile App Development
byAnyPresence
 
KEY
Why Do Mobile Projects Fail?
byIndiginox
 
PDF
Introduction to IBM Worklight: Building and connecting cross-platform mobile ...
byJeremy Siewert
 
PPTX
Consider Starting Small
byAndrew Smith
 
PDF
Ibm worklight
byIBM Sverige
 
PDF
iPad Apps for the Enterprise
bySukumar Jena
 
PDF
The mobile ecosystem & technological strategies
byIvano Malavolta
 
PPTX
SenchaCon 2016: Using Ext JS 6 for Cross-Platform Development on Mobile - And...
bySencha
 
PDF
BLUG 2013 - Mobile Application Delivery - Choices, choices, choices
byRené Winkelmeyer
 
PDF
Designing and Developing Custom Mobile Applications
byDunn Solutions Group
 
PDF
Considerations when building mobile app. Presented by Microstrategy
byitnewsafrica
 
PPTX
Architecting mobile solutions
bySachin Bhosale
 
PDF
Rapidvalue whitepaper-howtochoosetherightarchitectureforyourmobileapplication...
byhpcmitresearch
 
PDF
How to-choose-the-right-technology-architecture-for-your-mobile-application
bylverb
 
Beyond Strategy: Building Your Mobile Capabilities
byTexas.gov
 
Beyond Beyond Strategy - Building Mobile Capabilities at TASSCC Technology Le...
bypolikepati
 
Interactive Mobile Applications in the Enterprise: Are You Ready?
byCITYTECH, Inc.
 
Cti av3
byJeffrey Hammond
 
Scube's mobile application development
byarti yadav
 
S cube's mobile application development
byarti yadav
 
Agile IT: Modern Architecture for Rapid Mobile App Development
byAnyPresence
 
Why Do Mobile Projects Fail?
byIndiginox
 
Introduction to IBM Worklight: Building and connecting cross-platform mobile ...
byJeremy Siewert
 
Consider Starting Small
byAndrew Smith
 
Ibm worklight
byIBM Sverige
 
iPad Apps for the Enterprise
bySukumar Jena
 
The mobile ecosystem & technological strategies
byIvano Malavolta
 
SenchaCon 2016: Using Ext JS 6 for Cross-Platform Development on Mobile - And...
bySencha
 
BLUG 2013 - Mobile Application Delivery - Choices, choices, choices
byRené Winkelmeyer
 
Designing and Developing Custom Mobile Applications
byDunn Solutions Group
 
Considerations when building mobile app. Presented by Microstrategy
byitnewsafrica
 
Architecting mobile solutions
bySachin Bhosale
 
Rapidvalue whitepaper-howtochoosetherightarchitectureforyourmobileapplication...
byhpcmitresearch
 
How to-choose-the-right-technology-architecture-for-your-mobile-application
bylverb
 

More from TechWell

PDF
Failing and Recovering
byTechWell
 
PDF
Instill a DevOps Testing Culture in Your Team and Organization
byTechWell
 
PDF
Test Design for Fully Automated Build Architecture
byTechWell
 
PDF
System-Level Test Automation: Ensuring a Good Start
byTechWell
 
PDF
Build Your Mobile App Quality and Test Strategy
byTechWell
 
PDF
Testing Transformation: The Art and Science for Success
byTechWell
 
PDF
Implement BDD with Cucumber and SpecFlow
byTechWell
 
PDF
Develop WebDriver Automated Tests—and Keep Your Sanity
byTechWell
 
PDF
Ma 15
byTechWell
 
PDF
Eliminate Cloud Waste with a Holistic DevOps Strategy
byTechWell
 
PDF
Transform Test Organizations for the New World of DevOps
byTechWell
 
PDF
The Fourth Constraint in Project Delivery—Leadership
byTechWell
 
PDF
Resolve the Contradiction of Specialists within Agile Teams
byTechWell
 
PDF
Pin the Tail on the Metric: A Field-Tested Agile Game
byTechWell
 
PDF
Agile Performance Holarchy (APH)—A Model for Scaling Agile Teams
byTechWell
 
PDF
A Business-First Approach to DevOps Implementation
byTechWell
 
PDF
Databases in a Continuous Integration/Delivery Process
byTechWell
 
PDF
Mobile Testing: What—and What Not—to Automate
byTechWell
 
PDF
Cultural Intelligence: A Key Skill for Success
byTechWell
 
PDF
Turn the Lights On: A Power Utility Company's Agile Transformation
byTechWell
 
Failing and Recovering
byTechWell
 
Instill a DevOps Testing Culture in Your Team and Organization
byTechWell
 
Test Design for Fully Automated Build Architecture
byTechWell
 
System-Level Test Automation: Ensuring a Good Start
byTechWell
 
Build Your Mobile App Quality and Test Strategy
byTechWell
 
Testing Transformation: The Art and Science for Success
byTechWell
 
Implement BDD with Cucumber and SpecFlow
byTechWell
 
Develop WebDriver Automated Tests—and Keep Your Sanity
byTechWell
 
Ma 15
byTechWell
 
Eliminate Cloud Waste with a Holistic DevOps Strategy
byTechWell
 
Transform Test Organizations for the New World of DevOps
byTechWell
 
The Fourth Constraint in Project Delivery—Leadership
byTechWell
 
Resolve the Contradiction of Specialists within Agile Teams
byTechWell
 
Pin the Tail on the Metric: A Field-Tested Agile Game
byTechWell
 
Agile Performance Holarchy (APH)—A Model for Scaling Agile Teams
byTechWell
 
A Business-First Approach to DevOps Implementation
byTechWell
 
Databases in a Continuous Integration/Delivery Process
byTechWell
 
Mobile Testing: What—and What Not—to Automate
byTechWell
 
Cultural Intelligence: A Key Skill for Success
byTechWell
 
Turn the Lights On: A Power Utility Company's Agile Transformation
byTechWell
 

Recently uploaded

PDF
DSD-INT 2025 Century-Scale Impacts of Sediment-Based Coastal Restoration unde...
byDeltares
 
PPTX
Understanding-ROM-RAM-Cache-and-Buffer-Memory.pptx.pptx
bylata2850
 
PDF
Internship Project Training Report-3.pdf
byPawank36
 
PDF
DSD-INT 2025 UK Coastal Flooding Incident Guide - Dam
byDeltares
 
PDF
DSD-INT 2025 DevOps - Automated testing and delivery of Delft3D FM - van West...
byDeltares
 
PPTX
CRM Development Company | Custom CRM Development Services
byyugababu033
 
PPTX
Boost Productivity the Smart Way with AI Automation Solutions
byEllocent Labs
 
PDF
Fundamental of Information Systems introduction.pdf
byYeabsraLakew
 
PDF
DevOps Monitoring Tools: The 2025 Guide to Performance & Observability
byalexendrascott01
 
PDF
DSD-INT 2025 Advancing Urban Flood Modeling with Delft3D FM 1D2D - A Pilot St...
byDeltares
 
PDF
Data Integration with Salesforce Bootcamp
byDele Amefo
 
PDF
DSD-INT 2025 Delft3D FM Suite 2026.01 2D3D - New features + Improvements - Sp...
byDeltares
 
PDF
DSD-INT 2025 Coupling SFINCS to a flood risk model to evaluate the effects of...
byDeltares
 
PDF
DSD-INT 2025 Building-Aware Flood and Lifeline Scour Modeling with Delft3D FM...
byDeltares
 
PDF
SCORM Cloud: The 5 categories of content distribution
byRustici Software
 
PDF
DSD-INT 2025 Timor-Leste Flood exposure and Climate Change assessment - Ogunwumi
byDeltares
 
PDF
inSis suite - Laboratory Information Management System
byKondapi V Siva Rama Brahmam
 
PDF
DSD-INT 2025 Next-Generation Flood Inundation Mapping for Taiwan - Challenges...
byDeltares
 
PDF
DSD-INT 2025 Hydrodynamic and Morphodynamic Modeling with Delft3D FM for an I...
byDeltares
 
PDF
DSD-INT 2025 Understanding the Paraguay River Response to Hard Bottom Dredgin...
byDeltares
 
DSD-INT 2025 Century-Scale Impacts of Sediment-Based Coastal Restoration unde...
byDeltares
 
Understanding-ROM-RAM-Cache-and-Buffer-Memory.pptx.pptx
bylata2850
 
Internship Project Training Report-3.pdf
byPawank36
 
DSD-INT 2025 UK Coastal Flooding Incident Guide - Dam
byDeltares
 
DSD-INT 2025 DevOps - Automated testing and delivery of Delft3D FM - van West...
byDeltares
 
CRM Development Company | Custom CRM Development Services
byyugababu033
 
Boost Productivity the Smart Way with AI Automation Solutions
byEllocent Labs
 
Fundamental of Information Systems introduction.pdf
byYeabsraLakew
 
DevOps Monitoring Tools: The 2025 Guide to Performance & Observability
byalexendrascott01
 
DSD-INT 2025 Advancing Urban Flood Modeling with Delft3D FM 1D2D - A Pilot St...
byDeltares
 
Data Integration with Salesforce Bootcamp
byDele Amefo
 
DSD-INT 2025 Delft3D FM Suite 2026.01 2D3D - New features + Improvements - Sp...
byDeltares
 
DSD-INT 2025 Coupling SFINCS to a flood risk model to evaluate the effects of...
byDeltares
 
DSD-INT 2025 Building-Aware Flood and Lifeline Scour Modeling with Delft3D FM...
byDeltares
 
SCORM Cloud: The 5 categories of content distribution
byRustici Software
 
DSD-INT 2025 Timor-Leste Flood exposure and Climate Change assessment - Ogunwumi
byDeltares
 
inSis suite - Laboratory Information Management System
byKondapi V Siva Rama Brahmam
 
DSD-INT 2025 Next-Generation Flood Inundation Mapping for Taiwan - Challenges...
byDeltares
 
DSD-INT 2025 Hydrodynamic and Morphodynamic Modeling with Delft3D FM for an I...
byDeltares
 
DSD-INT 2025 Understanding the Paraguay River Response to Hard Bottom Dredgin...
byDeltares
 

Architect a Winning Mobile Application

  • 1.
      T10 Session   4/16/2015  3:15  PM         "Architect a Winning Mobile Application"   Presented by: Shadi Saifan FIS Mobile                       Brought  to  you  by:         340  Corporate  Way,  Suite  300,  Orange  Park,  FL  32073   888-­‐268-­‐8770  ·∙  904-­‐278-­‐0524  ·∙  sqeinfo@sqe.com  ·∙  www.sqe.com
  • 2.
    Shadi Saifan FIS Mobile Directorof engineering at FIS Mobile, Shadi Saifan is leading solution strategy and solution engineering and QA for all FIS Mobile client initiatives. Shadi is a professional technology leader with fifteen years of experience in delivering distributed, mobile, and enterprise solutions—with a focus on architecture, design, and development. With extensive knowledge in mobile technologies and platforms, he has worked with a large number of clients, cross-functional teams, and a network of service providers to implement highly scalable distributed projects for the mobile channel. Shadi previously worked for Deloitte Consulting, IBM Global Services, and Hewlett-Packard in various design and technical roles.  
  • 3.
    4/8/15 1 ©2015  FIS  and/or  its  subsidiaries.  All  Rights  Reserved.   FIS  confiden?al  and  proprietary  informa?on.     ARCHITECTING A WINNING MOBILE APPLICATION Shadi Saifan Director of Client Services Engineering FIS Mobile AGENDA: KEY TAKEAWAYS •  Selecting your approach to mobile development •  Comparing and contrasting development options •  Importance of security considerations •  Benefits of starting with the right architecture
  • 4.
    4/8/15 2 •  Design ensuresthat apps look as great on the inside as they do outside •  Making design decisions at the end of a project is costly •  Design and development often fail to consider support and maintenance •  Design decisions drive adoption Why is it important to invest in planning? FRAMEWORK OR MOBILE APP APPROACH DATA ACCESS SECURITY PERFORMANCE CONNECTIVITY Decisions in Building a Wining Mobile App ValuetoCustomer UserExperience
  • 5.
    4/8/15 3 MOBILE FRAMEWORK ANDAPPROACH Selecting a framework is not about right or wrong, it’s about what’s best for your business <!DOCTYPE HTML PUBLIC "-//W3C// DTD HTML 4.0// EN" "http:// www.w3.org/TR/ REC-html40/ strict.dtd"> Web Code Mobile Browser Device API Native Application 1001100010100 0101010010101 0010101001010 1010101010101 0100101010100   Device API Native Container <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http:// www.w3.org/TR/ REC-html40/ strict.dtd"> Web Code Types of Mobile App Frameworks Mobile Web Hybrid Native Pure Native
  • 6.
    4/8/15 4 •  A mobile-friendlywebsite designed to work with all smartphones •  Loads within a mobile browser, i.e. Safari or Chrome, and often developed to be responsive •  Typically native wrappers are used to publish on app stores •  Easy opportunity to bring content to the mobile channel •  Dependent on internet connection <!DOCTYPE HTML PUBLIC "-//W3C// DTD HTML 4.0// EN" "http:// www.w3.org/TR/ REC-html40/ strict.dtd"> Web Code Mobile Browser Mobile Web App ADVANTAGES DISADVANTAGES •  Rapid speed-to-market •  Requires common web skills •  One code base for many devices •  Ability to leverage existing mobile sites •  Easy to make changes on-the-fly as no app push required •  Web look and feel •  Limited access to device capabilities •  Dependent on browser and performance of internet Advantages and Disadvantages of Mobile Web App
  • 7.
    4/8/15 5 •  Smartphone appcoded in specific language, i.e. Objective-C for iOS and Java for Android •  Published to and downloaded from each relevant app store •  Designed and coded for a specific device type •  Fast, reliable and provides the best responsive experience Native Mobile App Device API Native Application 1001100010100 0101010010101 0010101001010 1010101010101 0100101010100   ADVANTAGES DISADVANTAGES •  Best performance •  Consistent look and feel with other apps on device •  Full access to device capabilities •  Fast, reliable and provides best responsive experience •  Supports offline mode •  Slower to market •  Require specialized skills •  Multiple code base to support different devices •  App changes typically require a new app push Advantages and Disadvantages of Native App
  • 8.
    4/8/15 6 •  Combines elementsof native and web apps •  Cross-platform compatibility •  Capability to access device resources •  Build once, use across multiple devices •  Improvement on browser-based app, but not truly native •  Typically built with cross-compatible web technologies, i.e. JavaScript and HTML5 •  Usually only a portion of native code must be rewritten to function with different kinds of devices   Hybrid Mobile App Device API Native Container <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0//EN" "http:// www.w3.org/TR/ REC-html40/ strict.dtd"> Web Code ADVANTAGES DISADVANTAGES •  One code base for various devices/OS •  Rapid speed-to-market for multiple platforms •  Based on common web skills •  Consistent look and feel across app platforms •  Access to device capabilities as supported by third parties •  Can support offline mode •  Third party dependencies •  Certain native features require some native code •  App changes likely to require a new app push •  Wrapping native modules/ SDK can be challenging •  Potentially very complex when trying to achieve exact parity with native Advantages and Disadvantages of Hybrid App
  • 9.
    4/8/15 7 The Big Picture NATIVE Nativelook and feel Developers with native experience Per platform experience Faster upgrade Slower to market HYBRID Slower upgrade Custom look and feel Faster to market JavaScript and web experience Cross-platform experience MOBILE WEB Faster upgrade (if needed) Web look and feel Fastest to market JavaScript, HTML5 and web experience Web experience Requires new submission Easy integration with third party SDKs Native access to all device resources Requires new submission Harder integration with third party SDKs Access to devices resources Doesn’t require new submission Hardest integration with third party SDKs Limited access to device resources •  Evaluate pros and cons of each approach and consider your business needs •  Factor in your audience when considering tradeoffs, i.e. consumer vs. enterprise needs •  Evaluate your needs regarding quality testing, testing automation, frequency of app releases, maintenance and upgrades •  Evaluate any white-labeling needs, multi-language support and device resource dependencies •  Evaluate data dependencies (local vs. server) •  Are your goals focused on content delivery and servicing or interactivity? How to Decide on Your Approach to Mobile
  • 10.
    4/8/15 8 MOBILE SECURITY Perimeter Integrated Time+ Information + Technology •  There is an increased reliance on apps to perform critical business operations and process sensitive data •  Mobile apps run in unsafe environments; an increasing number of owners root their devices How has mobile changed?
  • 11.
    4/8/15 9 HARDWARE LAYER APPLICATION LAYER OPERATINGSYSTEM LAYER Jailbreaks exploit defects in operating systems Apps have access to your data Using memory corruption defects to firmware NETWORK LAYER Over-the-air interception Mobile Security: Layers of Security Risk •  Major operating systems’ security has improved, yet hackers’ techniques have also improved •  Web services are exposed – making apps an easy target for security attacks •  Mobile devices can be lost or stolen and on-device data is always at risk •  Token-based authentication and authorization is popular •  Tokens and data can be captured via packet sniffing or any other “man in the middle” attack •  Ensuring app security is more important than securing the device •  Develop with an “application integrity” mindset and focus on app “self-protection” measures   Mobile Security Overview
  • 12.
    4/8/15 10 Highly confidential datashould never be stored on device Use encryption when storing data on device and ensure encryption key is not stored on device Secure end points, and ensure all communication between apps and APIs are via secure connection (SSL/TLS) If storing sensitive data, store on server and retrieve during active session Set expirations for all tokens used in sessions 1 3 5 2 4 Mobile Security Considerations Mobile Security Considerations Use layered security; mobile app, transport and communication, web services and back-end integration Leverage multi-factor authentication, beyond usernames/passwords Identify source of request for your web services API Utilize obfuscation when possible Employ device capability for security management (i.e. device fingerprints) Follow coding best practices and stay up-to-date Secure-scan your app, including run-time scanning ü      ü      ü      ü      ü      ü      ü     
  • 13.
    4/8/15 11 PERFORMANCE •  Performance isoften ignored during rapid app development until problems arise toward the end of project •  Still lags behind desktop (approx. one-third of capability) •  Variable data connections speeds due to WiFi and network coverage •  Performance should be considered early, at design stage •  Mobile platforms and framework have app performance effects •  Designers should implement common design best practices related to performance •  Some architectural decisions can limit performance, which can be difficult change later in the project Mobile Performance Overview
  • 14.
    4/8/15 12 Performance Considerations •  Utilizeweb services API to return required data •  Only return data when the app requires it •  Early fetching and paging techniques can be used at the server layer •  Conserve bandwidth by using lightweight format, i.e. JSON •  Utilize push notifications instead of constant pulling of data and background processing. If pulling is a must, be cautious of battery life •  Keep CPU-intensive processing on server •  Follow code-level best practices for optimizing performance for your mobile platform and framework; number of unnecessary objects created, threads, releasing/auto-releasing, etc. DATA ACCESS
  • 15.
    4/8/15 13 •  Mobile platformsaren’t designed to support remote database access for security and performance reasons •  While restriction based on client certificate, VPN, and other methods is possible, it is not cost effective and affect performance •  Justifies the inclusion and wide use of a web service layer •  With a web service layer, authentication and authorization can be used along with business roles and data validation •  While server session is active, authorization logic should continue being checked by web service layer •  Web services help connect different data systems and assist in paging, pre-fetching, etc. Data Access Overview •  Define web services API and interaction model early in your design •  Evaluate impact of time to obtain and access required data and avoid expensive calls •  Consider pre-fetching data and server-side caching if back-end request is time consuming •  Factor in security and performance while accessing data •  Keep session alive on server when needed, and send only data essential to presentation when possible •  Evaluate your needs for logging, monitoring and analyzing data Data Access Considerations
  • 16.
    4/8/15 14 CONNECTIVITY •  24/7 connectionto high-speed internet is a false assumption •  Anticipate low network speed, switching between WiFi and providers’ networks and users going offline •  Mobile web, enterprise and consumer-based apps may all require different considerations •  In some cases, offline access may not be justifiable for your business •  For the majority of apps, there is business value in supporting some offline functionality or, at minimum, managing the offline experience •  Some developers struggle in managing live sessions and syncing sessions between app and web services on server side •  More complex apps load content from third parties Connectivity Overview
  • 17.
    4/8/15 15 •  Anticipate designneeds early for offline access and data synchronization using caching and queuing •  Caching enables retrieval of larger data sets, in a background thread, or copying data sets •  Implement caching expiration, be selective in what data you cache and never cache sensitive data •  Queuing should leverage local, on-device storage in case app or device shuts down •  Notify users of queuing conflict/errors and provide correction mechanisms •  Ping API method to keep session alive on server •  Include “session is about to expire” message when loading third party web view Connectivity Considerations Summary SUMMARY •  Invest early in architectural decisions •  Always look at the whole picture •  Mobile is more than a content delivery channel
  • 18.
    4/8/15 16 Any  questions?   Q& A THANK YOU Shadi Saifan shadis@fismobile.com