What is the GSMA OneAPI Gateway?
A platform allowing application developers to access the SMS, Location and Billing APIs.
- Connects the 3 major Canadian carriers (Rogers, Bell, TELUS) with OneAPI and access to 93% of Canadian mobile subscribers.
- A single implementation of your app works across all carriers - better services for less work
What is the GSMA OneAPI Gateway?
A platform allowing application developers to access the SMS, Location and Billing APIs.
- Connects the 3 major Canadian carriers (Rogers, Bell, TELUS) with OneAPI and access to 93% of Canadian mobile subscribers.
- A single implementation of your app works across all carriers - better services for less work
These are the slides that accompany the mAgri Webinar on 'Designing & Marketing Mobile Information & Advisory Services for Women Smallholders' that occurred on June 27, 2012.
These are the slides that accompany the mAgri Webinar on “Mobile market information systems for farmers: requirements for success” that took place on 9th October 2012.
OAuth and OpenID Connect for PSD2 and Third-Party AccessNordic APIs
Not only banks struggle with third-party systems needing access to their APIs. In this talk though, Daniel will discuss how this can be done in the banking sector according to the Payment Services Directive (PSD2) and also in other sectors where trust of third-parties is also of great importance.
Alban Diquet, Data Theorem
Thomas Sileo, Data Theorem
Over the last two years, we've received and analyzed more than three million SSL validation failure reports from more than a thousand of iOS and Android apps available on the Stores, and used all around the world. From mobile banking to music apps, each report was triggered because an unknown or unexpected certificate was being served to the app, preventing it from establishing a secure connection to its server via SSL/TLS.
We've analyzed each of these reports to understand what caused the SSL connection to fail, and then grouped similar failures into various classes of SSL incidents. Throughout this presentation, we will describe the analysis we've made and present our findings.
First, we will provide a high-level overview of where, how, and why SSL incidents are occurring across the world for iOS and Android users, and describe the various classes of incidents we've detected. Some of these types of incidents, such as corporate devices performing traffic inspection, are well-known and understood, although we will provide new insights into how widespread they are.
Then, we will take a closer look at a few notable incidents we detected, which have been caused by unexpected, or even suspicious actors. We will describe our investigations and what we found.
Lastly, we will provide real-world solutions on how to protect apps against traffic interception and attacks, as a mobile developer.
These are the slides from our January presentation of our in-Flash payment solution.
It gives a brief overview of Social Gold as well as a technical presentation that shows how to integrate the our in-Flash solution with your Flash game.
Enjoy!
in this presentation we give a brief intro to Social Gold, an overview of the in-flash solution architecture followed by a step by step integration example.
Get a tour of some of RingCentral’s most advanced integrations: What do they do? Who built them? How are they architected and what APIs do they call upon? We answer these questions to inspire developers about the possibilities of a unified communication platform, and to offer insight on how they were built so that customers might begin to understand how they might go about building solutions themselves.
Complex architectures for authentication and authorization on AWSBoyan Dimitrov
In this talk we discuss key architecture patterns for designing authentication and authorization solutions in complex microservices environments. We focus on the key advantages and capabilities of AWS Cognito User Pools and Federated Identities and explore how this service can address the challenges of implementing client to service, service to service and service to infrastructure auth.
In addition, we discuss patterns and best practices around building a highly available and resilient decentralised authorization solution for microservices environments based on OIDC. We present a simple RBAC implementation together with fine-grained permissions and end to end automation.
These are the slides that accompany the mAgri Webinar on 'Designing & Marketing Mobile Information & Advisory Services for Women Smallholders' that occurred on June 27, 2012.
These are the slides that accompany the mAgri Webinar on “Mobile market information systems for farmers: requirements for success” that took place on 9th October 2012.
OAuth and OpenID Connect for PSD2 and Third-Party AccessNordic APIs
Not only banks struggle with third-party systems needing access to their APIs. In this talk though, Daniel will discuss how this can be done in the banking sector according to the Payment Services Directive (PSD2) and also in other sectors where trust of third-parties is also of great importance.
Alban Diquet, Data Theorem
Thomas Sileo, Data Theorem
Over the last two years, we've received and analyzed more than three million SSL validation failure reports from more than a thousand of iOS and Android apps available on the Stores, and used all around the world. From mobile banking to music apps, each report was triggered because an unknown or unexpected certificate was being served to the app, preventing it from establishing a secure connection to its server via SSL/TLS.
We've analyzed each of these reports to understand what caused the SSL connection to fail, and then grouped similar failures into various classes of SSL incidents. Throughout this presentation, we will describe the analysis we've made and present our findings.
First, we will provide a high-level overview of where, how, and why SSL incidents are occurring across the world for iOS and Android users, and describe the various classes of incidents we've detected. Some of these types of incidents, such as corporate devices performing traffic inspection, are well-known and understood, although we will provide new insights into how widespread they are.
Then, we will take a closer look at a few notable incidents we detected, which have been caused by unexpected, or even suspicious actors. We will describe our investigations and what we found.
Lastly, we will provide real-world solutions on how to protect apps against traffic interception and attacks, as a mobile developer.
These are the slides from our January presentation of our in-Flash payment solution.
It gives a brief overview of Social Gold as well as a technical presentation that shows how to integrate the our in-Flash solution with your Flash game.
Enjoy!
in this presentation we give a brief intro to Social Gold, an overview of the in-flash solution architecture followed by a step by step integration example.
Get a tour of some of RingCentral’s most advanced integrations: What do they do? Who built them? How are they architected and what APIs do they call upon? We answer these questions to inspire developers about the possibilities of a unified communication platform, and to offer insight on how they were built so that customers might begin to understand how they might go about building solutions themselves.
Complex architectures for authentication and authorization on AWSBoyan Dimitrov
In this talk we discuss key architecture patterns for designing authentication and authorization solutions in complex microservices environments. We focus on the key advantages and capabilities of AWS Cognito User Pools and Federated Identities and explore how this service can address the challenges of implementing client to service, service to service and service to infrastructure auth.
In addition, we discuss patterns and best practices around building a highly available and resilient decentralised authorization solution for microservices environments based on OIDC. We present a simple RBAC implementation together with fine-grained permissions and end to end automation.
Is your mobile app as secure as you think?Matt Lacey
Slides from talks at DunDDD and NDCLondon.
News stories of security vulnerabilities in mobile apps are becoming more common and their impact risks affecting more and more business and consumers. It doesn't have to be this way.
There are solutions to all the common security issues in mobile but sometimes we need to be made aware of what the issues are and how they can be prevented.
That's what I'll show in this talk. I'll draw on more than twelve years personal experience building apps for a wide variety of industries and the accumulated knowledge of the OWASP Mobile Security. We'll look at some examples of the common security mistakes apps on iOS, Android and Windows have made and then show practical examples of how to address the issues.
You'll leave this session wanting to review the security of your mobile apps but armed with the knowledge to make improvements and fix some security holes.
Tadhack madrid June 2014: Joris Swinnen and WebRTC Nederland "Invite my colle...Bart Uelen
Tadhack madrid June 2014: Joris Swinnen and WebRTC Nederland "Invite my colleagues for video conference" showcase. Or how to invite your colleagues to a video chat room by giving them a phone call from a webpage or sending an SMS from the same page using WebRTC and telco API's.
From on premises monolith to cloud microservicesAlbert Lombarte
Presentation from Devops Barcelona conference on June 2019.
Step by step process to migrate from a monolith to several microservices in the cloud.
See with transitions at https://docs.google.com/presentation/d/10PvqjwDwBv96Ga2k0ZLrfi83NrQQnGQyLPKn0XsYC40/edit#slide=id.g585eb34422_0_592
Insight User Conference Bootcamp - Use the Engagement Tracking and Metrics A...SparkPost
Make it easier on yourself. Find out how the APIs in SparkPost, SparkPost Elite and Momentum can do more than generate and send messages. Take a lesson on obtaining fine-grained information about your customers’ preferences and actions using metadata and tags. Learn how to measure if open- and-click rates are meeting your objectives. And leave with ample intelligence to enrich your business processes using real-time analytics.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Using the GSMA OneAPI Gateway
1. GSMA OneAPI Gateway
It's a Cross Carrier play
Here's where APIs get really exciting!
Confidential 1
2. OneAPI — Registration
1. Register at:
https://oneapi-gw.gsma.com
2. Confirm email
3. Log in
Provides access to dashboard and developer
documentation
Confidential 2
3. Creating an Application
Click on
Company Name
Log In Go to Dashboard
in Developer
Profiles
Complete the Click ‗Create
Enter application form and click Application‘
name ‗create
application‘ Bottom of page
Add test phone Click ―Create
numbers Application‖
Confidential 3
4. Manage Application
You can find this page
from the Dashboard:
1. Go to Dashboard
2. Click on the company
name link below
Developer Profiles
(bottom of page)
3. Click on the Manage
Application button
next to your
application name.
Confidential 4
5. Application Specific Info
Note the two application profile buttons:
―Endpoints‖ — Important application settings necessary
for using the APIs
―Manage Whitelist‖ — Phone numbers for testing with
APIs
Confidential 5
6. Necessary Information
Application Profile — Endpoints
– Application User Name & Application Password
– The URI prefixes (excluding the ―.*‖ suffix, shown, if
any) for each API-type
PDF documents describing API sets‘ usage
– ―Common Information Guide‖ some error codes
– ―Sandbox Data service‖ prereq for Payments APIs
described in ―Payment Developer Guide‖
– ―Privacy Developer Guide‖ prereq for Location APIs
described in ―Terminal Location Developer Guide‖
Confidential 6
7. API Protocol
HTTP / REST (mostly)
HTTP Basic Access Authentication
Form-data or JSON Input
XML or JSON output
Some APIs Accept Callback URIs
Confidential 7
10. APIs Supported
Sending SMS from short code to phone
Receiving SMS (to short code)
Location (latitude/longitude)
Payment — Charge to phone bill
Confidential 10
11. Send SMS to Phone
1. Add test phone number to Whitelist
2. Create request JSON in a file
3. Call HTTP
4. Receive Transaction ID
Use Transaction ID to check delivery status
Confidential 11
15. Location Query
1. Whitelist phone number
2. Get permission to retrieve position
(once only, per app, privacy API)
3. User authorizes
4. Retrieve user‘s location
Confidential 15
17. Location API Example
1. Add phone number to Whitelist
2. Ask permission to retrieve location
POST https://oneapi-gw.gsma.com/privacy HTTP/1.1
Content-Type: application/x-www-form-urlencoded
address=tel%3A%2B16045551212&callbackUrl=http%3A%2F%2
Fwww.example.com
Confidential 17
18. Location API Example
3. User responds to text with ―ALLOW‖
4. Check status (or use callback)
https://oneapi-gw.gsma.com/privacy?address
=tel%3A%2B16045551212<?xml version="1.0"
encoding="UTF-8"standalone="yes"?>
<PrivacyResponse status="ALLOWED"/>
All future location requests are enabled for the app
for that user.
Confidential 18
20. Payment API
1. Create Payments Sandbox Group (if not
already created)
2. Add ―subscribers‖ to the group, by phone
number
3. Call Payment API to ―charge‖ money
4. Call Payment API to detect status
Confidential 20
21. Payment Example
1. Create Payments Sandbox Group
https://oneapi-gw.gsma.com
/sandboxdataservice/Payment_Sandbox
2. Add phone numbers to group
https://oneapi-gw.gsma.com
/sandboxdataservice/Payment_Sandbox/tel%3A
%2B16045551212
Confidential 21
23. Payment Example
2. Call Payment function API
https://oneapi-gw.gsma.com/sandboxpayment/
2_1/payment/tel%3A%2B16045551212/transactions/amount
Confidential 23