Recent Postings
August 27th, 2014

Why Banks Have the Same “Drivers” as Uber with APIs

Image credit: Adam FagenI’ve heard many banking IT staff declare definitively “we’re not exposing an API to the public.” I get it. It’s scary to create yet another point of entry, a potential vulnerability to the organization. Better to just lock it up tight. Throw away the key. In fact, to maximize security, we should probably just turn off all the computers.

Not really.

Do it or be Disrupted
There was a bit of consternation over Uber’s latest valuation. There’s a simple explanation for the high valuation. It’s not about the market for taxi rides. It’s about the platform:

  • “It’s interesting to think of Uber as the new Amazon. Amazon is a platform company, not a books company (and arguably not a retailer).” – Benedict Evans on Twitter

Uber Everywhere
Last week, Uber launched its API. I was surprised at how obvious it sounded but more surprised when a number of apps on my phone updated to add Uber reservation functionality. It was a very nice launch. Uber is now where I am: If I’m flying United, there’s Uber. If I’m making a reservation at OpenTable, there’s Uber.

The Power of an API
That’s an API impacting channel distribution. That’s also an API impacting brand power, demonstrating the real power of the application economy. Uber isn’t waiting for the customer to remember to open the Uber app; it’s in the app the customer is using at the moment they need Uber’s service. It’s beautiful.

Getting Banks to Think Like Software Companies
The key thing to remember is that someone will figure it out in financial services. If the banks don’t figure out how to create a financial services platform, someone else will. The banks realize they’re competing with Silicon Valley and believe they’re ready. Perhaps they are, from a technical-chops perspective. But from a perspective perspective, banks are not yet thinking like software companies.

The Business Case for Exposing a Loyalty Point API
Banks have the same drivers Uber does. (Hah! Going to leave that pun there.) The API is just a technology – just an interface implementation for integration. Banks are already doing external integration. My favorite example is the ability to pay with Chase Rewards points while shopping at Amazon.

It’s so easy to imagine Benedict Evans’ quote above tweaked to explain my point:

  • “It’s interesting to think of Chase as the new Amazon. Chase is a platform company, not a bank (and arguably not a financial services company).”

I can pay for my Amazon purchase with Chase rewards points. This has a clear business benefit, if I can be so crass as to summarize it simply:

  • More opportunities to pay with points are more opportunities to take the points off the balance sheet
  • The more points can be used, the more valuable they become and the more people care about the benefit
  • If an API is done properly it becomes much easier to use than the current architecture for external integration, which means the ROI for enabling smaller players becomes achievable thereby creating a virtuous cycle of more points off the books, more value to the points, more customers who care about the program
  • And with broad and visible distribution, there’s a Big Data play for analyzing shopper value and tweaking the point-dollar relationship to reduce the reward program’s costs

Why have they limited this to Amazon? (Rhetorical question. I imagine it’s because the non-API integration strategy takes a lot of effort and so doesn’t scale unless it’s with someone big like Amazon. Though I don’t know for certain.) Imagine if everywhere you could book an Uber, you could also pay with Chase Rewards points?

Interested in learning more about how financial services organizations can differentiate, extend reach and establish trust using APIs and mobile technology? Join me on September 25 for the webinar Adapting to Digital Change: Use APIs to Delight Customers & Win.

Sign up for the webinar >>

August 21st, 2014

3 Philosophies for the IoT Age

IoT eBook“What on earth do pillars of science have to do with IoT?” That’s a question I’ve had to answer a few times since the publication of our latest CA Layer 7 eBook, 3 Philosophies for the IoT Age. At first glance, some people have been a little taken aback at the idea that we’re comparing the Internet of Things to the work of great theoretical physicists like Isaac Newton, Albert Einstein and Niels Bohr (the founding father of quantum mechanics). What’s the deal here?

Anyone who digs a bit deeper into the document will quickly realize that this comparison refers to IT architecture broadly, rather than IoT specifically and – crucially – that it’s not supposed to be taken too literally. It’s a metaphor, folks! And as a metaphor, I think it works rather well – with Newton representing traditional on-premise architecture, Einstein representing the vast expanse of the Web and Bohr representing the billions of little connections that make up IoT.

While I’m pretty pleased with these analogies, I can’t really claim responsibility for them. The original idea came from my API Academy colleague Mike Amundsen. I took Mike’s idea and ran with it during a talk I gave at APIdays in San Francisco then fleshed it out a bit in the eBook. The more I looked at it, the more connections I could see between IoT and Bohr’s view of a dense, chaotic molecular universe.

I also believe Mike’s physics metaphor has a practical application. IoT is becoming such a big deal that it’s pretty much guaranteed to generate a wealth of business opportunities. But business leaders and IT experts currently have little insight into what this will actually involve. It’s my hope that the eBook will provide a framework for these folks to start exploring what the opportunities are and what the technical requirements for realizing these opportunities will be.

So, if you’re beginning to think about what IoT will mean for your business, 3 Philosophies for the IoT Age might just help to set you off in the right direction.

August 8th, 2014

Notes from the W3C Workshop on the Web of Things

W3C LogoAt the end of June, I had the opportunity to attend the W3C Workshop on the Web of Things, in Berlin. I saw some fascinating presentations and had some equally engaging one-to-one conversations. This was a great opportunity to learn about some new innovations around connected devices and the Internet of Things.

In particular, I was very intrigued by the WAMP Protocol, which I had not heard about before attending the workshop. I subsequently contacted Tobias Eberstein from Tavendo, who is one of the key maintainers of WAMP. We had a very interesting conversation about some of WAMP’s unique concepts, which I will talk about more in a future blog post.

In the meantime, here is a quick summary of my notes from the presentations I attended and the conversations I had at the workshop. If you would like to get more information on any of the emerging technologies outlined below, you can view some of the workshop presentations here and here.

Siemens Smart Grid
Siemens has chosen to use the XMPP messaging protocol as the standard for its smart grid technology. XMPP is being used because IoT, like online messaging, is based on distributed collaboration, in real-time, spanning multiple domains. In this sense, IoT is fundamentally closer to social media than it is to SOA-style Web services.

Siemens Connected Car Authentication
Siemens also presented an IoT authentication method, using the connected car as its real-world example. In this method, security concerns are separated between a Web API server and the car’s backend server. Client apps communicate with the car indirectly, via the API server. Sensitive vehicle data cannot be accessed directly via the API server.

EXI for Long-Lived Connected Things
Waste could be a serious problem in IoT. With billions of connected devices, we can’t afford to have anything becoming obsolete too quickly – ideally any given device should last at least five years. The Efficient XML Interchange (EXI) format addresses this by using XML schema to enable binary coding for extensible message formats.

Echonet Lite for Client-Side Energy Demand Management
The Echnonet Lite protocol allows smart meters to communicate with home appliances, enabling smart home energy management. Echnonet Lite is UDP-based and has more than 80 device models defined. It is already widely used in Japan and is starting to gain significant traction outside the Asia-Pacific region.

Sony Web API Server
Sony is working on a Web API server for the Android platform, using the previously-mentioned WAMP protocol. WAMP, which is essentially a sub-protocol of WebSocket, combines RPC-style and SubPub semantics.

IBM NodeRED
IBM’s NodeRED is an integrated development and runtime environment based on node.js. In the NodeRED environment, it is possible to design integration flows without resorting to code, by graphically snapping together components. NodeRed also allows the use of JavaScript to act on or transform data in flows.

August 1st, 2014

Balancing Security & Developer Enablement in Enterprise Mobility: Gartner Catalyst 2014

Gartner Catalyst San Diego 2014It’s that time of year again… time for another beautiful late-summer Gartner Catalyst conference in America’s Finest City: San Diego. Aside from being my hometown, the reason San Diego is so great is that it has balance. The warm sun is balanced by the cool ocean breeze, the strong business climate is balanced by the laid-back surf culture and the delicious fish tacos are balanced by a cold Corona. Balance makes everything better. Maintaining this balance is just as important when you’re talking about mobile strategy for your enterprise; that’s why I’ll be presenting a talk titled Balancing Security & Developer Enablement in Enterprise Mobility at Catalyst.

Enterprise IT security departments have always had a somewhat adversarial relationship with application developers, even when the applications ran entirely within the intranet. Now that internal data and applications are being exposed to employees, partners and customers through a whole new breed of mobile apps, these teams could potentially clash even more often. Security architects are more concerned than ever about core principles and security standards while developers are more focused than ever on providing incredible user experience rather than worrying about internal restrictions.

I’ll be discussing how these two groups – enterprise and security architects on one side and mobile app developers on the other – can accomplish the same goals. CA’s Layer 7 API Management solutions enable the enterprise to enforce the latest security specifications to the letter, protecting against malicious (or even accidental) threats to critical systems. But at the same time, they enable mobile app developers to very quickly consume the appropriate data through secure APIs, without having to implement the client side of those cutting-edge security standards. Stop by my talk on August 12 at 12:45pm to get the details or come by the Layer 7 booth (#113) to talk in more depth about how we can bring balance to your workplace.

 

July 23rd, 2014

Paper or Plastic? Changing Paradigms & How Service Providers Can Thrive in the App Economy

Paper or PlasticPaper or plastic? It used to be a question that was a source of discussion, debate and dilemma for grocery shoppers. In a relatively short time, at least where I live, that question simply went away. For me and most folks I see at the market now, the small fee for disposable bags had a big impact on behavior. Now, it’s a matter of getting into the habit of bringing reusable bags along. For manufacturers of disposable bags, whether paper or plastic, the world changed pretty quickly.

For service providers, I’d argue a similarly fast and fundamental change is taking place, one that’s best described as “the application economy”. If you’re working for a service provider that’s still focusing on the questions of a few years ago, there’s a good chance you’re not going to be providing answers that are relevant to your customers.

Today, applications sit at the confluence of some pretty major trends – mobility, cloud and social, for starters – and these applications are becoming increasingly vital, from a strategic point of view. The quality, innovation and value that get realized through applications will play an increasingly central role in the trajectory of a business and ultimately whether there’s any future at all for that organization. While this is true in enterprises, the stakes may be even higher for service providers.

In the application economy – and our emerging world of crowdsourcing, cloud, DevOps and wearables – what role will the service provider play? I’d argue that having a well-conceived, compelling answer to that question is one of the most vital challenges confronting service providers right now.

Whether you’re working for a telecommunications service provider, managed service provider or cloud service provider, success will hinge on how you adapt to today’s new realities. Deliver services that help your customers thrive in the application economy and your business will thrive. Fail to adapt and you’ll stand to lose business, market share and relevance.

For example, if you work for a telco, the application economy can present a clear fork in the road. One path is the status quo and while mobile traffic is growing more essential, the delivery of that service is increasingly being relegated to the status of plumbing and becoming highly commoditized. The other approach is to build on your unique advantages – to deliver the APIs and integrations that put your organization at the center of application innovation.

More and more, the best way to deliver value to customers is through applications. Harness the innovations of application developers to bring value-added services to customers. Publish the APIs that enable not only internal teams but also a range of external developers to accelerate application innovation. Further, by using APIs to provide self-service access to your service offerings, your organization can boost both recurring revenues and margins.

The battle to avoid commoditization isn’t solely a challenge for telcos either. Managed service providers and cloud providers will also find themselves in an increasingly tenuous position. If they can’t deliver a compelling application-level value proposition, they will be forced to duke it out on who can offer the lowest prices. To compete, these service providers will need to deliver more value. And applications increasingly represent the lens through which customers see and define value.

If a managed service provider only focuses on a server infrastructure but can’t help customers track the actual end user experience for core business applications, its service value will be limited. For customers, differentiators like application quality, innovation and availability will grow ever more significant. Meet this demand with high-value monitoring services and your business will be well positioned to maximize its growth potential.

For cloud providers, there is a huge opportunity in helping customers get new, higher-quality applications to market – and doing so faster and more cost effectively. Application-focused offerings will empower cloud providers to move up the value chain, become increasingly interconnected with their customers and gain stronger competitive differentiation.

To learn more about the application economy – and the threats and opportunities it presents for service providers – be sure to download the white paper How the Application Economy will Make & Break Service Provider Businesses.