June 26th, 2014

APIs in the Connected Car: APIdays San Francisco

APIdays SFToday, I’m going to share some rather opinionated thoughts about APIs and the connected car. My opinions on this subject sprang from a combination of real-world experience plus (informed) speculation and came together as I prepared a talk for APIdays San Francisco.

The connected car is widely recognized as a game changer for the automotive industry. Experts all agree that just selling cars is a thing of the past. Mobility, connectivity and in-car user-experience will be leading decision considerations for car sales. Right now, automotive manufacturers, content providers and app developers are all competing to take a leading role in the connected car space. This is a matter of survival. Winners of the competition will be richly rewarded; the losers may sink into oblivion.

Car manufacturers seem understandably determined to dominate the connected car space. But this space is inherently shared with device manufacturers, content providers and app developers. Take away any one participant and you no longer have a sustainable ecosystem. If the automotive sector is not prepared to work with and accommodate the needs of other stakeholders, then no one will win. There are three things the industry can do to make things significantly better right away.

1. Implement a Standard Hypermedia Type for Automotive APIs
Right now, every car manufacturer wants to do its own thing and sees originality as a key to differentiation. This is a fallacy. There are way too many car manufacturers for content providers and app developers to keep up with the variety. Some have suggested that all manufacturers should just deploy Android as the base OS. I personally doubt they will all be able to agree on something as fundamental as the core OS. We should shoot for something much more realistic.

This is where hypermedia comes in. The most distributed system ever built — the World Wide Web — uses a hypermedia type (HTML) as its engine. There is a great opportunity to create a hypermedia format for car APIs that will energize the space just like HTML did for the Web. I believe this format could be based on an existing, generic type such as: Uber, HAL or Siren. This would be similar to the way the Collection.Document type was created for the news media industry, based on Collection.json.

2. Adopt a Standard API Security & Identity System
The prospect of connected cars getting hacked creates enormous anxiety. But connected car security can be addressed quite simply by adopting a security framework based around compartmentalization and standards-based access control.

In this context, “compartmentalization” means that core functions of the vehicle should be highly guarded. Specifically, no third-party app should have access to core driving functions like handling and braking. Meanwhile, a standards-based access control framework like OAuth will provide secure, granular access to specific system features. This would be similar to the way mobile apps currently ask for access to other parts of the device (GPs, contacts etc.)

3. Enable App Developers
Currently, only the lucky few are able to develop apps for connected cars. Generally, these are app vendors that have formal partnerships with car manufacturers. In most cases, developers can’t even get access to API documentation without a group of lawyers signing stacks of papers. The connected car space will not develop if it remains a tightly-held, closed system. On the contrary, manufacturers must build developer communities by providing the things that developers require: documentation; self-service portals; sandboxes; SDKs etc.

But That’s Not All
These are three immediate steps that can be taken to improve the connected car space significantly but as the space develops, we will have to focus not only on immediate requirements but also on the big picture. The connected car is a special case of the Internet of Things (IoT). The context of IoT is different enough that it requires a fundamentally different approach to system design and architecture. Hopefully, I will be able to delve into this context more in future.

Another aspect of the big picture is a good deal simpler: fun. If this space is going to develop as it should, manufacturers will have to make it fun for developers to experiment with the potential of automotive connectivity.

So, have fun out there!

June 6th, 2014

APIs Fueling the Connected Car Opportunity

APIs Fueling the Connected Car OpportunityI just attended the Telematics Detroit 2014 conference, which was abuzz with mobile connectivity sessions and workshops. But the mobile conversation at this event was entirely in the context of the connected car, as opposed to the mobile phone.

The connected car has emerged as a real-world illustration of the opportunities presented to businesses and consumers by the Internet of Things (IoT). And – as you probably know – IoT is a hot topic right now.

Thilo Koslowski, Vice President & Distinguished Analyst at Gartner, who is known for his prediction making, claimed the car will be the most innovative and exciting mobile platform over the next 10-to-15 years. A bold statement but this goal is achievable and very much within reach.

The automobile industry has already made great strides and is quickly leveraging the business advantages offered by the digital economy. What once was considered to be a telematics and roadside assistance market has quickly transformed into fertile ground for mobile app development, with broad connectivity opportunities that will enhance the consumer’s overall digital lifestyle while delivering auto manufacturer efficiencies throughout the entire value chain.

While consumers continue to demand somewhat standard connectivity features such as navigation, maps and parking location services, there’s also a significant demand for advanced connectivity features such as the ability to make payments directly from the vehicle, remotely start the car or receive diagnostic information on a mobile device. There is also a willingness to share data with third parties, especially if this results in a better driving experience or cost savings.

But data sharing has privacy implications in this context, which could become a significant roadblock. A Gartner survey of automobile consumers uncovered that 61% respondents would not opt-in if too much information was taken. So, enabling this new world of connectivity in auto requires a balanced approach. Consumers want the convenience and personalized experience that connectivity offers but only if it doesn’t impact their rights and freedoms.

That’s where a proper API strategy makes a difference. APIs will become fundamental to any connected car strategy by enabling an ecosystem of drivers, vehicles and partners to share data in a way that will improve the consumer experience through better digital design, engagement and security.

To learn more, please read our new eBook: APIs Fueling the Connected Car Opportunity. This document outlines a number of key connected car use cases and explains how the proper API security and management solution will enable you to meet your connected car business and security objectives.

June 4th, 2014

The Right Connected Car App Experience

Connected CarLike most connected things these days, the connected car is powered by APIs. A rich connected car application ecosystem – running on both mobile devices and in-car infotainment systems – is seen as a key to customer loyalty. Car manufacturers and car service providers are hard at work developing a connected car experience that will “stick” over time.

As well as enabling new user experiences, connected car APIs unlock data that offers tremendous business value, powering partnerships with insurance companies and law enforcement, enabling new use cases around traffic management and urban planning. You can read about some of these use cases in our eBook, APIs Fueling the Connected Car Opportunity.

I’ll be at the Telematics Detroit 2014 conference this week, where I will be speaking about the need for secure APIs to power the connected car – starting at 4:35pm on Thursday. Earlier that day, live from the conference, I’ll be joining CA Layer 7’s latest API Tech Talk, The Connected Car, IoT, Apps & OAuth, which starts at 9am PDT.

If you’re attending the show, please stop by the Layer 7 booth (#118) to learn more about how APIs enable connected car use cases (and enter to win some Bose speakers!) If you can’t make it to the show, be sure to join the Tech Talk, where you’ll be able to get your connected car questions answered live. And if you can’t make that, you can always read the eBook.