Selecting Right Technology For Your Enterprise Mobile Solution

Selecting Right Technology For Your Enterprise Mobile Solution

The main purpose behind writing this article is to focus on the different variants of mobile technologies present in the market.

The mobile market has been quite crazy over the last 5 years. We have seen too many trends, techniques and technologies emerging and dissolving over the period of time. This article assumes that you are a mobile app developer who wishes to choose the best technology for his Enterprise Mobile Solution.

Let’s go through different mobile development technologies generations one by one and see their advantages/disadvantages.

  • 1st Generation (Native)
    • iOS – Objective C / Swift
    • Android – Java
    • Windows -.NET
    • Advantages
      • Native UX
      • High Performance
      • Hardware and Platform Access
    • Disadvantages
      • Single Platform
      • No Unified Codebase
  • 2nd Generation (Hybrid HTML and JavaScript)
    • PhoneGap
    • Appcelerator
    • Apache Cordova
    • Kony Mobile
    • Advantages
      • Multiple Platform
      • Unified Codebase
    • Disadvantages
      • No Native UX
      • High Performance
      • Hardware and Platform access
  • 3rd Generation 
    • Xamarin
    • React
    • Advantages
      • Multiple Platform
      • Native UX
      • High Performance
      • Unified Codebase
      • Hardware and Platform access

There is a transition from Native, then hybrid and now cross platform. The technology is getting much better and faster day by day.

The native generation is still transition proof and many prefer it over the later two generations. It is because it offers seamless performance, support, and resources. The direct support from Apple and Google is an important factor in selecting these technologies.

The growth in the second generation is stagnant due to the rise of the third generation. People are using Cross Platform (Native) to use a single language for development across platforms and also share more than 40% codebase to reduce time-to-market.

The only factors which help people use the cross-platform app (native) over the normal native apps are code sharing, time-to-market and resource constraints. Those who fall in this category are going towards cross-platforms apps which not only have native UX but also performance.

Also, I see that many still are confused between Hybrid and Cross Platform. Let me tell you, these are completely different kind of technologies. Let’s understand their definition:

Cross Platform:

It is a solution developed to minimize development efforts by compiling the source code for further execution on multiple mobile platforms. But the result of each separate compilation will be an individual executable file. For example, iOS executable file has .ipa extension, and for Android, it is *.apk, etc.


These apps are developed using web technologies like HTML, CSS, Javascript etc. It is an app which runs in a “wrapper” and serves not as a web page, but as a standalone application.

Good professionals are very sensitive to the concept of development, efficiency and productivity and most of them have unique vision “what is good and what is bad?”, but usually, it is all about technology set that use, care and cherish. In general, it may happen that the budget decides everything, so the basic background for the emergence of cross-platform solutions was their benefits to business, namely:

  • Need a single developer who can develop a mobile app and deploy it for different OS. Thus you eliminate a need for full-time developers for every single OS;
  • Difficult to find developers for individual platforms when the business requirement is critical
  • Ease to manage the app versions for different mobile operating systems

Let’s see some key takeaways and considerations to compare Xamarin and Hybrid Mobile App. To understand the difference in a much better way with quantification, I have created a sample app which demonstrates and provides the detailed analysis of the key points as follows.

Key Takeaways:

  1. Cross Platform (Native) app fulfills most of the requirements whereas Hybrid app was unable to deliver on the key piece of functionality without requiring custom Objective-C and Java

  2. Xamarin performs CPU-intensive tasks much faster than Hybrid HTML

  3. Cross Platform Native loaded large datasets faster than Hybrid HTML

  4. Cross Platform Native used less memory than Hybrid HTML

User Experience Key Considerations:

  • Native look and feel
  • Hardware & Platform Access
  • UX Design Capability

Developer Productivity Key Considerations:

  • Volatility of HTML frameworks
  • API Access Extensibility
  • Stack Complexity
  • Strongly-Typed Development
  • Compilation Time


Performance (ms) – to load and display a single page

  1. iOS
    • Xamarin – 1400 ms
    • Hybrid – 2000 ms
  2. Android
    1. Xamarin – 3690 ms
    2. Hybrid – 4502 ms

Compile Time (sec) – to compile the mid-size app

  1. iOS
    • Xamarin 34 sec
    • Hybrid  18 sec
  2. Android
    1. Xamarin 32 sec
    2. Hybrid 25 sec

Code Reuse (%) – considering the basic flows and libraries used

  1. Xamarin Native – 45%
  2. Xamarin Forms – 96%
  3. Hybrid Mobile – 99%

App Size (MB)

  1. iOS
    • Xamarin – 35 MB
    • Hybrid  – 11 MB
  2. Android
    1. Xamarin – 11 MB
    2. Hybrid – 6 MB

TCO Key Considerations

  • UFC (Upfront Cost) vs Maintenance
  • End-UserProductivity App Adoption
  • Agility Costs


The selection of technology for your enterprise solution is a process which consists of various parameters. Some of them are budget, time-to-market, user experience, performance, explicit requirement and code reuse.


Solutions to common issues working with Xamarin

Solutions to common issues working with Xamarin

Hi everyone, I have been thinking to write this article for quite a while now. Being continuously working on Xamarin in-depth and proposing solutions to the clients, you face some common problems. This article focuses on the resolving these issues faced by Xamarin developers and help them for smooth Xamarin Solution.

You may find some problems related to core development and some related to the solution proposal. If you feel anything is missing and needs to be present in this list, feel free to drop a comment and I would be really happy to add it to this list with mentioner’s name.


Problem 1: It may happen that you are unable to access Android SDK as it was installed in the administrator folder and was not having required permission to access it.

Solution: User must have Admin rights to access that folder.

Problem 2: Unable to provide internet access to emulator even after changing the proxy settings.

Solution: You can try to increase the target API level and install the ARM EABI v7a system image for it and then change the proxy settings of the emulator.

Problem 3: Emulator starts and stops immediately. Failed to create Context 0x3005 for an emulator.

Solution: It requires to update the Intel GPU driver.

Problem 4: Unable to use the local database in Xamarin app as it cannot find the physical path of the database file.


Xamarin creates its own database in its APK file as follows:

Set absolute path for folder creation like:

String path = System.Environment.GetFolderPath (System.Environment.SpecialFolder.Personal);

String Applicationfolderpath = System.IO.Path.Combine (path,”Database1”);

Where Database1 is the name of the newly created database

Create the folder path like below:

System.IO.Directory.CreateDirectory (Applicationfolderpath);

Create database in set path like below:

String databasefilename = System.IO.Path.Combine (Applicationfolderpath,”User.db3”);

Where User.db3 is the name of the database file.

SQLite.SQLite3.Config (SQLite.SQLite3.ConfigOption.Serialized);

SQLite.SQLiteConnection Db = null;

Db = new SQLite.SQLiteConnection (databasefilename);

Var res = db.CreateTable<Classname> ();

Problem 5: Unable to provide WCF service on another machine

Solution: Provide service on other machine using IIS manager.

Problem 6: What is the difference between Page and Activity?


  • Page
  1. It is a visual that occupies most or all of the screen and contains a single child.
  2. A Xamarin.Forms.Page represents a View Controller in iOS or a page in Windows iPhone.
  3. On Android each page takes up the screen like an Activity but Xamarin.Forms Pages are not Activity.
  • Activity
  1. Activity represents a screen in an application.
  2. Android Application Architecture doesn’t have a single application instance so there is an aggregation of one or more activities.

 Problem 7: Mac machine is required to develop iOS app on Xamarin


Problem 8: Visual Studio for showing option to select an emulator to debug and run iOS simulator on Windows only


  1. Build the application
  2. Select the emulator from Device Manager
  3. Start the Emulator
  4. Click on the Start button of the Visual Studio
  5. It will then display error as “deployment failed due to fast dev process”
  6. Go to Project=>Properties=>Android application then uncheck the “use FastDev process”
  7. Again click on start
  8. With the latest updates for Xamarin.iOS, you can run iOS simulator on Windows Machine only. To enable this, go to settings and check run emulator on windows option

Problem 9: How to develop iOS app using Visual Studio.


Required Components

For Mac

  • Latest iOS SDK
  • XCode latest version
  • Mac OS X 10.9.4 + or 10.10 above

For Windows

  • Windows 7 or higher
  • Visual Studio 2012 Professional or higher
  • Xamarin’s plugin for Visual Studio

Create Xamarin.forms blank project in Visual Studio. It will then ask for Mac IP or Mac name. Provide the required information and connect it to the Mac machine.

 Problem 10: How to add an application on Google Play Store.


  1. Create the APK file of the application
  2. Navigate to Google Developer Site
  3. Logging into Google Developer Console. If you do not have an account create a new account. The last step in the process of creating a developer account is paying a one-time $25 developer fee using a credit or debit card
  4. Click on the button Add New Application
  5. Initialize APK Upload. Select correct language and write the name of the app as you wish it to appear in the google play store. Then select upload APK button
  6. Click on Upload your first APK to Production button centered on your screen
  7. Select and upload APK file
  8. Navigate to the store listing tab on the left side and write the description in the description box which will appear on the google play store
  9. The next step in the store listing tab is to add screenshots
  10. Then add a store listing icon
  11. The final step on the “Store Listing” page is filling out the categorization, contact details, and privacy policy, located below the icon selection area. Fill out the required fields as you wish and hit save. The “store listing” tab should now have a green check-mark next to it
  12. Click on Price and Distribution tab where you will select paid or free, distribution countries, and check the boxes saying that your app complies with the guidelines and the US export laws. Click on save button
  13. Once all the three tab at the left have a green mark you are then able to select “Publish this app” from the “Ready to Publish” drop-down menu in the top right corner of the developer console. A confirmation bar should appear at the top, stating that your app will appear in the Google Play store in just a few hours

Problem 11: On creating new Xamarin.forms project in Visual Studio it is giving the error “Could not add all required packages to the project.

The following packages failed to install from ‘C:\PROGRAM FILES (X86)\MICROSOFT VISUAL STUDIO 12.0\COMMON7\IDE\EXTENSIONS\XAMARIN\XAMARIN\\Packages'”:

Xamarin.Forms. Could not install package ‘Xamarin.Forms’. You are trying to install this package into a project that targets ‘Xamarin.iOS,Version=v1.0’, but the package does not contain any assembly references or content files that are compatible with that framework. For more information, contact the package author”.


  1. To solve this issue open your visual studio go to tools -> Extensions & Updates -> select updates -> select visual studio gallery then update your NuGet package manager
  2. Update the Visual Studio Version if the updates for it are available. Update it using the same above procedure as for updating NuGet manager

Problem 12: On creating new Xamarin.forms project in Xamarin Studio it is giving the error “Could not add all the required packages to the project”.


  1. Add the xamarin.forms packages
  2. Install PCL libraries. Following is the link to download PCL libraries    00cb3caf4981/
  3. After this reinstall or repair xamarin
  4. In Xamarin Studio, right click on the project select options=>build=>general then change the target framework to that profile which is installed.

Problem 13: Windows application prerequisites and steps.

Solution: Prerequisites for Windows app

  1. You need the latest version of windows
  2. Microsoft Visual Studio: Microsoft Visual Studio 2013 helps you design, code, test, and debug your apps
  3. If you don’t already have Visual Studio 2013, install the free Visual Studio Express 2013 for Windows

If you already have Visual Studio Professional 2013 or a higher edition, get Update 3 for Visual Studio 2013 to add the Windows Phone development tools and other enhancements to your existing installation:

(Optional) Register your Windows phone device for development:

It’s important to test your Windows Phone Store apps on a real phone. Before you can deploy apps to your Windows Phone, you have to register the phone for development.

  1. Connect your phone to your PC.
  2. Run the Developer Phone Registration tool (phonereg.exe).

Register as an app developer:

Now that you’ve installed the tools you need, you need a developer license or a developer account. A developer license is free and lets you develop Store apps, but you need a developer account to sell your apps in the Windows Store and the Windows Phone Store.

  1. To get a developer license, just launch Visual Studio. You’ll be prompted to get a developer license
  2. To get a developer account, go to the Signup

Steps to create a Project:

  1. Make sure you’ve downloaded and installed the Windows Phone SDK
  2. Launch Visual Studio from the Windows Start screen. If the Registration window appears, you can register the product, or you can temporarily dismiss the prompt
  3. Create a new project by selecting the FILE | New | Project menu commandIn the New Project window, expand the installed Visual C# or Visual Basic templates, and then expand Store Apps. Select the Windows Phone Apps
  4. In the list of Windows Phone Apps templates, select the Blank App (Windows Phone)
  5. At the bottom of the New Project window, type MiniBrowser as the Name of the project
  6. Click OK. The new project is created and opens in Visual Studio


Installation instructions for Xamarin

  • Install Java JDK
  • Install Android SDK (Including all API levels)
  • Visual Studio 2012 Professional
  • Install Xamarin Studio

If Xamarin Studio is installed before Visual Studio then Xamarin needs to be reinstalled

Problem 13: When your codebase is on TFS and linked with the local workspace present on Windows machine. How to design UI for iOS apps easily.


  1. It is recommended that you must connect with Mac agent and share your codebase for mac machine user. This will enable that same codebase is present on both machines
  2. Once the codebase is shared, select the main folder and uncheck read-only option if present by any chance
  3. Open the project in Xamarin Studio on Mac
  4. Right click on the Storyboard file inside Xamarin Studio and open it with XCode

The support by iOS designer in Xamarin is not much fast yet and you are always recommended to use XCode to design your iOS app. Once the changes in XCode are done, they are reflected in your Xamarin project

Problem 14: How do I share code in Xamarin Native apps?


You can create .NET class library if you want to share code between iOS and Android apps. It is recommended for a normal mobile app to consume to class libraries like Common Code and Service Connection Code.

If you wish to extend support to Windows Phone as well, then .NET class library does not work there. You are advised to use Portable Class Library (PCL). This library can be used in iOS, Android and Windows Phone Xamarin apps.

Problem 15: What are different types of Xamarin apps and which one should I propose to my client?


  1. If you wish to go native, you can go for Xamarin.iOS, Xamarin.Android and Xamarin.Mac
  2. If you wish to go cross platform with UI sharing, you can go with Xamarin.Forms option
  3. If you wish to develop windows app which works on Windows Phone, Windows 10 then go with Xamarin UWP (Universal Windows Platform) app
  4. Still there are lot of different templates being created as the new versions of Xamarin.Studio are coming up

These were some common problems faced by developers. I am working on Xamarin in depth and would keep on posting some interesting information on this blog regularly. If you have any questions, you can post in comments section.

Thank you.





Continous Integration for iOS and Android apps using Xamarin

Continous Integration for iOS and Android apps using Xamarin

Why Continuous Integration?

In the complex projects, developers and testers (also called as full stack developers in agile methodologies) simultaneously work on their modules. You can imagine several products are getting created in parallel leading to huge amount of integration work in the regular intervals of time. A single change in the development code needs to be checked into the code repository. This delta is then integrated, tested to make sure that the changes didn’t add any defects, hence a stable product, stable build.

This process is called as Continuous Integration (CI). It lets you find defects in the least possible time in the development cycle from the time of their occurrence. It helps to identify code coverage and facilitate the stability of the release build.

Pre-requisites for Xamarin CI using TFS

For this post, we are going to concentrate on using TFS On-Premise Server for Continuous Integration. When using TFS (i.e. configuring Build.vNext), first steps is to log in and configure the agent pools. Agent Pool is called as a collection of several build agents (i.e. services running on the operating system / build server and listens for builds from TFS). This agent pool needs to be created first and then the build agents. It is to be noted that build agents should be free and should also meet the demands of the particular build requested. For example, an iOS build can only be requested to build agent which has Xamarin.iOS capabilities, similarly for Android also. The choice of how many pools or agents you need totally depends on the different projects/purposes.

For the management of the agent pools, you should know below account groups:

  1. Administrator Account Group
  2. Service Account Group

Administrator account group member is allowed to add, remove and configure agents in the pool whereas Service account group only let you run builds.

At first, you need to add your user account in Agent Pool Administrators group by logging into TFS. Later, you can create any number of Agent Pool Service Accounts for the production environment.

CI for Xamarin.Android

This section will address the complete steps required to perform the continuous integration process for Xamarin.Android Native Apps. This will also consist of the process to add the windows build agent to build the source code for a project.

Create and Configure Xamarin.Android Build Agent on Windows

This section will provide you step by step details for creation of Xamarin.Android Build Agent on Windows.

When Build agent receives a build from TFS Server, it executes the steps in the build definition. Currently, you have to use a Windows build agent to build Windows/Windows Phone apps and Xamarin.Android apps and a cross-platform build agent on the Mac to build Xamarin.iOS projects. In the future, the cross-platform build agent should also be able to build Xamarin.Android projects too.

This section will provide you step by step details about different items to be installed on your machine to satisfy it as a Windows Build Agent:

Install below software’s on the build machine.

  1. Xamarin (Latest Version)
  2. Java JDK 1.7
  3. Android SDK (Latest Target Version)

Please note that ANDROID_HOME and JAVA_HOME environment variables should be set to locate the required components and advertise them as capabilities of a build agent. Once done, you need to download the agent from TFS, configure and run the build agent.

For configuration of build agent, you need to create a BuildAgents (or any name with which it makes sense) folder in the C:\ drive to store all of the agents in one machine. You can create AndroidAgent folder in it and extract the agent zip file downloaded from TFS. Once done, open Windows PowerShell as Administrator and run .\ConfigureAgent.ps1, press enter. Fill in the required details for the agent and you are done!

The Windows Build Agent is successfully created with the Xamarin.Android Capabilities. The agent starts as a service in Windows. If you wish to start/stop the agent manually, you can stop the service.

Create Xamarin.Android Build Definition

This section will provide you step by step analysis on the creation of a Build Definition for Xamarin.Android project. It uses Windows Build Agent for creation and deployment of the builds.

  1. Navigate to TFS Team project Home page, click on the Build tab and click Add button to add new build definition
  2. Select Xamarin.Android template and click OK. This will create a new Build Definition with some pre-defined steps

There are different tabs associated with the creation of build definition like Build, Options, Repository, Variables, Triggers, General, Retention and History.

You can modify build steps to build particular Android project present in the TFS Code Repository, sign APK file as a build artifact to TFS. Some more steps are as follows:

  1. For the Target input field, type: PackageForAndroid (this will trigger the build target that will create .APK package once the project is built)
  2. Add Android Signing builds step, check the ‘Sign the APK’ option and enter valid Keystore details as required
  3. Add Publish Build Artifacts step and put ‘Path to Publish’ as $(build.binariesdirectory)\$(BuildConfiguration)

Please note that BuildConfiguration is the variable created under Variables tab which will be used runtime.

  1. Check the Continuous Integration (CI) in Triggers tab or you can schedule the trigger as per your project requirements
  2. Select the Default agent Queue/Pool which is already created
  3. Save the changes and click OK

Once the build definition is created, you can queue new build for the definition and if everything has been configured correctly, your build definition should finish with the message “Build Succeeded”. If failure, you can check logs about the exact cause behind the issue.

CI for Xamarin.iOS

This section will address the complete steps required to perform the continuous integration process for Xamarin.iOS Native Apps. This will also consist of the process to add the windows build agent to build the source code for the project.

Create and Configure Xamarin.iOS Build Agent on Mac OS

This section covers the creation of the cross-platform build agent and configuration for Xamarin.iOS project. The cross-platform agent has been recently introduced along with Visual Studio 2015. This agent can only be configured and executed on Mac OS X and Linux Machines for build definitions created using the Build.vNext tools included in TFS 2015.

Please note that the cross-platform agents are written in Node.js and you can install/update/run them using Node.js.

This section will provide you step by step details about different items to be installed on your machine to satisfy it as a Mac OS X Build Agent:

  1. Install below software’s on the build machine:
  • Xamarin
  • Xcode
  • js
  1. The next step is to install the VSO Agent using the following command in Mac OS X Terminal:

sudo npm install vsoagent-installer –g

If you think that this will create an agent for you, then it is not. This is just going to create a copy which will be used later to create actual agents.

  1. To provide permissions for Node Package Manager, please run below command:

sudo chown –R $USER ~/.npm

  1. It is recommended to create a BuildAgents folder in the root of your Macintosh HD partition to store all of the agents you wish to create (you can have multiple agents running on the same machine). Inside this BuildAgents folder, create another folder called Agent1 (or whatever you want to name your build agent). You can create these folders using the Finder
  2. Install the VSO agent in the folder you created and run ./ file to start configuration
  3. The console will ask following questions to configure the cross-platform build agent on Mac OS X:
    1. Enter alternative username: You need to enter the username of the account that was configured to administer build agents earlier
    2. Enter alternative password: Enter the corresponding password for the account chosen in the previous step
    3. Enter server URL: You need to enter the TFS URL
    4. Enter Authentication Type: Click enter to continue
    5. Enter agent name: You can use whatever name you want to here. This name is to identify agent in the agent pool
    6. Enter agent pool name: This allows you to add an agent to a specific pool which is already available in TFS. If you do not pass this value, the agent will be added to the default pool

The cross-platform build agent is now successfully configured with Xamarin.iOS capabilities. Run ./ to start the agent as a service. Do not close the Terminal window until you want to stop the build agent. You can stop the build agent by pressing Ctrl-C.

Create Xamarin.iOS Build Definition

This section will provide you step by step analysis on the creation of a Build Definition for Xamarin.iOS project. It uses Mac OS X Build Agent for creation and deployment of the builds:

  1. Navigate to TFS Team project Home page, click on the Build tab and click Add button to add new build definition
  2. Select Xamarin.iOS template and click OK. This will create a new Build Definition with some pre-defined steps

Most of the steps mentioned in the build definition for Android are pretty similar.

You can modify build steps to build particular iOS project present in the TFS Code Repository. You need to modify Xamarin.iOS build steps so the build agent will build the solution and upload the .ipa package that is created as a build artifact to TFS. Some more steps are as follows:

  1. Click on ‘Add Build Step…’ and select ‘Publish Build Artifacts’ item
  2. Looking at the new ‘Publish Build Artifacts’ build step, In the ‘Copy Root’ input field type: $(build.binariesdirectory)\$(BuildConfiguration)
  3. Check the Continuous Integration (CI) in Triggers tab or you can schedule the trigger as per your project requirements
  4. Select the Default agent Queue/Pool which is already created
  5. Save the changes and click OK

Once the build definition is created, you can queue new build for the definition and if everything has been configured correctly, your build definition should finish with the message “Build Succeeded”. If failure, you can check logs about the exact cause behind the issue.

This way your Continous Integration System for both Android and iOS apps using Xamarin can be set up. I will cover more details about Xamarin in coming posts.

Security aspects in Mobile Banking

Security aspects in Mobile Banking

In the last article, I covered Mobile Payments. This article focuses on a specific area in mobile payments i.e. security aspects in mobile banking. Security is a crucial parameter in all mobile banking transactions. Let’s check out some parameters which play important role in secure mobile banking:

  1. Authorization: The authenticated users access only to business functionality to which they are allowed. Once authenticated, app should check with cloud to determine if the user has required access to data or not
  2. Data Confidentiality: The sensitive data should always be kept in RAM (memory) rather than disk. The application must not store any sensitive data on the file system. Sensitive information should not be leaked through logs and error messages. The cache manager should clear the data when the application operates in the background
  3. Authentication: There should be strong authentication mechanism. The Multistep authentication is recommended. An additional recommendation is to check for user location using a GPS during authentication
  4. Secure Operating Systems: It is necessary to detect if the application is running on a jail-broken/rooted/malware-infected device. An app should make the decision to close itself if system is found guilty
  5. Encrypted Connections: All the connections initiated by the app should be encrypted for safety. HTTPS protocol should be used to connect to the cloud. A white list of IP addresses and domain names should be maintained on the device side to prevent apps from talking to other domains not specified on the white list
  6. Prevent Local Data Transfer: Banking application should prevent the data from being locally transferred to other installed apps (e.g., copying it or sending it to an unauthorized external application) by disabling the long press on the sensitive UI fields and by remove the data from the clipboard when the app operates in the background. This will ensure restriction for data sharing
  7. Secure cleanup after log-off: The secure objects which are involved in the app (For example: account data, user information, any network requests already made but waiting for response etc.) should be wiped off securely when a log-off is triggered. The application should be forced to quit if application tampering is detected
  8. Preprocessing: All the plain-test resources present in the app bundle should be eliminated. This will prevent hackers from gathering information from app internals. The symbol table should be stripped, thus leaving only unresolved symbols and forcing an attacker to trawl for data in the runtime code, decrypt the binary or use more complex debugger tactics to obtain a map of the application symbols for class names, methods, and function names
  9. Tamper Detection: The application should check to see if it is getting tracked by someone else. For example, debug flags can be checked to determine if the application is being debugged. An app must prevent debuggers from attaching to it (e.g., to read sensitive data from memory in use by another running application). This can be done by defining a debuggable property to false in android manifest file
  10. Root Certificate Check: For secure communications with the cloud, SSL certificate should be bundled with an app. This certificate is required to see if it is signed by the respective authority. If the certificate is not signed, then the app should be closed.
  11. Blacklisting older version apps: It should be possible to block certain older versions of the app on the back-end server if there is a security breach. If an app version is blacklisted, then the user will receive an error message and be asked to upgrade the app. This is ultimately beneficial for users for secure transaction
  12. Security Logging: All the security events which are going on inside the application should be logged locally and then sent to cloud (back-end server) periodically for later analysis. During log-off, the device data is sent to the server to ensure no confidential data remains on the device
  13. Encrypted Assets: All the important data files like property file, configuration file should be hidden and encrypted
  14. Anti-pharming Protection: App should always check the hostname lookup with DNS resolves to the whitelisted IP address. This will ensure that app does not redirect to any malicious server in between

This was just an overview of security in mobile banking. If you have any other important points which I missed here, please enlist in the comments.


All you need to know about Mobile Payments

All you need to know about Mobile Payments

Mobile is everything.

I hope that every single person would agree on above statement. Every single thing personal computer is capable of doing from several years is almost possible on mobile devices these days. Mobile payments are willing to make their mark too. The new tech generation is all about mobiles and gadgets.

I have been doing research on mobile payments for quite a while and wish to share some analysis in this exciting space.

Below is the scenario of a day in the life of Mr. Chuck Norris. From morning to night, most of the payment transactions initiated from mobile.

You can check the mobile payment segmentation done below based on the category of payments i.e. remote and local (proximity) payments. You can clearly see which payments fall in what category.

Let’s dive into the top five categories of mobile payments:

  1. Mobile at Point of Sale: Mobile Wallet
  2. Mobile as Point of Sale: —Use mobile device to process credit card payments
  3. Direct Mobile Billing: Put it on my phone bill
  4. Closed loop mobile payments: Pay via mobile devices only at a specific vendor and only against an established account balance
  5. Mobile Payment Platform: —This is the “everything else” mobile payment. Think of it as a “catch-all” category for products that let consumers send money to merchants, or even each other (called as P2P), all while using mobile devices. It might be at the POS, it might be online, it might use text messages or even NFC (Near-Field Communications) someday

Mobile payments are one of the hottest topics of the last year. There’s been a tremendous investment that is going on in this area. Let us check out some of the trends and technologies which are essential for any mobile payment system:

  • —Security and Biometrics
  1. —[Tech Giant]Pay
  2. —Relying on NFC, Tokenization, SE, EMV, HCE, Fingerprint Reader, Biometrics and other different technologies to provide seamless and secure options for users
  • —Offer better deal and experience
  1. Redesign the bridge for retailers to offer their products to customers and how consumers pay for their retail purchases
  2. —Consider a scenario wherein instead of walking into a coffee shop to buy a cup of coffee, users will receive an offer for a better deal, such as 12 cups of coffee or the price of 10, which they can purchase in advance and redeem whenever they like
  • —Make payments easier
  1. —Transfer the money directly to your friends account with the help of an app
  2. —Pay to a merchant in a quickest possible way. For example: Using Touch ID (biometrics), one-touch payment services etc.
  3. —Example: When you’re out with a group of friends and struggling to split the bill. These apps streamline that by enabling one person to pay for a credit card and everyone else to pitch in via an app

The common mobile payment technologies used by different companies are:

  •  NFC – To make an NFC payment one needs to bring the NFC device close to POS terminal where NFC capable device recognizes the POS device. It uses a token using the POS provided data and a secure element and expected to be default mode of payment currently
  • —QR codes – —Most of the smartphones have cameras with the ability to scan and read QR codes. This method is extensively used in mobile payments. There are basically 2 types of QR code payments that can be made:
  1. —Receive a QR code on your phone and get it scanned at the counter: In this case, the customer needs to have a payment app installed in the mobile phone, which will generate a QR code for the payment transaction. This QR code can be scanned using a barcode reader by a cashier to process the payment
  2. —Scan the QR code at the counter and make the payment: In this case, the customer needs to have a payment app installed in the mobile phone, which can read the QR code and process payment for the same
  •  —MST (Magnetic Secure Transmission) – —This method generates changing magnetic fields over a short period of time that emulates the same magnetic field change as when a card is swiped across the read head that emulates the same magnetic field change as when a card is swiped across the read head. This technology is owned by LoopPay which is taken over by Samsung. Samsung Galaxy S6 supports MST
  • —STK (SIM Application Toolkit) 
  1. —Securely store the IMSI which identifies the subscriber uniquely
  2. —Wrapper on top of the SIM technology, this enables the mobile service provider to provide the user with a menu based technology that is used for various services including mobile payments
  3. Examples: —M-Pesa by Safaricom
  • —Mobile Card Reader – —Can be attached to any smartphone enabling the smartphones to make payments through cards

As you have seen, there are many technologies and applications already present in the market but still there are very less number of people who actually make use of these. The consumer traction ratio is way below expected. This is mainly due to less awareness and security. Let us look out some of the key factors required for success in mobile payments.

User convenience:

  •  —Enormous Freedom to pay for goods and services via mobiles devices for consumers
  • —It is important to provide a similar user experience for the validation of the mobile transaction
  • —Improve acceptance of payment transactions that are free of slowdowns, delays and re-entry of the same data into different platforms for the same purchase

Perception of security and trust

  • —Allow organizations to take full advantage of the business opportunities while at the same time giving end users confidence in the security of the service
  • —End users must trust the payment service provider behind the solution

—Payment Processor – —To make a mobile payment app successful, it should be noted that the payment processor should be chosen appropriately. This would make sure proper PCI compliance handling ensuring security to every transaction via mobile device

—Lookers to Bookers – —A process that improves the conversion of interested consumers into paying customers

—Range of Payment methods:

—Support a range of alternate payment methods and digital wallets (former, current and future), including Android Pay, Apple Pay, Samsung Pay, Master Pass, Visa Checkout, Amex Express Checkout, M-Pesa, prepaid cards and others

—Make it easy to buy from you, and passengers will turn to you first for whatever they need.

Development Oriented Trends


—Braintree SDK provides an easy to use the collection of APIs for adding native payments to iOS/Android mobile apps. The Venmo touch network provided by Braintree technology allows a user to make a one-tap purchase without having to input the credit card information over and over again.

—Stripe APIs are developer-friendly and robust. Sensitive card data security is accomplished by converting the information on the card to tokens on their Stripe servers. One can charge these tokens later in your server-side code.

PayPal API and Square Connect API are also extensively used.

Market Opportunity

Let’s take a look at different opportunities in mobile payments market –

  • —Gartner predicts mobile payments will grow at a rate of 30% per year from 2013 through 2018 – to reach more than $900 billion in 2018
  • —1.09 billion people will be making mobile proximity payments globally by 2019, of which 939.10 million will be made through NFC
  • —A Focus on providing merchants with Multichannel Payment Services
  • —Exciting market ahead for P2P service providers e.g. PayPal’s Venmo and services from Facebook, Google etc.
  • —Payment through wallets using NFC, tokenization, biometrics because mobile devices will be a mainstream option for person-to-person or person-to-business payments
  • —Cryptocurrencies. E.g. Bitcoin, Litecoin but still in the early phases
  • —One touch mobile payments e.g. PayPal/BrainTree provides One touch service to more than 10 million consumers today
  • —Support for loyalty cards and strong security
  • —Using Touch ID for Apple Pay transactions

Let us look at some of the popular applications which are used for mobile payments.

  1.   Apple Pay
  2.   Google Wallet
  3.   Android Pay
  4.   PayPal
  5.   Venmo
  6.   Facebook Messenger
  7.   LoopPay / SamsungPay
  8.   BlockChain
  9.   PayFroit
  10.   Merchant Customer Exchange
  11.   Square Cash

Applications in different sectors:

—Healthcare – —The mobile payments industry is expected to reach $142 billion by 2019, and healthcare providers are beginning to position themselves to embrace the mobile space. Health care providers may benefit from the advent of mobile commerce as it will make them more accommodating to consumers and give them access to a growing mobile consumer-base

—Finance – —Google partnered with Citi Group to develop the Google Wallet NFC-based mobile payment system —PayPal, which is now a de-facto member of the financial institution club, has announced the development of proprietary NFC-based P2P system built on a Nexus S Android device. —In the UK, O2 has partnered with Barclay’s Bank to launch the O2 Money initiative.

—Telecom – —Many telecommunications companies are showing an increasing interest in developing mobile solutions for financial services. —The fourth major player in the US cellular network arena, Sprint, has launched its proprietary Sprint Mobile Wallet service in partnership with Cardinal Commerce payment processors.

Companies are looking to invest more and more in mobile payments and finding out innovative approaches not only for the consumer but also for the business users to make payments. To give you an example, Google has come up with an exciting innovative approach to making payments. It is named as “Hands-Free Payments” method. After installing the Hands-Free app for Android or iOS, you’ll add a photo of yourself for identification and either add a credit/debit card or choose one that’s attached to your Google account. Once that’s all done and you’ve rendezvoused with a cashier, mention you’re paying with Google — the app uses Bluetooth LE and WiFi (among other things) to tell whether you’re in a store equipped for Hands-Free payments and passes your information along to the cashier’s point-of-sale system. The cashier confirms you are who you say you are using that photo and your initials, and that’s that. Payment complete.

This is fascinating. Though this sounds quick, there are a lot of complexities involved in this and Google is claiming to take care of them.

Yeah, this is a vast domain and many things are still yet to be researched. As I get my hands dirty with them, I will write an article in continuation with this one.

Hoping for the better mobile payment year this time!

Impact of IoT on Life Sciences and Health Care

Impact of IoT on Life Sciences and Health Care

Everyone is talking about Internet of Things (IoT) and all its promises to the businesses and consumers, from marketers to IT professionals.

As you guessed it right, health care providers have still lagged behind other industries in adopting IoT innovations and to use available customer data to decision making. Though it is true that the required shift is slowly taking place. Let’s take some time to explore the possibilities in IoT over healthcare industry.

  1. Efficiency and Cost: In the healthcare provider space, leveraging technological advances from remote healthcare monitoring is becoming immensely possible . It is feasible to measure a patient’s medical condition in real time and share this information with the doctors with greater efficiency. In industries like healthcare and life sciences, IoT can potentially help bring down costs across the system. To give you one use case, the bar code on every soda can when scanned can provide info ASAP and it is made visible to the makers. Cool right? The most important thing is that IoT gets the visibility for healthcare. There are several reasons to take this move further. As perthis report of U.S Healthcare given by Goldman, Sachs & Co , the “digital revolution” using IoT can save over $300 billion in healthcare. This is massive if achieved. But how will that be broken down? Imagine more sensor devices will be involved which would mean more patient monitoring for chronic issues. This will make sure better and large scale remote patient monitoring which will bring down checkups and unnecessary appointments. This will also take their role in cost reduction.
  2. Products data: If you look inside the big pharmaceutical companies, the amount of obsolescence within these organisations is beyond imagination. Their inventory is massive. To manage it, one need to make major changes and move healthcare industry of other industries. IoT promises to provide trail regulators to get more real time view of the patient experience and collect data.
  3. Effective care: IoT-enabled devices can provide remote data from equipment like fetal monitors and electrocardiographs, among others. The information about temperatures, heart rates, and glucose levels can be automatically transmitted in real time with the help of wearable devices. This helps hospitals operate more efficiently and patients receive better care. All this required important data can help monitor patient’s sleep and exercise patterns and even lead to determine their percentage risk for heart attack or stroke
  4. Empowering patients: Imagine the days when you are allowed to get expert medical advice without going to the doctor? There could be some sensors which are connected using Telehealth (Telehealth is the delivery of healthcare treatment and information through telecommunications technologies. At its most advanced level, this could theoretically allow surgeons to perform surgeries remotely) which can let actual doctor access without the waiting rooms. This integration could also be useful when it comes to behavior modification, as providers would have new tools to use when encouraging healthier lifestyles for patients

Here are a few key challenges facing this union:

  • Data Security: Security is a huge topic of discussion for using IoT for healthcare and life sciences domain. If the number of Internet-connected devices are increased, which is the expected, the number of entry points into data systems will also be increased. These data systems consist of sensitive patient healthcare and financial information which are very lucrative for cyber-attackers. I think that this is the major reason why healthcare is lagging behind other industries in terms of IoT. The Healthcare organizations absolutely must have security at top of mind to look ahead to the IoT.
  • Mobile hesitation: IoT involves mobile devices on majority but what (or whom) they’re connected to still counts for something. If there is provider hesitation or confusion during any part of the patient data-handling process, care could suffer or breaches could occur. Some health IT departments and physicians have struggled to handle all that data coming in. Given the mobile, BYOD healthcare culture, substantial data handling training is requiredthroughout an organization, not just at the top.
  • Vendor Consistency: Can you tell me what are the communication standards and protocols for all these new medical wearables and other IoT-ready devices? No? It is problem. The different medical device vendors have not agreed on them yet. Inside a particular hospital, different vendor medical devices are used which are raising questions of propriety and consistency

I would like to quote here one research done by MIT fellow to replace bandage with an electronic bandage which can heal bounds mush faster. You can get more details about this research from here.

This article covered the possibilities and challenges of using IoT in healthcare. As this is vast domain, there are numerous steps already taken using IoT in healthcare. These would be part of the next article on this topic as per plan.

Weather forecast for Mobility in 2016

Weather forecast for Mobility in 2016

This post covers the emerging or the extension of the current mobile trends in the upcoming year 2016.

Everyone would agree to the fact that mobile is our future. Has anyone of you given a thought behind different things in mobility which are really worth to be considered as the emerging trends or can bring the disruption?

Today, there are almost 6.8 billion mobile phone subscriptions for seven billion on this earth and it took 20 years for it. Mobile world has revolved round the earth and every single person (assuming rest 0.2 billion people will get mobile in 2016) has mobile and a cellular subscription. Most of these people have smartphones, they are into every corner of the world – thus connecting world. Does that mean that mobile revolution is over? I feel it is definitely NOT.

It is true that the mobile markets are nearing the maturity level, everywhere you will find smartphones in dozens. We have tons of apps over different app stores and people are using them. So, what would be see more of it in 2016 and later on? Maybe smart apps? Mostly likely.

Today, most of the people are literally living, working, and exploring on mobile. Mobile has become addictive for many. As 2016 approaches, the most powerful developments in the mobile marketing space will be the ones that serve customers with customized and amazing experiences that actually enhance their lives. There are different trends which can shape to build long-terms relationship with clients through mobility space:

Reform business in Mobile

Mobile has forced business to adapt to a new marketing approach i.e personalized buying experience according to consumer needs. Each business can now use the mobile platform to reach out to their customers and offer new products and services based on the financial and non-financial constraints. The industries which are reluctant to shift to mobility have no choice but to shift to mobile because of the competitors.

The reformation of business in mobile, people/employees can become more productive and efficient by working from anywhere, anytime. This is very crucial for sales people to automate information and show presentations to the client with images, videos to snap the deal. Even the mobile interface between company and employees has been a great way reform the engagement. We would see every part of every business going mobile way in buying and selling process.

Mobile-First strategy

As “mobile-first” becomes the norm for every age group, consumers from all over the world have captured their interest in mobiles. One can do everything using mobiles like face-to-face interaction, e-mail, SMS, CRUD documents etc. This mobile trend has accelerated across all the businesses. It will be interesting to see how these businesses successfully market and monetize their mobility to consumers?

We have seen Flipkart go with Mobile-only strategy this year but then in November, they came up with Flipkart-Lite app to show support on mobile web too. You might have heard that Google ranks pages in its search engine based on their compatibility with mobile. The higher the mobile compatibility, the higher the page rank for your pages. You can read more about this in Business News Daily.

Internet of Things

This is the future for almost 10 years from now on. The apps are getting smarter and linked with plethora of different endpoints like gadgets, vehicles and personal electronic equipment’s etc. Moreover, by 2020, the number of devices alive on internet will reach to whopping 40 billion. I have written a separate post on internet of things. You can check it here.

Mobile Video Ads

Facebook and Twitter has started playing videos automatically so that users present on Facebook. Video Ads on Mobile has many challenges though it looks simple and promising.

According to the survey, around 8 second video ad is best suited for mobile assuming that you don’t have a skip ad option. I feel that most of the companies will struggle to tell about brand in 8 seconds and mold their ready-made ads i.e. traditional 30 and 60 second ads to shorter promos. The research firm expects mobile video advertising to hit $2.6 billion this year.

Video ads on social media will become more prevalent. Google is also planning to incorporate video ads in search results to make it more appealing and eye-catching for users.

Growth in Advertising on Social

As you might be aware about ‘buy’ button introduced by Facebook and Pinterest this year for advertisers and users. I feel that we are going to see more of it in coming year. The mobile users can see this button with a sponsored post on Facebook and Pinterest and people can actually purchase the product using one click without leaving the mobile app. This has started and many other social platforms will also follow them just like mentioned here.

Mobile Commerce

As seen above, Business Insider conducted survey about monthly visitors across retails websites and it is found out that mobile only percentage has surpassed desktop. There are high chances that desktop only will get diminished over the next 2 years.

Virtual Reality

Are you aware about this new technology called as Virtual Reality? It is a computer simulated programming concept which can simulate your presence the real world. Google has introduced Google Cardboard, which lets Android and iPhone users sample the virtual reality experience in an easy and relatively inexpensive way. There is no need to invest in expensive VR headsets for development. If Google Cardboard succeeds then companies will be able to let customers experience their products  before they buy. In fact, some brands are already on board.

There are lot many small but exciting stuff coming in new year. Stay tuned for more updates on this front.