SAP Mobile Applications

App Development in a Mobile World: A CIO Handbook A High-Level Look at Mobile Strategy, App Development Deployment and More...? Table of Contents

3 Introduction 15 SECTION 3: Deploy and Manage Mobile Apps 4 SECTION 1: Guiding Mobile Initiatives The Mobile Platform Advantage Directing Results-driven Mobile Initiatives Proof Point for Platform- based Mobile Strategy Creating a Mobile Strategy Deployment Scenarios: On-Premise vs. Cloud Reaching Customers with Business to Con- Checklist for sumer (B2C) apps Platform that Supports B2C, B2B, and B2E Engaging your Work- Apps force with Business to Employee (B2E) apps 20 SECTION 4: Achieve Best Practices 8 SECTION 2: Developing Mobile Apps App Development Methods – Moving From Mobile App Architec- Concept to Launch tures Managing the App Aligning the Architec- Lifecycle ture to the Use Case Save Time and Money Matching App Functions to Device Forms Setup a Mobility Center of Excellence. Building Secure Apps with Authentication The Mobile Developer 22 SECTION 5: Finding Toolbox: Frameworks SAP Resources and Developer Environ- How Can SAP Support ments My Mobile Initiatives? App Enhancements with See How SAP Custom- SDKs ers Run Their Business- Adding Value with Data es Better With Mobile Integration Learn More with SAP The Case for Using Mobile Resources OData for Data Integra- tion Introduction

As a senior stakeholder driving mobile initiatives in your organization, you may be lost in a sea of technologies and claims from vendors promising rapid delivery of applications to your employees, customers and partners.

Local Storage Native Swipe Gradient M2M RDC Device Management

JavaScript iOS Integration NFC Kiosk Local Storage

Augmented Reality MeeGo MCAP Connectivity MMS Sync Kiosk Scalability MEAP mPayments Session Management MDM M2M Reliability Hybrid

UX Tethered HTML5 Cloud mMoney Sync Android GeoLocation Tablet Transition WebOS LBS BYOD CSS APIs JavaScript Authentication Future-proof SMS GPS Windows Mobile LUA BlackBerryOS Apps Animation Symbian Gesture Accelerometer Open Standards App Cache SDK mBanking On Premise Security Enterprise App Store

To help explain some of the topics you will need to be aware of, and to separate the must-haves from the nice-to-haves, SAP has developed the App Development in a Mobile World: A CIO Handbook - a reference guide for applying a mobile strategy in the context of application architectures, best practices and resources available to help you.

This eBook is divided into five sections:

•• Directing Result-Driven Mobile Initiatives: Mobile strategy, use cases, and factors to consider •• Developing Mobile Apps: How to choose the right architecture for your use case, tools you can use •• Deploying and Managing Mobile Apps: Platform-based approach vs. point solutions •• Best Practices: How to save time and money, and get the most from your mobile strategy •• Finding SAP Resources: Assets to help in your planning

As you research options for every part of your mobile lifecycle and build out the material to support your decisions, we hope you find this eBook to be a helpful reference.

App Development in a Mobile World 3 SECTION 1: Guiding Mobile Initiatives

DIRECTING RESULTS-DRIVEN the mobile needs means near-certain CREATING A MOBILE STRATEGY MOBILE INITIATIVES failure for most mobile projects. If mobile projects are slow to launch, difficult to Mobile is introducing sweeping changes Mobile apps have moved from nice-to- support, or racking up unexpected costs, throughout your workplace. Bringing have additions to must-have business this guide will have suggestions for your organization into the mobile age tools as consumers and employees turn moving your mobile plans onto a more demands a mobility center of excellence from laptops and desktops to their successful path. led by a chief mobile officer. This execu- and tablets. Marketing, tive leads mobile initiatives, and most sales, retail, HR, business development, This guide outlines key concepts and importantly bridges the gap between and other lines of business want mobile methodologies for app development that business and technology, providing the apps that give them anywhere, anytime will speed your mobile initiatives. You will direction for mobility throughout the access to business data. Consumers find guidance for creating a strategy, organization. expect apps designed around their insight into different app architectures, favorite brand-name products and development methodologies, deploy- services. ment options, and more. If you’re a CIO new to mobile or your mobile projects This demand, coupled with the fact that are slow to launch, difficult to support, or most organizations don’t have dedicated racking up unexpected costs, this guide resources that can focus on addressing will have suggestions for moving your mobile plans onto a more successful track.

The first order of business for the chief mobile officer is creating a mobile strategy that details the following eight items:

Mobile Vision Document the mobile vision (beyond devices and features) and align it with business strategy. Avoid misperceptions by incorporating input from stakeholders (users, lines of business leaders, and IT) to discover the business drivers, benefits, and expectations of mobile in your organization.

Innovation Identify mobile potential through user-centric methods (Design Thinking) to illustrate how mobile will bring innovation to the organization. For more information on Design Thinking, please review the white paper and video.

Use Cases Establish a two-year plan that describes use cases, prioritization (value/need versus feasibility/ effort), standard plus specialized apps, and initial quick wins that deliver high value.

Implementation Select a build, buy, rent, or combination approach based on existing infrastructure, skills, development, projects, and operations.

Architecture and Specify the app architectures that best support your mobile apps while ensuring Technology standardization and flexibility. Evaluate a platform concept that considers the back-end systems and future needs (scalability, reusability, user growth, new functionality). Establish guidelines for OS, devices, and functionality (features, sensors, offline, and more).

4 App Development in a Mobile World SECTION 1: Guiding Mobile Initiatives

Identify and assess general risk factors and for specific use cases, include awareness and Risk and Security compliance considerations.

Identify mobile team and list skills and experience required (development, operations, Team Building administration), note specific skill gaps, and draft a skill development roadmap.

Define a communication framework to share mobile news and advancements throughout the Transformation organization.

The following can be used as a starting Today’s consumer smartphone rarely With such huge potential, there was a outline for the mobile strategy suffers from neglect. According to a time where many businesses rushed to document: recent Harris poll1 nearly 60% of users be in the App Store without investing a won’t go an hour without checking their lot of time in fine tuning the user experi- •• Vision and mission smartphone; 74% of 18–34 year-olds use ence. Many pundits refer to those not- •• Use cases and business processes them before going to bed or immediately too-distant-past days as the (consumer) impacted upon waking up. You can take advantage “app bubble”. While consumer smart- •• Business value and benefits of this always-on behavior to expand phone use continues to increase, the •• Architecture and technology your business’ reach. level of sophistication and expectations •• Risk and security of users has risen too. A key metric to •• Governance and organization An important point to consider is that consider is the “app abandonment” rate. •• Skills and transformation even if your target audience has adopted A recent study3 shows that while 79% of •• Consolidated roadmap the always-on usage mode, you will need consumers will try an app a second time to deliver value to them in your app so after it fails to impress, the rate drops to If you are just getting started on your that they will incorporate it into their 16% for trying the app a third time. Here mobile strategy or have an initial strate- daily habit pattern. The following are a are a few examples for “hooking” your gy and are starting on detailed planning, few key use cases that popular apps customers the first time: SAP has service offerings to help out. incorporate: •• Consider banking applications that REACHING CUSTOMERS WITH •• Provide useful information about your allow users to make a deposit simply BUSINESS TO CONSUMER (B2C) APPS products or services to drive sales2 by taking a picture of a check •• Enable easy access to current •• Many retailers today support quickly Mobile B2C - “Business to Consumer” or transaction status and order history to arranging in store pickup of items “Business to Customer” applications promote additional purchases ordered from a to save exploded onto the scene with the release •• Make your mobile customer an shipping costs and provide immediate of the original iPhone and Apple App “insider” to deals and promotions gratification Store in 2007. •• Create a sense of “community” by •• The common thread is to look for providing access to read and create opportunities for the user to do things reviews of products and services – a that would otherwise be time major step to increasing brand affinity consuming or difficult

1 https://www.lookout.com/resources/reports/mobile-mindset; That’s sixty percent of users of all ages that check phone once per hour. That statistic is roughly ten percent higher for 18–34 year-olds. 2 Wave Collapse, 2012. “93% of people who use apps in stores have bought something at a physical location in the last week (compared to 84% for non-app users). 3 Digital Trends, Joshua Pramis, Mar 13, 2013.

App Development in a Mobile World 5 SECTION 1: Guiding Mobile Initiatives

Leverage Existing Mobile-Enabled ENGAGING YOUR WORKFORCE WITH Understand the Consumer Device Pathways BUSINESS TO EMPLOYEE (B2E) APPS Landscape Although creating your own B2C mobile Mobilizing applications for your enter- As of Q1 2013, Android devices made up application provides the most direct prise increases your business’ efficiency 49% of the new sales the U.S., iOS was pathway from you to your customer, and reliability. That, in turn, can reduce 44%, Windows Phone was 6%, and other don’t overlook these opportunities: costs and lead to a competitive vendors including BlackBerry made up advantage. the rest. You will almost certainly need to •• Social media marketing is closely plan to deploy your application into coupled to mobility through systems Mobile Business to Enterprise (B2E) multiple App Stores. like Facebook, Twitter, Pinterest and computing has been around in one form YouTube. Create and cultivate a or another for well over thirty years Consumers Demand an Application presence through these sites that will (including luggable, or laptop solutions). Designed for Their Device promote your products and brand Early pioneers in this technology quickly recognized the challenge in matching the Modern “pro-sumers” have high expecta- •• Almost all modern mobile phones primitive device operating systems of the tions of the look and feel of an applica- provide free apps capable of scanning day with sophisticated enterprise data- tion. Each device operating system coded magazine ads, signs or base systems. From that problem, early today has a well-defined and distinct billboards. Embedded QR-Codes can leaders such Sybase, Syclo, and SAP all look: rapidly provide contact information, independently created the first of what street addresses, or even direct a would become know as Mobile Enter- •• Ensure your application completely potential customer to a targeted web prise Access Platforms, or MEAPs. conforms to the device vendor’s user campaign experience style guidelines These first MEAPs included development •• Exploit features unique to each device tools to inspect and map enterprise data OS – examples of this include objects into something that would fit on packaging key features of your relatively small mobile devices. MEAPs application as an Android Widget, also included their own User Interface leveraging the iOS Passbook to store frameworks to improve on the relatively coupons or loyalty cards, or even primitive device OS UIs. MEAPs typically enabling device-level content search include the runtime Mobile Server infra- •• Your choice of mobile platform can structure to securely manage devices, significantly affect your success on enterprise authentication, cache and these points transport data, and log transactions, as •• Test to ensure your mobile platform well as other critical operational services. functions at scale, and that it provides FIGURE 1 AN EXAMPLE QR-CODE capabilities to debug operational (TRY IT WITH YOUR PHONE) issues without compromising security

6 App Development in a Mobile World SECTION 1: Guiding Mobile Initiatives

If we fast forward to today, mobile operating systems, device hardware, and mobile development tools are much more capable. At the data center, or even in the Cloud, Service Oriented Architecture (SOA) has emerged as an approach to exposing data with- in the enterprise.

Today, the top use cases for mobile include:

•• Requests and approvals •• Sales force automation •• Field service Mobile'Use'Cases' •• Document management Workflow$Apps$ CRM$$ Work$Orders$ •• Order/inventory management Order/Inventory$Mgmt$ Consolidated$Docs$+$Media$ AnalyGcs$ The following chart shows to relativeRetail$ExecuGon$ percentages based on a recent SAP survey on a subset of our customers.

Mobile'Use'Cases' Mobile'Use'Cases' 5%$ 5%$ Workflow$Apps$ CRM$$Workflow$Apps$ Work$Orders$CRM$$ Work$Orders$ 24%$ Order/Inventory$Mgmt$ Consolidated$Docs$+$Media$Order/Inventory$Mgmt$ AnalyGcs$Consolidated$Docs$+$Media$ AnalyGcs$ Mobile'Use'Cases' Retail$ExecuGon$ Retail$ExecuGon$ 17%$ Workflow$Apps$ CRM$$ Work$Orders$ Order/Inventory$Mgmt$Mobile'Use'Cases' Consolidated$Docs$+$Media$ AnalyGcs$ Workflow$Apps$ Retail$ExecuGon$CRM$$ Work$Orders$5%$ 5%$ 5%$ Order/Inventory$Mgmt$ Consolidated$Docs$+$Media$ AnalyGcs$ 5%$ 9%$ Retail$ExecuGon$ 24%$ 24%$ 22%$ 5%$ 17%$ 5%$ 17%$ 5%$ 24%$ 18%$ 5%$ 17%$ These24%$ use cases rise to the top of the (driving and finding the job site), sorting wrench-time. For a company with a 9%$ stack because of the gains possible with through the pile to find the correct work 500-person field work force, this trans- 17%$ mobile apps. For Field9%$ Service, a order, after troubleshooting – finding (or lates into an extra 7,500 hours per month common metric to measure22%$ efficiency is leaving to get) the22%$ right parts – and post- of productivity. “wrench time” - which is literally the work documentation. It is clear that even 9%$ amount of time a field worker will actual- a small increase in efficiency (as small as ly18%$ be performing work. The cross-indus18%$- 15 minutes per worker per day) could try average for wrench-time is on22%$ the have a huge impact on overall efficiency. 9%$ order of 2.5 hours per day, with the rest At SAP, our customers see an average of of the22%$ time taken up with transit time a 45 minutes per day increase in 18%$

18%$ App Development in a Mobile World 7 SECTION 2: Developing Mobile Apps

MOBILE APP ARCHITECTURES ADT Plugins for Android, Microsoft SAP adds value by supplying native Visual Studio for Windows Phone, and Client SDKs that add rich security, Businesses, especially consumer-brand so on services and data modeling, as well as companies, need to cast a wide net and •• The vendor-preferred language is caching and offline operation capabilities build or buy mobile apps that run on employed to code the application: to native development. smartphones and tablets, the mobile Objective-C or C++ for iOS, Java for web, and SMS. Mobile apps range from Android, C# or VB.Net for Windows Hybrid Apps – Delivering the Widest simple to complex, and many of the Phone, etc Reach from a Single Source Code Base features and functions depend on the •• The User Interface is developed using or “Write once, run many”, “Write once, underlying architecture. Your organiza- the OS’s UI Framework and Operating run everywhere” Has Evolved tion will have apps developed on these System APIs five architectures: native, mobile Web, Desktop development has basically been hybrid, Metadata driven (MDD), and Why Is This Definition of Native a monoculture for years. Microsoft SMS. Important to You? Windows® has dominated, especially in business. Not so for mobility: The explo- Having apps with different underlying By employing these truly native environ- sion of consumer device brands and architectures ensures that you meet the ments and tooling, your development operating systems had the benefit of broad spectrum of business and user teams can deliver the richest user expe- reducing hardware prices, but at the needs. One architecture will rarely suit all rience possible on each device, and also same time presented a challenge to of an organization’s apps. Instead, as have direct access each device every mobile developer: how can costs your mobile needs evolve, your apps will OS-specific features and hardware. Your be contained where in cases where one be built on the architectures that best team also has access to these features needs the same application on many support the use cases and provide an sooner, since they can take OS SDK different device types? exceptional user experience. An app’s updates directly from the device vendor architecture will depend on the require- as soon as they are available. Finally, Some technology vendors addressed ments for the application, your use your team is also easier to staff: an iOS this issue by creating cross-platform cases, user base, internal skills available, or Android developer is productive in this frameworks and proprietary tooling to timeline, budget, and more. model almost immediately. allow for a “write once” model. Such platforms would function by embedding Native Apps – Delivering the Richest A key idea behind native development is an open source language such as Experience, Always at the Leading Edge to deliver the optimal user experience or Python, Ruby, Perl, or Lua within the to get the most efficient and direct mobile application. This language It seems illogical, but mobile technology access to device hardware. We recognize runtime would be combined with a vendors, and even industry analysts, vary there is a competing need to deliver proprietary UI Framework to create the in how they define what qualifies as a application functionality across different application user interface. In a strong Native mobile application. From our device vendors – we’ll tackle that in just sense, these were the first “application perspective, there are three straightfor- a moment. containers” – although experts rarely ward tests that qualify an application as called them that. Native: SAP adheres to this definition of native application development. •• The application is developed directly in the device OS’s preferred IDE or IDE plugins. For example, Xcode for iOS,

8 App Development in a Mobile World SECTION 2: Developing Mobile Apps

Parallel to this, HTML standards evolved to device capabilities than a plain web Metadata Driven (MDD) Apps – Single rapidly. Advances included better Java- application. Different Containers are Code Base, Rich, Preconfigured Apps Script support for dynamic web sites, crafted for iOS, Android, Windows Phone, and much more advanced styling via and so on. Combine these containers A metadata-driven application model Cascading Style Sheets (CSS). Well- with a HTML5 UI Framework and the net (MDD) uses a dynamic, discovery-orient- styled and highly functional UI Frame- result is a well-performing application ed development environment to rapidly works such as jQuery, Sencha, and Dojo that runs on multiple platforms from a create, test and distribute mobile appli- emerged. Crucially, device OS vendors common code base. cations to a pre-built application “player”. have invested time to highly optimize The Metadata is a runtime description of HTML5 and JavaScript performance on The difference between a Hybrid the data object, transactions, and their respective hardware. Container and older “write once” synchronization definitions required to approaches is important: older imple- drive the application. Mobile Web (HTML5) Apps are Web- mentations were a combination of a based apps optimized to the screen language foreign to the device and a Rather than being compiled into native resolution and capabilities of mobile proprietary UI framework. The older code, each MDD application is stored in a browsers. The apps are frequently imple- approach required specialized skills and form optimized for runtime performance, mented with some combination of serv- training for an effective team. Moreover, and is packaged to facilitate seamless er-side logic and on-device logic, and UI the foreign nature of the language and UI updates of the application in the produc- controls implemented in HTML5, Java- framework often led to performance and tion mobile user community. Script, and CSS delivered by the web experience issues within the app. The server. This class of applications runs in end result being a “lowest common SAP delivers a Metadata Driven Applica- the mobile browser, and as a result has denominator” set of capabilities shared tion architecture through its (formerly very limited access to device resources across the target platforms. In contrast, Syclo) Agentry 4GL development, tests, (for example, camera). One clear benefit a Hybrid Container leverages the highly and platform runtime products. of Mobile Web apps is that it is possible optimized device-specific web view and to deliver a greatly improved user experi- – by exposing a HTML5/CSS3/JavaS- SAP also leads with a family of prebuilt ence (navigation, size of text, and so on.) cript framework – expert developer Agentry-based Field Service and Mobile over a standard web interface, when resources are easier to find and re-use. Asset Management solution applica- users visit your website from a mobile tions. These solutions are widely used device. Apache Cordova is the most popular today in industries such as, Utilities, Oil & mobile Hybrid Container today, and is Gas, Government, Life Sciences, and So, What’s Different about HTML5 the open-source version of Adobe’s Manufacturing. These solutions have Apps and Hybrid Containers? PhoneGap product. been preconfigured to connect to SAP ERP and CRM systems, and these same The result of improvements in HTML and SAP has embraced Cordova as the basis applications can be used as starting JavaScript was the emergence of the of its Hybrid Container technology. The points for creating custom tailored solu- HTML5 Application Container, or Hybrid SAP product team has gone through an tions with extended functionality, or Container. A Hybrid Container wraps the extensive effort to extend the capabilities interactions with other data sources. It is device’s optimized native web browser of the Cordova container, adding capabil- important to note that as with all SAP into a true native app. The actual applica- ities of the SAP Mobile Platform without mobile solutions, back-end connectivity tion is coded using HTML5, CSS3, and narrowing the flexibility that developers is not limited to SAP systems. In fact, JavaScript. The container includes APIs demand of modern open . there are over 500 deployments of MDD allowing the application greater access apps accessing non-SAP back-ends.

App Development in a Mobile World 9 SECTION 2: Developing Mobile Apps

SMS – A Lightweight App for Any also applicable in mature markets and ing 20 percent is customization work Device for certain demographics that regard that separates the apps for specific use as a more convenient cases and audiences. A mobile app plat- An SMS app is quite different from the communication mode. An example use form speeds the development process other types of mobile apps. It requires no case would be sending SMS messages to by enabling that larger portion of must- client-side app, as it relies on information confirm a credit card or debit card trans- have app capabilities, such as authenti- exchanged through two-way messaging action where the user has the ability to cation, encryption, push notifications, and sophisticated back-end capabilities confirm or contest the charge offline data caching, and more, across all that automate the exchange. The infor- immediately. apps. mation exchange can be server- or client- initiated. Once initiated, the server auto- App Development in General Without a mobile platform, your develop- matically responds with offers, ers will have to build and test these func- questions, information, a coupon, is interesting in tions themselves as they create their coupon codes, or something else to the that 80 percent of the development work apps. That’s a lot of work. user. These apps are very effective in for many apps is the same. The remain- emerging markets where smartphone The following table is a quick recap on penetration is still relatively low. They are the various application architectures:

Types of Native Apps Mobile Web Apps Hybrid Apps Metadata Driven Architectures (MDD) Apps

Developer skill-set Device-specific design Web developers with Web developers with Experience with MDD needed and programming HTML5, JavaScript, HTML5, JavaScript, tool talent required, and CSS knowledge and CSS knowledge Objective-C for iOS, Java for Android and BlackBerry, C# for Windows

Work effort ***** *** ** *

Cross-platform None Yes, through third- Yes, through third- Ye s support party framework or party framework or custom code custom code

Performance Fast Variable Variable–especially Fast for data-intensive apps

Automatic updates No Ye s No Ye s

Distribution model Ye s No Ye s Ye s through app store

(***** is most difficult; * is least difficult)

10 App Development in a Mobile World SECTION 2: Developing Mobile Apps

ALIGNING THE ARCHITECTURE TO MATCHING APP FUNCTIONS TO BUILDING SECURE APPS WITH THE USE CASE DEVICE FORMS AUTHENTICATION

Consider a NativeApp When: Choosing the your apps leans heavily on tradi- run on is just as important as selecting tional security practices. User authenti- •• A completely unique and compelling the best architecture for your app. cation, for example, is a long-standing user experience is central to the app’s Android, BlackBerry, iOS, and Windows best practice for maintaining control success smartphones and tablets present unique over your enterprise data. For mobile •• Time-to-market with the latest development environments and user business apps, authentication is a hardware and device OS features or experiences, and people interact with requirement. Consumer apps will also high performance is critical to success tablets and smartphones quite need user logins, and the user creden- •• You will only release the app on one differently. tials will be cached in the server (unlike device type enterprise apps). Your industry, govern- Android and iOS devices are early ment regulations, data collected, and Choose a Hybrid App When: market leaders that have benefited from many other factors will impact the app’s mass consumer appeal. Windows devic- security requirements. •• You plan to run your app on multiple es will become more prevalent during the device operating systems next few years, and they may win strong No one wants to login to use an app, but •• Overall user experience is important, business support, as many expect them some form of authentication is a necessi- but a degree of flexibility in the look to plug and play more easily into existing ty. You can streamline the authentication and feel is acceptable back-end environments. You will need to process by using single sign-on (SSO), •• You have an existing HTML5 or develop apps for all these operating which allows the sharing of logon infor- JavaScript development resources systems and devices, and you will want mation across apps. Users will be available to pull into your mobile to align the apps’ functions and features authenticated automatically as they project team to how people interact with each type of move from one app to another, ensuring mobile device. a positive user experience. The time to Opt for Metadata Driven App When: define security and authentication Users pick up their smartphones, for requirements is early in the develop- •• You need to create business apps such example, often and for short time peri- ment, as it’s more cost-effective to build as field service, inspection, asset ods throughout the day. Tablet usage authentication in the app initially and management, or CRM and want to occurs less frequently, but people spend avoid future re-work. leverage a working app more time on the larger devices. These tendencies make the smartphone more The client authentication process Explore your mobile app options, read appropriate for apps that demand less normally begins with the mobile app the following two white papers: Building time, such as order or vacation leave creating a session by sending an Enterprise-Grade HTML5 Mobile Apps approvals. Apps with forms to fill in, on HTTP (S) request to the server. Usually and Hybrid Mobile Apps - More Function- the other hand, are better suited for the server is protected behind a firewall ality At Lower Cost. tablets. and the request is routed through a reverse proxy or relay server, which Find additional insight on the impact of detects the un-authenticated request mobile in the enterprise and beyond in and challenges (using any of the authen- the Enterprise For Dummies eBook. Visit tication methods described below). After the blog and download the eBook from the challenge, the client may already there.

App Development in a Mobile World 11 SECTION 2: Developing Mobile Apps

have network credentials configured, or and allows login. X.509 client THE MOBILE DEVELOPER TOOLBOX: perhaps there is a callback to prompt for certificates usually require a public key FRAMEWORKS AND DEVELOPER credentials. infrastructure (PKI) to handle the ENVIRONMENTS certificate distribution (this should be Basic authentication is the minimal provided by your MDM solution). With Desktop development has basically been scheme of authenticating a user with this approach, the mobile platform a monoculture for years. Not so for username and password. Apps must be server establishes an HTTPS mobility. The explosion of consumer able to validate a user’s credentials connection to a backend with client device brands and operating systems against multiple directories, such as certificate forwarding in the HTTP presents a challenge to every mobile LDAP, Active Directory, and others. Using header developer: How can costs be contained this form of authentication is generally •• SSO using logon tickets auth- while still building the same app for not recommended, since it does not enticates the user through an external many device types? support SSO, and requires the consum- provider, creating a login session. This ing application to provide secure storage session is forwarded with the user ID An early solution was cross-platform for the login credentials and handle initial to an agent running inside the back- frameworks and proprietary tooling that and expired passwords. Another caveat end system. The session is re- allowed a “write once” model. Open of basic authentication is that applica- validated, and a logon ticket is issued source languages were embedded within tions built by different development for future transactions the mobile app and combined with a teams will not be able to share proprietary UI framework to create the credentials. Identity and access management application user interface. leverage the user management and Single Sign-On SSO offers an array of authorization credentials stored in exist- Parallel to this, HTML standards evolved benefits. Perhaps the most significant is ing back-end systems. Mobile apps rapidly. Advances included better Java- that a user only needs to remember a re-use the credentials already set for Script support for dynamic Web sites single set of credentials, regardless of enterprise systems, avoiding the need to and more advanced styling via cascading the UI, to gain access to multiple apps maintain a separate configuration for style sheets. Well-styled and highly func- and network services. SSO also means mobile user authorizations and manage- tional UI frameworks such as jQuery, that all authentication-related informa- ment. This authentication prevents secu- Sencha, and Dojo emerged. During the tion is centralized on a single security rity breaches of enterprise systems by same time, device OS vendors optimized service provider, which helps enterprise requiring existing user credentials such HTML5 and JavaScript performance on administrators enforce a consistent ID numbers, VPN info, level of employ- their respective hardware. authentication policy throughout the ment, and other information that identi- identity management process. There are fies the user’s level of access. These advances are especially important two forms of SSO authentication: for hybrid apps that use an HTML5 appli- cation container or hybrid container. The •• SSO using certificates: X.509 client app is coded using HTML5, CSS3, and certificates are widely accepted and JavaScript. The container includes appli- supported as the standard for cation programming interfaces (APIs) certificate based authentication. In this that give the app greater access to method, a digital certificate with the user’s public key is sent to the server, which then validates the certificate

12 App Development in a Mobile World SECTION 2: Developing Mobile Apps

device capabilities than a plain Web app. adding services, such as coupons, When the container is combined with a payments, geo-location, SMS services, HTML5 UI framework, the apps deliver push, synchronization, offline support, exceptional performance and run on and others. multiple platforms from a common code base. These popular IDEs and frameworks help your developers create rich, sophisticat- The developer can leverage the UI frame- ed native or hybrid apps: work to make the app more valuable by

Platform Tools iOS Xcode, Dashcode (web)

Android Eclipse, Android Studio

Windows 8, Windows Phone 8 Visual Studio, Visual Studio Express

BlackBerry •• Legacy BlackBerry: Eclipse •• BlackBerry 10: Cascades, Momentics IDE

HYBRID DEVELOPMENT TOOLS

Primary Hybrid App Hybrid Apps and Other Toolkits Container Toolkits Mobile Web App Tools Frequently Used

•• Apache Cordova •• jQuery Mobile •• WBackbone •• SAP Mobile Platform Kapsel plug-ins •• Sencha Touch •• Bootstrap (for Cordova) •• Dojo •• Angular •• Adobe PhoneGap •• Appcelerator Titanium •• Sencha Touch Container (Cordova fork) •• Developer skill set needed

App Development in a Mobile World 13 SECTION 2: Developing Mobile Apps

APP ENHANCEMENTS WITH SDKS ADDING VALUE WITH DATA OData defines an access layer atop a INTEGRATION REST protocol and adds the following key capabilities to conventional REST Third-party Software Development Kits Mobile apps become more valuable services: (SDKs) make a good app great by when they access data stored in back- enabling features and functions that are end systems. Proprietary interfaces and •• Defines a formal query language to difficult to develop internally. The follow- XML-based Web services expose this dynamically select the best data set ing SDKs have proven track records and data for the apps, but neither is very for a given task greatly improve the user experience. mobile friendly. •• Supplies integrated metadata descriptions of the data structures it Augmented reality: Metaio and Vuforia When planning data integration, you exposes are frameworks that allow an app to must determine what data should be •• Supports dynamic combining of present contextual information, exposed to clients. Finding the right related objects in a single result set augmenting what the user can see using balance is tricky. Exposing more data •• Supports paging for larger result sets either location, image, or pattern than is needed degrades the UI perfor- •• Allows for server-side searching of detection. mance and battery; when not enough data content without constructing data is available, the app is less useful to complex queries Immersion: Developers can add an the user. •• Returns results in the developer’s immersive experience by adding a choice of XML or JSON data formats panorama or 3D element to the app. A host of interfaces, such as Web servic- •• Works with well-known mobile Apps developed with krpano have a es, JDBS, REST, and OData, are available protocols including REST, HTTP, and 360-degrees panorama, coupled with to connect the back-end system and HTTP-based security/authentication live video feeds (from onsite cameras) mobile app. As mobile app development protocols that gives the user a real-time overview matures, OData is expected to become of a given field of view and the ability to the leading protocol for connecting apps The key strengths of OData lie in its interact with it dynamically. Unity3d to the data in back-end systems. dynamic nature. Data exposed via OData immerses users in a full 3D environment can be optimized directly by the applica- and lets them interact with different THE CASE FOR USING ODATA FOR tion developer without requiring back- points of view. DATA INTEGRATION end services modifications. This saves on development time and cost by reducing Communication: Developers can Web Services architectures have evolved the back-and-forth interactions between enhance the communication experience rapidly in the recent past. Early web application and server development with SDKs such as OpenTok, which Service Oriented Architectures (SOA) teams. An OData services approach also enables a live video chat functionality were based on SOAP. More recently, cuts testing costs by reducing the need within the app. Bump supports data RESTful web services gained acceptance for hand-crafted server code. exchanges between phones across as a lighter-weight approach: REST has platforms. the reputation of being more easily consumed by mobile and dynamic web These SDKs, and others, provide much of applications. Today, OData is an emerg- the consumer-grade functionality and ing web services standard. It was origi- rich user experience that end-users want nally proposed by Microsoft and has Visit OData.org for the latest news and in their apps for both work or personal been embraced by industry leaders, updates on OData. use. including SAP.

14 App Development in a Mobile World SECTION 3: Deploy and Manage Mobile Apps

POINT SOLUTIONS VS. PLATFORM costs start adding up quickly as mobility SOLUTIONS expands throughout the organization.

Every future decision you make about Point solution development for even a your mobile strategy will be affected by basic app will lead to long-term costs: your decision to invest in point solutions or a mobile app platform. This decision •• 3 to 4 engineers for 3 months for a will affect your organization’s ability to single authentication method develop, manage, and secure both apps •• 2 to 3 engineers for 2 months for basic, and devices. At first glance, point solu- online data access tions seem like a good fit for enterprise •• 3 engineers for 12 months for ongoing mobility. No doubt they are a low-cost maintenance entry to developing mobile apps, but the

App Development in a Mobile World 15 SECTION 3: Deploy and Manage Mobile Apps

Additionally, point solutions typically fail THE MOBILE PLATFORM ADVANTAGE due to other shortcomings: There’s power in a platform-based •• Data security (HTTPS secures data approach that benefits IT, developers, during transmission, but securing data and users. A mobile app’s success rests at rest is difficult) on the user experience, and a mobile •• Network access required (offline platform helps ensure an amazing user modes and synchronization are experience by providing the components difficult) to run uninterrupted at all times. •• No cross-platform push notifications or lifecycle management Like an iceberg, many of the tasks asso- •• Different teams (sometimes a mix of ciated with a successful mobile app internal and external) and technologies deployment lie hidden from view. prevent code re-use

If you are going to compare point solu- tions and mobile app development plat- forms side by side, read the following five-part blog: When A Good Mobility Idea Becomes A Management Night- mare. Part 1 | Part 2 | Part 3 | Part 4 | Part 5

20% Mobile Platform value-add

! Authentication ! Business application integration 80% ! Security – devices, data, content ! Offline access and synchronization ! Multi-platform support ! Administration ! Application versioning and lifecycle management ! Push notifications ! Proxy ! Reporting and analytics

16 App Development in a Mobile World SECTION 3: Deploy and Manage Mobile Apps

Here is a representative sample of the The point is, these are capabilities that Value for Developer capabilities for administration and appli- SDKs and web cations you will need to deploy a mobile services APIs won’t provide out of the •• Flexible framework supports broad set application: box. Without a mobile platform, your of development skill sets developers will have to build and test •• SDK and tools support ensures Key Administrative Capabilities: these functions themselves as they developers are fast and productive create your first application. That’s a lot •• Reusable services and frameworks •• Client device and application of work. At the point you create your keep apps consistent and extensible registration second application, your team will need •• Support for industry-standard •• Enterprise authentication and identity to refactor this original code to adapt it protocols and open-source technology provider integration to the different needs of the new app. In •• Operational usage logging and many ways, that’s even harder work. Value for IT Admin transaction tracing •• Application versioning/application A good mobile platform will provide •• Single platform for all mobile apps that update management these functions out of the box, ideally in scales linearly •• Cross-platform push notification a way that exposes these capabilities •• Centralized management minimizes services that is reusable across a range of B2E efforts needed to monitor and manage •• System usage reporting and analytics application types – from true native •• Industry standards ensure security •• Mobile services clustering/horizontal applications that can display rich 3D assurance and control scalability/failover graphics and custom hardware to “Write •• App platform and app management Once” Hybrid applications that run enables end-to-end mobile lifecycle Key Client Capabilities: across a range of devices from the same management source code base. •• Client business object data modeling. Value for the End User •• Data synchronization services – When app development teams have between the client and enterprise these capabilities available they can •• Centralized, governed development back-end focus on delivering a superior user expe- supports consistent app experience •• Offline data caching rience rather than spending extensive •• Self-service portal enables user •• Offline data change queuing time on low-level coding. IT also gains empowerment •• Encryption of data over the air (“data significant advantages from a mobile app •• Cross-platform support ensures user in motion”) platform as it helps them maintain choice and BYOD programs •• Encryption of device data (“data at corporate security and gain visibility into •• New apps and capabilities are easily rest”) all mobile solutions. Furthermore, devel- found and discovered in enterprise app •• Multi-platform application and user opers save time because they can add store interface frameworks (enabling a the most popular and recently released “Write once” development approach) features into the mobile apps using their Learn why there’s more Power in the current skill sets. Platform.

App Development in a Mobile World 17 SECTION 3: Deploy and Manage Mobile Apps

PROOF POINT FOR PLATFORM-BASED this example, a large global company MOBILE STRATEGY developed 40 business apps. The U.S. division relied on multiple best-of-breed A real-world cost comparison within one tools and custom development. The company clearly shows the budgetary Canadian division developed the same impact of a platform-based approach. In mobile apps using the SAP Mobile Plat- form. The results speak for themselves.

U.S. Company: Point Solution Approach Canadian Company: SAP Mobile Platform

Team size: 40 Engineers Team size: 10 Engineers Schedule: 18 months Schedule: 4 months

Costs: Costs: 20 Eng @ $1,000/day Re-used U.S. Design $1.7m 20 Eng @ $600/day 5 Eng @ $1,000/day $0.4m 5 Eng @ $600/day $0.2m Total Development cost: $11.5 million Total Development cost: $2.3 million Of the development cost, $1.7 million was allocated to design work Using a platform approach and SAP tools, the Canadian team saved $9m (80%) and delivered more than 12 months faster!

18 App Development in a Mobile World SECTION 3: Deploy and Manage Mobile Apps

DEPLOYMENT SCENARIOS: The Cloud Makes Sense When: Security: Your apps will provide: ON-PREMISE VS. CLOUD •• IT resources are limited •• Streamlined authentication for both Many organizations are looking at cloud- •• Your mobile strategy is to start small enterprise and consumer user based services before on-premise solu- with fewer than six apps, and launch •• Enterprise-level authentication that tions to reduce costs. A cloud-based quickly with minimal costs prevents security breaches of business mobile app platform helps enterprises •• Fast time to market requirements do systems deploy mobile apps quickly and at a not allow for infrastructure build out •• Consumer-level authentication that reduced cost. An on-premise platform is •• Strategy is to test the mobile waters protects privacy appropriate when many apps are being before investing in large-scale capacity deployed or when the apps and mobile User experience: Your users will devices are accessing large datasets. For more information, check out these experience: Having the system of record and the two white papers covering test results for mobile platform in the same location cloud performance and scalability and •• User-friendly, consumer-like interfaces reduces communication latency times cloud security. •• Exceptional online and offline and ensures better app performance. performance CHECKLIST FOR MOBILE APP PLAT- •• Increased productivity with broad What’s best for your organization, just as FORM THAT SUPPORTS B2C, B2B, access to business back-end systems in what app architectures to choose, will AND B2E APPS depend on the number of mobile apps When comparing platform options as you have, the types of mobile apps you Mobile apps typically fall into these cate- part of vendor selection due diligence, support, internal resources, and time gories: business to consumer (B2C), the key features to consider are: constraints. business to enterprise (B2E), and busi- ness to business (B2B). The characteris- •• Support for multiple authentication On-Premise Is Best When: tics of these types of apps and the end methods (SSO, certificates, username/ users’ expectations are significantly password, identify management, and •• Experienced datacenter and IT staff is different. In the short term, you may only more) available develop and support one type of app, but •• Ability to integrate with back-end •• Plans are underway for long-term long term you will have mobile apps from databases and systems from multiple support of mobile apps and devices all groups. vendors •• Six or more mobile apps (or variants •• Security for data (in motion and at on multiple platforms) will be launched As the number and types of apps rest) in the next 12 to 18 months increases, a mobile application platform •• Support for offline use with data •• Your mobile apps require rich data sets ensures a level of consistency and order. synchronization and robust features You will be able to meet the goals from •• Application on-boarding, provisioning, your mobile strategy for: versioning, and lifecycle management. •• Cross-platform push notifications Scalability: Your organization will adapt •• Administration functions including easily to: reporting and analytics •• Multi-platform support •• New mobile devices introduced to the marketplace •• Requests for more mobile apps with sophisticated features •• Larger, more diverse user bases

App Development in a Mobile World 19 SECTION 4: Achieve Best Practices

APP DEVELOPMENT METHODS: •• Launch basic functioning apps in a When using design thinking, developers MOVING FROM CONCEPT TO LAUNCH relatively short timeframe create an app in multiple stages. Design •• Continually improve the app by thinking proponents use different labels The design process for mobile apps is incorporating insights uncovered for the stages, but generally speaking significantly different from the familiar during development they are: client-server business app. Design teams •• Release frequent updates and new are applying new collaborative approach- features regularly that enhance the •• Understand and define the problem es, such as design thinking and agile apps •• Observe users development, to create apps for today’s •• Generate ideas (ideate) dynamic, consumer-driven mobile world. Design thinking encourages out-of-the- •• Prototype/experiment Before your organization develops its box thinking and cross-team collabora- •• Test, implement, improve first mobile app, consider adopting these tion. Businesses are adopting the prac- forward-thinking techniques that were tice to create user-centric products and Both agile development and design used to develop many of the most services. By solving a design issue thinking spur creativity and originality. successful mobile apps available. through a user lens, software designers Developers can pour the innovations that build apps that are much more appealing result from these methodologies into Agile development is based on iterative and useful to end users. highly functional, user-friendly apps. development cycles that release apps in shorter time frames (sprints) with feature sets that will be enhanced in future releases. Enterprises applying agile development:

20 App Development in a Mobile World SECTION 4: Achieve Best Practices

Other very important parts of mobile internal users. Those are the major •• “Zero touch” app deployments and design process are User Experience and differences and even more make manag- automated app updates that minimize User Interface Design. The current ing mobile apps labor intensive. worker disruption and reduce tech Mobile OS’ have set the bar very high for assistance how things should look & feel. With the A mobile app platform centralizes the •• Pain-free deployments through consumerisation of IT through mobile, development, management, and all steps enterprise app stores the prosumers in the enterprise will from launch to end of life across all •• Exceptional, consumer-grade, user expect apps that have the same amaz- mobile apps. Businesses can easily experiences ing, beautiful and compelling UX/UI that oversee: consumer level apps have. Hence setting SAVE TIME AND MONEY the mobile design bar higher in the •• One development effort using familiar enterprise than ever before. development tools to create an app for Every development project can be all devices controlled using three levers: cost, MANAGING THE APP LIFECYCLE •• Consistent apps that have the same schedule, and functionality. Organiza- deep device level controls, access to tions attempt to set these levers to Businesses have never witnessed a life- back-end data, security controls, and achieve the best results based on their cycle like the mobile app. These apps premium performance unique situation. To streamline your have more frequent updates, must •• App launches and updates that are mobile app projects, consider these accommodate multiple device types, and preconfigured based on group policies options to reduce costs or decrease time support different access rights for related to device type or job role to market.

Reduce costs and time Pre-built apps Look for apps that can be rebranded and modified for internal processes

Reduce costs and time Deployment options Consider a cloud-based deployment to speed time to market, avoid capital budget constraints, or adapt to unknown adoption rates

Reduce TCO Integrated enterprise Push out new versions quickly with minimal resources required mobile management

Reduce TCO Integrated reporting Provide sophisticated reports of usage information, adoption rates, performance stats, and more, in seconds

Reduce TCO Traceability Troubleshoot and fix problems quickly before they cause widespread issues

SETUP A MOBILITY CENTER OF changes, and select the right tools and group to manage the technical complexi- EXCELLENCE approaches for a a given business case, ties on behalf of the business. For a supports the creation of a dedicated detailed discussion on how to create a Mobile technology is one of the fastest group of mobile experts. COE, and develop its charter, read: “Best changing fields today. The need to stay Practices for a Mobility Center of current on mobile device capabilities, Many companies have opted to staff a Excellence.” operating system capabilities and “chief mobile officer” role and/or create a mobile center of excellence (COE)

App Development in a Mobile World 21 SECTION 5: Finding SAP Resources

HOW CAN SAP SUPPORT MY MOBILE SAP Mobile Platform: Deploy pre-built INITIATIVES? and custom B2E, B2B, and B2C apps running on top of SAP Mobile Platform Both analysts and customers alike for enterprise-grade security, back-end acknowledge SAP as leader in mobile. agnostic deployments. Build native, SAP is the only vendor to be named a hybrid, MDD, and SMS apps, with SAP Leader in both of Gartner’s Mobile Magic toolkits or your choice of development Quadrants, and achieve an “‘Excellent’ environments. Score for Product Viability in Gartner’s Critical Capabilities for Mobile Applica- Consulting and Rapid Deployment tion Development Platforms.” Download Services: Fill skillset gaps with experts the reports for more information: from SAP and SAP partners that can take you from mobile strategy develop- •• 2013 Gartner Mobile Application ment through app development, system Development Platform Magic deployment, and on-going lifecycle Quadrant management. •• 2013 Gartner Mobile Device Management Magic Quadrant Enhanced capabilities: Roll out apps •• 2013 Gartner Mobile Application that will astonish your customers, Development Platform Critical employees, and partners. Feature 3D Capabilities visualization, augmented reality, loca- tion-based services, exceptional perfor- If you are ready to go all-in with mobile, mance, and integration with SAP HANA. the SAP portfolio delivers what you need. Watch this short video showcasing apps Here’s how to do it: built by our Mobile Innovation Center using SAP Mobile Platform. Enterprise Mobility Management: Deploy SAP Afaria for Mobile Device SAP HANA Cloud Platform: SAP Plat- Management, app management, telco form as a Service (PaaS) offering spend management, app distribution powered by SAP HANA. and on-boarding, and deployed app feedback. Managed services: Deploy mobile solu- tions in the cloud for fast deployments Manage : Roll out SAP that don’t drain IT resources with a Mobile Documents (cloud or on-prem- service provided by SAP Partners. ise) to enable secure and flexible access to and collaboration to business content.

Pre-built, customizable apps: Purchase apps from SAP Store for instant mobilization.

22 App Development in a Mobile World SECTION 5: Finding SAP Resources

See How SAP Customers Run Their Businesses Better with Mobile

Vodafone: A Trailblazer in Mobility with SAP

Sysco Improves Processes with SAP for Wholesale Distribution

Abantia: Calculating the Value of a Mobile Investment

Standard Bank of South Africa is Bringing Banking to the Unbanked

Creating a Mobility Strategy for Real-time Service Information

App Development in a Mobile World 23 SECTION 5: Finding SAP Resources

LEARN MORE WITH SAP MOBILE RESOURCES

There are many resources available online. Here are the main ones to investigate when getting ready to deploy your mobile solution:

Resource Description

www.sap.com/mobile The main SAP Mobile website. From here, you can explore all SAP Mobile solutions

www.sap.com/ SAP Mobile Platform site on sap.com mobileplatform

SAP Mobile Platform SAP Community Network Site for getting started with the SAP Mobile Platform. Sign up for a free Developer Center 30 day trial, or free developer license for the platform hosted on Amazon Web Services

SAP Mobile Academy Free video tutorial site on how to sign up for the free trial, free trial and free developer license, and step-by-step guides for building native and hybrid apps on multiple device platforms

SAP Mobile Secure The most comprehensive mobile management and security portfolio. Embraces mobile device diversity and provides IT with the confidence that corporate information is safe. SAP Mobile Secure solutions enable enterprises to secure devices, apps, content, and services, optimizing the mobile experience for users of today’s most popular mobile devices

SAP Afaria Free Trial SAP Afaria is an industry-leading Enterprise Mobility solution to manage and secure large-scale deployments of mobile devices. The software simplifies the complexity of mobility whether workers are using BYOD or corporate-owned smartphones or tablets for both cloud and on- premise deployments.

SAP Mobile Documents SAP Mobile Documents delivers a mobile content management solution designed for enterprise deployments where collaboration, security, and control of business content are critical

SAP App Protection by The Mocana app wrapping solution helps customers address advanced mobile security Mocana requirements and quickly deploy secure mobile apps, especially in highly-regulated industries like financial services, retail, and government. It gives SAP advanced security features and FIPS 140-2 certified encryption for apps

Tangoe (Partner SAP partner Tangoe offers a Telecom Expense Management (TEM) solution that helps the mobile Development enterprise contain mobile costs through a number of different products focused on Mobile Agreement) Telecom Expense Management

SAP Mobile Strategy SAP offers a pre-defined service for customers just starting with planning or adopting Enterprise Services Mobility, as well as detailed planning for Enterprise Mobility

Talk to an SAP representative: +1-866-727-1489

Contact SAP

24 App Development in a Mobile World www.sap.com/contactsap

(13/10) ©2013 SAP AG. All rights reserved.

SAP, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP BusinessObjects Explorer, StreamWork, SAP HANA, and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and other countries.

Business Objects and the Business Objects logo, BusinessObjects, Crystal Reports, Crystal Decisions, Web Intelligence, Xcelsius, and other Business Objects products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of Business Objects Software Ltd. Business Objects is an SAP company.

Sybase and Adaptive Server, iAnywhere, Sybase 365, SQL Anywhere, and other Sybase products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of Sybase Inc. Sybase is an SAP company.

Crossgate, m@gic EDDY, B2B 360°, and B2B 360° Services are registered trademarks of Crossgate AG in Germany and other countries. Crossgate is an SAP company.

All other product and service names mentioned are the trademarks of their respective companies. Data contained in this document serves informational purposes only. National product specifications may vary.

These materials are subject to change without notice. These materials are provided by SAP AG and its affiliated companies (“SAP Group”) for informational purposes only, without representation or warranty of any kind, and SAP Group shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP Group products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty.