Mobile Operator APIs Mobile Operator APIs Enablement, Enablement, Enablement, Enablement, Enablement, Enablement, Enablement, Enablement, E E E E E E xposure and xposure and xposure and xposure and xposure and xposure and xposure and xposure and C C C C C C reation reation reation reation reation reation reation reation – – – – – – Delivering Delivering Delivering Delivering Delivering Delivering Delivering Delivering Useful Useful Useful Useful Useful Useful Useful Useful Services Services Services Services Services Services Services Services SDP Global Summit SDP Global Summit SDP Global Summit SDP Global Summit SDP Global Summit SDP Global Summit SDP Global Summit SDP Global Summit 2013 2013 2013 2013 2013 2013 2013 2013 19. 9. 2013 Rome 19. 9. 2013 Rome Martin Prosek, Martin Prosek, VAS VAS Platform Platform Development Manager Development Manager Telef Telef ó ó nica Czech Republic nica Czech Republic
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Mobile Operator APIsMobile Operator APIsEnablement, Enablement, Enablement, Enablement, Enablement, Enablement, Enablement, Enablement, EEEEEEEExposure and xposure and xposure and xposure and xposure and xposure and xposure and xposure and CCCCCCCCreationreationreationreationreationreationreationreation –––––––– Delivering Delivering Delivering Delivering Delivering Delivering Delivering Delivering UsefulUsefulUsefulUsefulUsefulUsefulUsefulUsefulServicesServicesServicesServicesServicesServicesServicesServicesSDP Global SummitSDP Global SummitSDP Global SummitSDP Global SummitSDP Global SummitSDP Global SummitSDP Global SummitSDP Global Summit 2013201320132013201320132013201319. 9. 2013 Rome19. 9. 2013 Rome
Martin Prosek, Martin Prosek, VAS VAS Platform Platform Development ManagerDevelopment ManagerTelefTelefóónica Czech Republicnica Czech Republic
� FixedFixedFixedFixed andandandand mobilemobilemobilemobile voice and data,voice and data,voice and data,voice and data, IPTVIPTVIPTVIPTV� Operated under commercial brand OOperated under commercial brand OOperated under commercial brand OOperated under commercial brand O2222
1
IntroductionIntroductionIntroductionIntroduction
01010101 API Evolution Quick Review
02020202 Operator‘s API Offer
00003333 Effective Use
00004444 Technical Solutions
00005555 Real Life
00006666 Recommendation
� Disclaimer: The opinions of the author expressed in this document do not necessarily state or reflect those of Telefónica company
2
EvolutionEvolutionEvolutionEvolution
� Traditionally the SDP served for Operator/Developer relations
� In principle server to server server to server server to server server to server integration
� Smartphones created separated ecosystemsseparated ecosystemsseparated ecosystemsseparated ecosystems
� With their own APIs
� Operator becomes a dumb pipedumb pipedumb pipedumb pipe
SmartphoneApplication
SmartphoneApplication
SmartphoneApplication
SmartphoneApplication
APIs for Smartphone AppsAPIs for Smartphone AppsAPIs for Smartphone AppsAPIs for Smartphone Apps
� Amount apps is still growing
� Need of APIs is growing as well!
APIs for Smartphone AppsAPIs for Smartphone AppsAPIs for Smartphone AppsAPIs for Smartphone Apps
� But the need of operators APIs need of operators APIs need of operators APIs need of operators APIs like SMS, MMS, Calling, Location not not not not –smartphones have them already in the OS! Or even OTT competitors can do it better…
� What else What else What else What else could operator offer to developers?
Operator APIsOperator APIsOperator APIsOperator APIs Useful for AppsUseful for AppsUseful for AppsUseful for Apps
�Mobile Identity
� User Profile
� Payments (in-app)
� Content services (if offered by operator…)
� Unified communications (if offered by operator…)
� Customer Mobile Self-care
�…
Why Why Why Why SSSShould hould hould hould DDDDevelopers evelopers evelopers evelopers UUUUse se se se OOOOperators APIsperators APIsperators APIsperators APIs…………
� Developers do not care about operators
� If asking for something, not for APIs, rather for exceptions from FUP or free data access to their services
� What can motivate motivate motivate motivate them to use operators APIs?
• Financial incentives from operator
• Need of touch with local market (might be also regulatory condition…)
� Anyone can reverse engineer the app and fake the credentials – identity theft
� Even worse case – trojan horse apps
� Embed security checks into the app
� Monitor app usage
� Use proven web technologies – WAF, IDS, SIEM…
Technical Solution Technical Solution Technical Solution Technical Solution –––– Authorization by UserAuthorization by UserAuthorization by UserAuthorization by User
� When opening any API for public useopening any API for public useopening any API for public useopening any API for public useamongst app developers new issue would appear
� Application can do almost anything on the back-ground without informing the user
� Operators should not forget that they are responsible for everything that might be done to the customer
� Operators have right to authorize every request from the partner or the application