Weitere ähnliche Inhalte
Ähnlich wie APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguished Engineer, CA Technologies (20)
Mehr von CA API Management (12)
Kürzlich hochgeladen (20)
APIs Fueling the Connected Car Opportunity - Scott Morrison, SVP & Distinguished Engineer, CA Technologies
- 1. APIs Fueling the “Connected Car”
Opportunity
K. Scott Morrison
SVP & Distinguished Engineer
September 22, 2014
- 2. Auto Customer Lifecycle
Moving from customer acquisition to customer development
Avg. 6 Year Vehicle Ownership
2 © 2014 CA. ALL RIGHTS RESERVED.
AWARENESS
NURTURE
PURCHASE
- 3. Auto Customer Lifecycle
Moving from customer acquisition to customer development
Premium services
ADVOCACY
3 © 2014 CA. ALL RIGHTS RESERVED.
CUSTOMER
ACQUISITION
CUSTOMER
DEVELOPMENT
Auto commerce
Infotainment
Companion apps
Web onboarding
Mobile onboarding
Avg. 6 Year Vehicle Ownership
AWARENESS
NURTURE
PURCHASE
LOYALTY
- 4. The “Connected Car” Ecosystem
Complexities Of Connectivity
APIs
Enable with APIs and Control with Identity
4 © 2014 CA. ALL RIGHTS RESERVED.
- 5. APIs Connect Everything
Accelerate app delivery and expand routes to market through secure integration
EXTERNALIZE DATA &
OPTIMIZE TRAFFIC
MANAGE API &
DEVELOPER LIFECYCLES
5 © 2014 CA. ALL RIGHTS RESERVED.
SECURE API
ACCESS
API
API
API
API
API
API
- 7. Onboard Prospects via Web & Mobile
“More Than 50 Percent Of Customers Make Their Decision Online”*
COMPOSITE WEB &
MOBILE APPS
SOCIAL LOGIN
INTEGRATION
7 © 2014 CA. ALL RIGHTS RESERVED.
FRICTIONLESS
CONSUMER EXPERIENCE
*www.mckinsey.com/client_service/marketing_and_sales/latest_thinking/eight_trends_shaping_digital_marketing_in_t
he_auto_industry
- 8. Remote Companion Auto Apps
“Owners Request Remote Door Unlock Assistance More Than 60K Times Per Month”*
ONBOARD INTERNAL
DEVELOPERS
DELIVER PRIVILEDGED
USER ACCESS
8 © 2014 CA. ALL RIGHTS RESERVED.
ACCELERATE SECURE
APP DELIVERY
*www.media.gm.com/media/us/en/gm/news.detail.html/content/Pages/news/us/en/2013/Jun/0605-remote-link-app.html
- 9. In-Car Infotainment Apps
“Games And Infotainment Apps Market Worth $65bn By 2016”*
MANAGE APIs &
EXTERNAL DEVELOPERS
END-TO-END APP
SECURITY
9 © 2014 CA. ALL RIGHTS RESERVED.
ACCELERATE SECURE
APP DELIVERY
*http://www.itp.net/589730-games-and-infotainment-apps-market-worth-65bn-by-2016#.Uz7UMPldW8ARoadmap
- 10. Automotive Commerce
“Nearly 90% of survey participants were open to buying a UBI policy”*
PARTNER & PAYMENT
APIs
COMPLY WITH STANDARDS
& REGULATIONS
10 © 2014 CA. ALL RIGHTS RESERVED.
COMPLIANT PARTNER
COMMERCE
*www.towerswatson.com/en/Insights/Newsletters/Americas/americas-insights/2013/Usage-Based-Insurance-Consumer-
Survey
- 13. An “Agile” Digital Platform Emerges
APIs provide connectivity while identity provides the control point
IDENTITIES APP API DATA
13 © 2014 CA. ALL RIGHTS RESERVED.
Seamlessly
connect Enterprise
Data to Your Digital
Ecosystem
Accelerates
Mobile App
Development
Enables multi-channel
engagement
Extend Reach
into new
markets
- 15. 15 © 2014 CA. ALL RIGHTS RESERVED.
Connected
Car Service
Provider
3rd party
service/soc
ial
APIs
APIs
APIs
APIs Of The Connected Car
App
App
App
- 16. 16 © 2014 CA. ALL RIGHTS RESERVED.
Connected
Car Service
Provider
3rd party
service/soc
ial
Companion App
APIs
APIs
APIs
{ unlock}
{ unlock}
- 17. Mobile Powered Car Sharing Service
{book it}
17 © 2014 CA. ALL RIGHTS RESERVED.
Connected
Car Service
Provider
{pickup}
{find it}
3rd party
service/soc
ial
APIs
APIs
APIs
- 18. Security Matters Too
“My Car Was Hacked”
SAFETY
When cars can be
controlled remotely…
18 © 2014 CA. ALL RIGHTS RESERVED.
PRIVACY
Locate users
Abuse of driver history data
APIs are becoming the
attack vector of choice
for the new generation
of hackers
- 19. Public vs Confidential Apps
Public devices and public clients shift burden of authentication
to a user (lowering UX)
Pattern: Secure API flows which assert registered device/client
Mobile
19 © 2014 CA. ALL RIGHTS RESERVED.
Connected
Car Service
Provider
{prove
possession}
Register device,
app
HSM In-car app
- 20. UX Disruptors
Key defensive techniques, such as user
authentication disrupt UX
The impact on user experience is more severe
in mobile context
Compounding factors:
CHALLENGE FREQUENCY
NUMBER OF SECRETS
SECRET COMPLEXITY
20 © 2014 CA. ALL RIGHTS RESERVED.
- 21. Reconciling UX And Security
21 © 2014 CA. ALL RIGHTS RESERVED.
IDENTIFY
YOURSELF
SHOW ME MY
DATA
- 22. User-Managed Delegation
Users delegate applications to act on their behalf
Pattern: revocation should be as easy as delegation
Authorize
app, device
… later, device lost or stolen Revoke app,
device
22 © 2014 CA. ALL RIGHTS RESERVED.
Connected
Car Service
Provider
Connected
Car Service
Provider
- 23. Risk And Context-Based Authorization
23 © 2014 CA. ALL RIGHTS RESERVED.
LOW
Must have valid session
MEDIUM
Must have a ‘fresh’ session
HIGH
Registered device only
Challenge user every x
minutes
Multifactor
– Infotainment + mobile
Risk
associated
with API
call
- 24. API-Enabled Connected Car Service Provider
Driving New Business Models And Partnerships
Beyond enhancing the user experience,
APIs enable new business and
partnership
250M connected cars = big data
Telemetry history
APIs lets you monetize this
information
24 © 2014 CA. ALL RIGHTS RESERVED.
Connected car API
infrastructure
Correlate
Anonymize
Secure
Insurance
Urban planning
Real-time traffic info
[your idea here]
Emergency response
- 26. API Infrastructure For The Connected Car
CA API Management Solutions
ENABLE
INNOVATION
App developer services
Internal/3rd party
developer on boarding
API discovery
App registration
API Key issuing
Analytics
Billing
Mobile SDKs
DELIVER, SCALE
AND SECURE API
26 © 2014 CA. ALL RIGHTS RESERVED.
Runtime API services
Secure API delivery
Access control
Enterprise integration
Identity brokering
Device registration
Social/cloud integration
Threat protection,
sanitization
- 27. What An API Delivery & Management Platform Should Look Like
Transformation Routing Traffic Control
Throttling Prioritization Caching
Composition Authentication Entitlements API Keys Single Sign On
Security
Secure & Manage Interface + Data
Token Service
Performance Global Staging Developer
Enrollment
Plans
Reporting Analytics
Manage Developers Access to APIs
Health Tracking
Workflow
27 © 2014 CA. ALL RIGHTS RESERVED.
API Docs
Forums
API Explorer
Quotas Rankings
Config Migration
Patch Management Policy Migration
Manage Lifecycle & Availability of API
OAuth 1.x OAuth 2.0 OpenIDConnect
Manage Access & Credentialing to API
API
- 28. Addresses Critical API & Application Economy Needs
ENABLE APP
DEVELOPERS
Accelerate application delivery
by providing flexible access
Provide ‘speed tracks with guard
rails’ – embed security into
mobile app APIs
Deliver portal to to define and
easily expose a set of APIs for
development, testing,
deployment, security runtime,
hosting and delivery
PROTECT APPs &
APPLICATIONS
Enforce authentication, access
controls and authorization
policies for APIs
Secure API inputs and API
outputs and provide
application security, eg XSS
and schema validation
Simplify SSO and federation to
apps and services through API
brokering
INTEGRATE
EVERYTHING
Streamline integration of
cloud, on-premise and PaaS
services
Comprehensive, extensive
mapping and protocol
transformations – anything
to anything
Flexible deployment models
– cloud portal and on-prem
gateway
28 © 2014 CA. ALL RIGHTS RESERVED.
MONETIZION & THE
BUSINESS OF APIS
Easy-to-use and flexible way
to generate revenue for the
use of APIs
Provide analytics and
reporting on API activity
Deliver billing system
integration to facilitate a
single view into APIs and
billing
- 29. K. Scott Morrison
SVP & Distinguished Engineer
Scott.Morrison@ca.com
@KScottMorrison
slideshare.net/CAinc
linkedin.com/KScottMorrison
ca.com
- 30. Copyright © 2014 CA. All trademarks, trade names, service marks and logos referenced herein belong to their respective companies.
THIS PRESENTATION IS FOR YOUR INFORMATIONAL PURPOSES ONLY. CA assumes no responsibility for the accuracy or completeness of the
information. TO THE EXTENT PERMITTED BY APPLICABLE LAW, CA PROVIDES THIS DOCUMENT “AS IS” WITHOUT WARRANTY OF ANY KIND,
INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR
NONINFRINGEMENT. In no event will CA be liable for any loss or damage, direct or indirect, in connection with this presentation,
including, without limitation, lost profits, lost investment, business interruption, goodwill, or lost data, even if CA is expressly advised in
advance of the possibility of such damages.
30 © 2014 CA. ALL RIGHTS RESERVED.