All posts by Vichitra Godamunne

Achieving GDPR Compliance in Heraklion, Crete

The city of Heraklion, capital of the Greek island of Crete, is many things – it’s a tourist attraction, a port and ferry dock, and a smart city. In fact, Heraklion was recognized as one of the world’s 21 smartest communities in 2014 and even has a technological university. As a tech-driven city, the Municipality of Heraklion decided to build a web portal for more than 6,000 users and a case management system for 700 employees. Also in this plan was the creation of an email system based on Postfix and Horde, mobile applications for the convenience of both citizens and employees, an e-payment gateway, and several WordPress sites for affiliated organizations of the municipality.

Solution Requirements

The IT infrastructure of the Municipality has multiple applications and users. And both ITDT and the Municipality wanted to create unique user profiles (and avoid duplications), a single-sign-on process for users, provide authentication mechanisms and very importantly, achieve GDPR compliance. A team comprising of the University of Crete, the National Technical University of Athens (NTUA), and ITDT Solutions (a company based in Cyprus working with a range of customers in Cyprus and the Balkans) worked with the Municipality of Heraklion to achieve these ambitious goals.

The new solution had a list of proposed items for successful project completion. The starting point for this project was the creation of a new LDAP infrastructure based on OpenLDAP (the LDAP infrastructure which existed at the time needed upgrading). User migration had to occur from the web portal’s database and other applications. Identity management is a huge requirement and the team used WSO2 Identity Server and the national identity provider for advanced security services. And the final important item was the migration of applications to SAML2 and OAuth2.

GDPR Compliance Made Easy

GDPR compliance and its importance led the project team to WSO2 Identity Server, which as an identity solutions provider, is GDPR ready. This meant that ITDT and the rest of the team did not have to do much to become GDPR compliant by themselves. ITDT created a single user store for convenience which simplified the process (the other option was to become compliant for each and every user store and application). The self-care user portal of WSO2 Identity Server plays a crucial role in GDPR compliance since it functions as a medium for users to exercise their individual rights as defined by GDPR for data managed and retained by WSO2 Identity Server. This self-care portal allows users to access and rectify any information about themselves at any point of time. Users can also request portal administrators to delete their entire user account if needed. It also enables users to revoke consent and exercise their right to be forgotten, in addition to providing them with a portal format of storing data, the right to pause/ restrict data processing, and of course, transparency on how their data will be processed.

WSO2 Identity Server comes with other perks as well. For one, it enabled ITDT and team to build a central identity so they migrated all their user stores to the central LDAP infrastructure by the project’s end. Secondly, WSO2 supported various inbound authentication mechanisms (SAML, OAuth, JWT, etc). Lastly (and best of all) is that WSO2 Identity Server is open source. This project did not have the most generous budget, and the Municipality of Heraklion needed a solution that did not have extra licensing costs attached to it. WSO2 Identity Server has an Apache 2.0 license, thereby giving the team heading this project the freedom to use this solution.

Benefits and Expansion

Apart from creating a robust solution to achieve GDPR compliance, ITDT has been able to create unique user experiences and reduce development costs for the Municipality. A digital transformation project of this nature (or indeed any such project), naturally provides insights to the team leading it by the project’s end. What ITDT learnt was that the migration of user stores is harder than they had initially anticipated as it required a lot of manpower. The team also learnt that WSO2 Identity Server is an ideal platform for creating custom solutions whilst keeping the core solution unchanged. Given the success of this project, the next step involves expansion – to other applications in Heraklion city and to other municipalities in Crete. Data exchange between municipalities and universities in Crete, and creating loyalty schemes between public and private bodies are other areas of interest. Identity management will continue to play a central role in all these plans.

Watch this presentation to learn more.

WSO2 Identity Server can be used for a host of identity management requirements, check it out here.

This article helps you understand how WSO2 Identity Server helps you achieve GDPR compliance.

Women in Open Source Tech Roundup: March 2019

Diversity. Inclusion. Challenging misconceptions. Gender equality. These are the topics in the tech industry that are being increasingly examined by organizations who are stepping up to change the percentage of women in the industry — offering them education, training, and mentoring opportunities. Globally, it is estimated that only 17% of technology jobs are occupied by women and of those, only 5% of women occupy leadership roles. A geographical breakdown of the number of women in leadership roles in the tech industry shows this, as North America accounts for 18.1%, Latin America for 13.4%, Africa and Europe for 11.2%, and Asia for 11.5%.

The numbers could look bleak (or encouraging, depends how you look at it), but the stories are always thought-provoking, warm, and inspirational. At WSO2, our story of inclusion is one we want to share. This March, we launched a video campaign starring the women at WSO2 who develop our open source products. Open source in general has a diversity problem yet interestingly, 33% of employees at WSO2 are women. When we say we’re open to integration, we mean it literally and figuratively. That means we want to create a workplace culture which strives for inclusion – be it hiring new team members from different parts of the world or hiring even more exceptional female candidates and giving them the same opportunities as their male counterparts.

We introduced some of these fantastic individuals in our teaser trailer.

This blog gives you the chance to get to know them better.

Seshika Fernando

We kicked off our campaign by featuring Seshika, who is the head of financial solutions at WSO2. Seshika’s had a versatile career so far – started in software engineering, before deciding to try something different – business analysis in the banking industry. She then returned to the tech industry (citing boredom). For Seshika, everything hinges on ability and capability. Her belief is that the company she works for must align with her personal values.

Sherene Mahanama

Sherene started her career as a technical writer at the age of 19. She didn’t necessarily plan on becoming a technical writer – rather, it was something that she came across due to her interest in writing and technology. At present, she works in identity and access management, and is very interested in GDPR and adaptive authentication (topics she even blogs about). Sherene thinks that we must all fight to maintain the highest standard of quality in our work and doesn’t believe that cultural misconceptions should discourage girls from exploring career paths that they want to pursue.

Some interesting facts about Sherene…

  • Pet peeve: Fake rumors
  • Childhood ambition: To become an FBI agent
  • If she weren’t a technical writer, she’d be a food taster!

Sithumini Senevirathne

Sithumini was very interested in learning more about programming and software development. So she started learning programming by herself, became a Sun Certified Java programmer, and developed a set of software. All this before she even began attending university! Sithumini thinks we must all establish a personal brand and collaborate to succeed. She advises women in particular to view their colleagues as potential collaborators (rather than competition) and work towards achieving a common goal.

Some interesting facts about Sithumini…

  • Pet peeve: People who spend more time on their phone during dinner or lunch than they do interacting with the people present at the table!
  • Childhood ambition: To become a news presenter
  • If she weren’t a software engineer, she’d be a university lecturer.

Natasha Wijesekare

This is Natasha’s first job. Natasha doesn’t think coding is easy – so she starts her day with a list of to do’s and if she’s managed to complete all of them, she’s satisfied. If she surpasses her daily list, then she’s absolutely ecstatic! Notwithstanding challenges, Natasha loves what she does. One of her favorite projects is Ballerina, a programming language, and she values the learning opportunities provided by this experience.

Some interesting facts about Natasha…

  • Pet peeve: People who talk over you when you’re clearly still in the middle of the sentence!
  • Childhood ambition: To become a scientist
  • If she weren’t a software engineer, she’d be a lecturer.

That’s it for March. Expect to see more stories in April on our Twitter and LinkedIn accounts.

We’re also keen to hear from women who work in open source technology all over the world and feature them in our campaign. Know anyone who has an awesome experience to share with us? Or perhaps you’re interested in being featured yourself (don’t be shy!)? Get in touch with me (vichitra@wso2.com) and Ishara (isharan@wso2.com) to start a conversation on how you can play the starring role in one of our videos or blogs!

***

And before we call it a wrap, great projects happen because of great team members. Shout out to Ishara and Vidyas, without whom the Women in Open Source Tech campaign wouldn’t have been possible.

Medical Device Integration for Better Decision Making in the Healthcare Industry: A Case Study From Engineering Ingegneria Informatica S.p.A

Medical devices that communicate with one another…sounds futuristic (or like something from a science fiction movie or novel), but it’s happening today. Engineering Ingegneria Informatica S.p.A, an Italian based software solutions provider, developed a Medical Device Integration (MDI) solution that enables devices to communicate securely, efficiently, and intelligently, enhancing patient care and monitoring capabilities. And to create their solution, they rely on the entire WSO2 Integration Agile platform.

Medical Device Integration with the WSO2 Integration Agile Platform

MDI comes with its distinctive set of challenges. Communication between medical devices is complex, hence each device needs a standard and secure communication protocol based on multiple channels. Then there’s the issue of processing thousands of events. A large hospital has a multitude of patient data, generated from thousands of sources. Engineering Ingegneria Informatica S.p.A needed to analyze these events and view patient data in the form of trend lines on customized dashboards. Also needed were monitoring dashboards displaying data regarding the status of devices.

The architecture behind MDI makes use of WSO2 Identity Server, WSO2 API Manager, WSO2 Enterprise Integrator, and WSO2 Stream Processor, along with WSO2’s IoT platform (now developed and supported by Entgra). To begin with, WSO2 Identity Server – a holistic identity and access management product – makes this solution and communication between components secure by using protocols such as OAuth2 with JWT tokens. This identity platform also generates tokens to access WSO2 API Manager.

WSO2 Enterprise Integrator facilitates all the communications in this solution and comes with integration runtimes, message brokering, and business process modeling capabilities. This agile integration platform is responsible for communicating with external modules, between the various devices and the central MDI system, and with Terminology Services to perform compensation and transformation of incoming/outgoing streams. Furthermore, WSO2 Enterprise Integrator provides technology for this solution to generate alerts or notifications from MDI to application solutions.

WSO2 Stream Processor – a lightweight stream processing platform – analyzes clinical messages from the device driver in real-time. Technical and clinical information has been divided into different complex event processing (CEP) flows. This makes it possible to manage technical warnings or CEP feeds of clinical data, and the machine learning component acquires and refines classified algorithms to help predict critical situations. WSO2 Stream Processor, in particular, has helped Engineering Ingegneria Informatica S.p.A to address the challenges of processing and analyzing the many events and the need for a customized dashboard.

The IoT capabilities are used to develop device drivers with installation packages. Each device driver has a health module that transmits technical information (which ranges from data like the heartbeat to the status of components). Each driver is also able to transform specific device protocols (such as RS232, HL7, etc.) into an encrypted generic platform message, thereby eliminating the need for MDI to identify each protocol.

The Benefits for Patients in Real Life

There’s quite a complex architecture in operation, so how does it function in a real-life situation? Marco Mastroianni, a software architect at Engineering Ingegneria Informatica S.p.A, explains how their solution applies to an Intensive Care Unit (ICU). Patients in the ICU are dependent on monitoring and life-sustaining devices where the use of information from combined (or integrated) data sources play a critical role in predicting a patient’s condition. Underpinning everything is time and the speed of communication. In such environments, monitoring capabilities and notification mechanisms come to the foreground. The data generated by these devices appear in the form of signals which is of value to signal processing techniques. Therefore, this process helps to both monitor patients and design algorithms that are used to implement patient alarms.

Patient monitoring is not limited to hospital premises – the MDI solution helps to monitor them in their homes too. Monitoring is dependent on communication between devices, how they’re managed, and how patient data is received by medical professionals. An MDI solution such as this reduces the probability of errors (particularly human errors) – greatly supporting the wellbeing of patients and the quality and speed of decision making.

You can listen to Marco’s presentation for more details on the MDI solution built by Engineering Ingegneria Informatica S.p.A.

WSO2 offers an open source integrated platform for digitally driven organizations who want to become integration agile. Everything you need to know is here.

Scaling Single-Sign-On with the Swiss Alpine Club

Mountain climbers and hikers in the Alps need reliable assistance, and that’s exactly what the Swiss Alpine Club (SAC) provides. Established in 1863, SAC is passionate about alpinism. They’ve contributed to the development of the Alpine region over the centuries and are advocates of safe, responsible mountaineering whilst ensuring free access to the mountain world.

Today, SAC has approximately 150,000 members, 111 sections in Switzerland that manage 153 mountain huts. On average, SAC sees 1 million daily visitors to these huts. SAC offers a range of services to both members and non-members. They have a SAC route portal, manage an online store with SAC products, offer discounts for accommodation, organize educational and training opportunities, and much more. Furthermore, SAC relies heavily their 7,000 volunteers who work as officials, guides, and youth organizers. These volunteers are supported by SAC’s IT office, which is located in the Swiss city of Bern.

Integration and Identity Management for User Convenience

SAC defined their digital strategy 2 years ago, and the cornerstone of this strategy is easy usage and access of services for their members and non-members. To this end, they had a straightforward set of goals which include: one identity login across all SAC services, single-sign-on (SSO) to access different services, easy onboarding of members, and to provide self-management of user accounts. SAC has around half a million users (this number keeps growing daily) and there are about 6,000 roles. Given the number of roles and types of membership (for example, officials, wardens, subscribers, etc.) means that there is a quite complex identity management structure at SAC.

SAC worked together with WSO2 Certified Integration Partner Avintis to implement their strategy. Right from the beginning of this project, both SAC and Avintis agreed on the consolidation of SAC’s user store. SAC’s new solution is composed of 2 parts – one part is concerned with integration and the other focuses on authentication, powered by WSO2 Enterprise Integrator (which can be used to build, scale, and secure integration solutions) and WSO2 Identity Server (which is a uniquely flexible product for identity needs) respectively. Being open source, both WSO2 Enterprise Integrator and WSO2 Identity Server provide SAC with a solution to avoid vendor and data lock-in, and use open standards for identity management and integration. This also further enables SAC to keep abreast with ever changing market needs.

The solution has a bi-directional integration with Microsoft Dynamics NAV and WSO2 Enterprise Integrator. They’ve also implemented REST based web services. This solution also consists of one master user store, with multiple service providers. At present, they have 6 service providers but this could potentially increase to 100 depending on the speed at which their implementation progresses. SAC translates their business cases to their user store and assign the right roles in the user store. They’ve created a login app on top of WSO2 Identity Server, which received the customer services that passes through WSO2 Enterprise Integrator. Furthermore, the identity management component follows the OpenID connect protocol.

The Result: One Login App for Everything (Literally)

SAC has reduced their data silos with the new solution. The resulting single login app facilitates user authentication, registration, membership applications, account activation, and password resets. Users can now book accommodation, subscribe to SAC services, shop in the online store, and access any other service with one single identity.

SAC’s plans extend beyond creating a seamless and convenient user experience. They’re now looking at WSO2 API Manager (which can be used to address any spectrum of the API lifecycle, monetization, and policy enforcement) for secure access to and management of upcoming/ existing APIs. In order to achieve scalability and reduce downtimes to zero, SAC runs most of the applications in Docker containers using Jelastic PaaS, and plans to migrate all of their web infrastructure to this cloud platform.

With plenty of changes anticipated in the near future (along with rising numbers of visitors to the Alps), Daniel Fernandez, head of IT at SAC, advises meticulous planning when undertaking a digital transformation project of this nature. And in addition to planning, he advocates being prepared for unexpected situations, as in his opinion a project such as this has an impact on everything else in an enterprise.

Listen to Daniel’s presentation for more details on how SAC implemented SSO.

WSO2 API Manager, WSO2 Enterprise Integrator, and WSO2 Identity Server form the WSO2 Integration Agile Platform. Learn all about our open source approach here.

Delighting Customers with an API First Approach at Proximus

Proximus, the largest telecommunications provider in Belgium, has been around since 1930. At present, Proximus provides internet, TV, telephone, and network-based ICT services. Their brand portfolio includes Scarlet, NBRACE, tango, ClearMedia, TeleSign, Davinsi Labs, telindus, BEMOBILE, and bics. Collectively, these brands have presence beyond Europe – in the Middle East, Americas, Africa, and APAC.

APIs Are Great – Again

Proximus has 2,000 to 3,000 applicators in the entire organization, integrating internally and externally with partners, competitors, and customers. Most importantly, these integrations have to be managed. The scenario that would result in not doing so is endless difficulty and inconvenience. A decade ago, Proximus designed their architecture for managing commodity services such as authentication, authorization, routing, and monitoring. So far, so good.

Change came in the form of agile business transformation. By becoming more agile, they were looking to deliver services faster, of better quality, and at lower cost. Proximus achieved business agility by building functionality shaped building blocks that are re-usable and loosely coupled. These building blocks are used to provide their digital solutions, all at lower costs and higher quality. Agile transformation has been made possible by WSO2 API Manager, which supports any spectrum of the API lifecycle, and WSO2 Identity Server, a holistic identity and access management (IAM) solution. Both are open source.

“We had to rethink what we were doing and essentially look at making APIs great again,” says Sean Kelly, an enterprise architect at Proximus. They’ve already worked with APIs, mainly to offer services – but agile transformation means approaching everything differently. This began by bringing together architectural domains that are well-defined and separate. For one, there was a functional domain which operated on specific blocks of functionalities (such as customer address management). Then there was an important security domain that is responsible concerns such as GDPR compliance. The application domain handles patching, upgrading, migrations, and such. And finally, the infrastructure domain is needed for deployment.

Functional Domain in Detail

Sean explains the new approach at Proximus by using the functional domain as an example. The team at Proximus documented all business capabilities and they first defined the characteristics of a capability. For starters, a capability must be a subject matter expert i.e. a customer address management capability is the owner and master of this specific block of data. This capability is the single source of data for the particular function, with a specific team attached to it. Furthermore, business capabilities are also mutually exclusive – unique, but independent, self-contained, and well defined.

The implementation of this new API-first approach happened in a very structured manner. APIs at Proximus are lightweight and powerful, with simpler life cycles and release cycles. Product teams were empowered and the API management platform is more agile. Although the API management platform is a self-service one, there are certain controls in place. Collaboration plays a big role too. Given the number of architectural domains, collaboration could be a challenge and it required a shift in mindset across the organization.

Organizational Change from Service Orientation (SOA) to Resource-Based Architecture

Proximus adopted the Bimodal practice to deal with organizational change. Introduced by Gartner, Bimodal refers to the strategy of coping with change and it’s comprised of two modes (modes 1 and 2). As per Gartner’s definition, these 2 modes are cycles, and not separate groups or departments in the company. “Mode 1 is the marathon runner, that is, it refers to APIs that perform core business functions. Mode 2 is more like a sprinter. These are the APIs that respond to the environment, are closer to your customers, more agile, and typically more disruptive,” Sean explains. At Proximus, mode 1 is applied to internal APIs and existing SOA services. Mode 2 is applied to external APIs and this is where they publish their digital products, with a strong focus on security.

Apart from the Bimodal practice, Proximus has also adopted several principles. There’s no domain dumping model at Proximus, and they use concepts that are known and understood within the organization. They design for loose coupling, as vendor-neutral APIs are preferred and it allows them to change one component to another with minimal impact. Proximus also use industry standards such as O-Auth2, XACML, SID, JWTE, etc. Another is the use of smart endpoints and dumb pipes, which is to avoid business logic in a centralized middleware. Security is coded, rather than configured. As such, the code is typically only written once and then validated by security, making it easier to manage this process as well. Proximus also do not use the latest version of a particular technology offered – they prefer to trail behind the bleeding edge, as they’re on the lookout for the first round of patches and use the functionality with greater confidence at a later time. And finally, Proximus only builds components or purchases software that is cloud native.

Delighting Customers

The team at Proximus are satisfied with their API first approach and the resulting API marketplace. “We’re focusing on delighting our customers, delivering value, and doing all this at a lower cost. We use WSO2 to do what they do best. For us, WSO2 is an API management platform and we let them handle that while we focus on the business,” says Sean. As with any innovative business, there are more changes afoot at Proximus and they’re looking to take WSO2 along with them as their business evolves.

Watch Sean’s presentation for more information about the transformation at Proximus.

Check out our product pages for WSO2 API Manager and WSO2 Identity Server to find out how you can use these products in your enterprise.

Open Banking Implementations in Europe and Africa: The Story of Société Générale (So Far)

Investment and retail bank Société Générale has its headquarters in Paris, France plus 45 branches in 36 countries, representing over 18 million customers globally. Retail banking services support 3 business lines in the regions of Europe, Africa and the Mediterranean, and Russia. Their 2020 strategic plan is simply named “Transform to Grow.” Open is the keyword here. “We want an open approach to develop offers and client satisfaction,” says Jean-Louis Rocchisani, enterprise architect at Société Générale.

The Transformative Powers of Open Banking

Open banking plays a crucial role in Société Générale’s transformative approach to business growth. Their open banking journey started in 2015, having recognized the opportunities it presents for improving the time-to-market and reforming their business model. Their open banking efforts have not passed by unnoticed. Recently, Société Générale was selected as the most advanced company out of 44 listed companies in the French market. After investing in the needed architecture, Société Générale now looking to extend towards the bank as a platform model.

Société Générale also sees the the transformative power of technology and APIs in its future. “We’re currently in the proprietary model, but we see the opportunities to increase our distribution power by creating a smooth digital end-to-end process,” says Jean-Louis. “We’re also looking to monetize our services and most importantly, create interactions between service producers and customers – which is also quite hard to launch. But this is possible because we have APIs as a product.”

Société Générale is guided by open banking drivers in the many parts of the world that they operate in. These include PSD2 compliance and beyond in Europe, modernizing B2B2C models, and enhancing digital banking services (as is the case in Africa). Community plays a central role in Société Générale’s open banking efforts, as markets are different and evolving across countries, and working with local communities of financial service providers is essential.

Jean-Louis presenting at WSO2Con EU

How Société Générale Came Across WSO2 Open Banking

Société Générale and WSO2 have a strategic partnership that dates back to 2015, ever since the first successful implementation. Their first success story and the fact that WSO2 is open source were major deciding factors for Société Générale. SOSMART is the acronym for Société Générale’s architecture principles which are sustainable, open, modular and real-time, and API first. They were looking for a technology partner who would accompany them for the entirety of their open banking journey. WSO2 Open Banking provides the technology for open APIs, secure integration with banks and third parties, and integration analytics capabilities. “WSO2 has innovative products, efficient people, and a shared vision with us,” explains Jean-Louis.

Use Cases From Africa and Europe

Germany: This was the first use case implemented by Société Générale and is centered on equipment finance, financing for big customers through vendors. This project began by implementing a B2B2C platform using WSO2 Open Banking, using the support from local vendors. This platform is now extended to include international vendors as well, using a federated model rather than a shared one to improve its efficiency.

Czech Republic: A large bank in the Czech Republic needed to leverage PSD2 towards open APIs, using WSO2 Open Banking. The bank is now working with fintech developers and partners in the country, using the API platform which was launched. This bank is looking to close the gap between iteration and deployment and they’re satisfied with their progress so far.

Africa: Société Générale works on innovations to digital and mobile banking rather than regulatory compliance in their African business operations. They currently have 12 banks in Africa, all of whom are different despite sharing the same core banking system and is therefore difficult to scale use cases from one country to another. An API layer has reduced the time to market, and the next stage is to open this platform to fintechs and other service providers in the ecosystem.

France: Société Générale’s French overseas territories banks have to achieve PSD2 compliance. In spite of the tight deadline, Société Générale believes this can be achieved on time and are using WSO2 Open Banking to speed up the implementation.

What’s Next?

With experience gained from a string of successes, Société Générale has more exciting projects lined up together with WSO2 Open Banking. For Jean-Louis, technology is an enabler (and not a constraint) and he says, “We believe in an interoperable world, where technology opens up possibilities leading to more success stories.”

Listen to Jean-Louis’s complete presentation in this video.

WSO2 Open Banking helps you achieve regulatory compliance in Europe and Australia, with successful use cases from around the world. Learn all about its capabilities here.

Macmillan Learning and Ribbonfish: Solving Diverse Integration Needs to Help Students and Instructors Better

Macmillan Learning is a leader in the education publishing and EdTech industries, with a target market of over 9,000 colleges and 50,000 high schools in USA and Canada. Their partnerships with many of the world’s best researchers, educators, and administrators, as well as their emphasis on top quality content drive their business. Macmillan Learning teamed up with Ribbonfish, who specializes in offering service solutions to the media and publishing industries, to answer the changing needs of the education industry – helping both students and instructors improve their outcomes.

A Technology Strategy for an Evolving Industry

Macmillan Learning observed how the education industry has been evolving over the years and realized that they need a strategy to answer to the rapid developments that are taking place in this industry. Key among their goals was responding to market needs faster and providing students with interactive digital solutions to support their education.

However, the education industry is a seasonal one and Macmillan Learning wanted to ensure their new solutions caused the least amount of disruption, particularly during peak times. Another important consideration was the internal organizational structure. “You can’t develop a technology strategy in isolation, we need to be mindful of both the structure and culture of an organization. The culture needs to be improved, particularly when partnering with others and the structure needs to be standardized across the various teams,” says Sagar Bujbal, VP technology at Macmillan Learning.

Like any other business, Macmillan Learning integrates with many disparate systems. “Around 60 to 80% of your time is spent on supporting these various systems, rather than concentrating on innovation. When thinking about the right solutions implement, we really need to quantify the strengths and weaknesses of each of these systems,” says Paul King, a solutions architect at Ribbonfish. Both Paul and Sagar stress on the point that seamless integration in such a context requires architectural guardrails and governance. They explain that a well-defined target reference architecture (prior to development) with a long term vision, taking into account changes that will have to be encountered over the years, is a solid starting point. Best practices and utilizing out-of-box platform capabilities are further requirements for seamless integration.

Sagar and Paul presenting at WSO2Con USA

Selecting the Right Technology

Both Sagar and Paul believe that an enterprise integration platform is one of the most strategic technology decisions that a business makes. They were looking to build a target reference architecture that was business driven, rather than focusing on a particular technology and evaluated several technology vendors based on this. Macmillan Learning and Ribbonfish considered factors such as platform capabilities, maturity of the product, type of agility provided for developers, quality of production support, costs, and the vendor’s willingness to work closely with a business to solve their particular needs. Both were of the view that WSO2 Enterprise Integrator, with its integration runtimes, message brokering, business process modeling, and analytics capabilities, catered to their requirements.

Achieving Seamless Integration

Given the fact that integration needs at Macmillan Learning were diverse, Sagar and Paul decided on APIs as the de-facto standard for integrating all their systems. They also made sure that there was no direct coupling. Their current architecture includes the Macmillan Learning integration layer composed of WSO2 Enterprise Integrator along with Salesforce. Paul explains that one of their main goals when building the new architecture was to not over complicate things and using WSO2 helped, “One of the big things we really took from it when we selected WSO2 as a platform and service was that there are plenty of solutions within WSO2 itself.”

Paul and Sagar state that documenting the inventory of business processes and interactions contributed a lot to their success, as it helped them to better define their target reference architecture. They also believe that defining their integration techniques, constant communication with their engineering team, and weekly reviews of what they implemented helped them immensely.

More innovation is planned for Macmillan Learning and Ribbonfish. The huge scale of transformation at Macmillan Learning means that there is a continuous demand to meet these requirements. Proactive customer service plays a key role in this transformation. Macmillan Learning and Ribbonfish gain insights from interactions between customer care agents, students, and instructors to improve this transformation process and customer satisfaction. And as mentioned earlier, they will continue to review what they do for the best possible outcomes.

To learn more about how Macmillan Learning and Ribbonfish are working together, watch this video:

Everything you need to learn about WSO2 Enterprise Integrator is here.

Using Open Source Technology to Solve Complex Integration Needs at American Express Global Business Travel

American Express Global Business Travel (GBT) is a travel and meetings management company, which operates in 140 countries at present. They receive over 3 million messages and make 100 million service calls, all in one day! To effectively deal with the sheer volume of messages and calls, GBT launched Global Trip Record™, a platform that captures all global bookings on various transport companies in one system and functions as their single source of real-time and historic trip data.

A Strong Orchestration Layer: The Need of the Hour

GBT was looking for a strong orchestration layer on which to build this platform. They had an existing legacy system, part of which was a Java application that had thousands of lines of code across different files. For this reason, each redeployment required IT to shut-down, then re-start, the entire system. “No integration is easy and proprietary software doesn’t allow you to change much,” says Pradeep Chintam, software engineer at GBT. “As a developer, I like working with the code everyday. We were also looking for a product that allowed customization together with reliability. Hence, the decision to use WSO2 Enterprise Integrator,” he explains.

Eventually GBT decided on a microservices approach, yet they evaluated the pros and cons carefully first. Pradeep had a lot of questions on how microservices can be used to orchestrate between services, how to proceed with service discovery, and how to perform load balancing and fault tolerance. “When discussing microservices architecture, a lot of people are of the view that you should have smart endpoint and dumb pipes. I honestly don’t agree with that. What do we want from a solution – to follow principles to the letter or an application that functions without glitches? I think many people would choose the latter, no matter how important principles are,” says Pradeep. That was exactly what was done with WSO2 Enterprise Integrator when building their new platform.

GBT has many connecting systems and wanted to enforce a single entry point to their application. Thus, the architecture is built in way that everything connects via WSO2 Enterprise Integrator, and all orchestration between microservices happen within WSO2 Enterprise Integrator itself. This architecture has worked for 2 years to date, without a single instance of downtime.

Pradeep speaking at WSO2Con

The Deployment Model

Every message passes through at least thirty microservices and all the message transformation is handled by WSO2 Enterprise Integrator. GBT scales up their microservices so that they can handle hundreds of transactions and messages per second, but they scale the Enterprise Service Bus (ESB) based on their needs. To accomplish this, GBT also also uses Apache Kafka to bring elasticity to the application, as they do not want to overload WSO2 Enterprise Integrator when connecting 30 different downstream vendors.

During the deployment model, the code is first checked into git. The architecture includes a Jenkins server where the build is triggered and it then passes to SonarQube which verifies all vulnerabilities and bugs. It is then packaged to CAR files. A plain ESB image is pulled, customized files are overwritten, and the CAR files are then copied to appropriate folders. After that, the final Docker image is created and published in their Nexus repository. Deployment is triggered in OpenShift which only receives the image tag number. OpenShift will then pull the image from Nexus, deploy it, and is finally ready to serve the request.

Unlike the industry standard, GBT does not use a governance registry in their architecture. As a result, Pradeep limited the number of instances and technologies. GBT uses a custom solution, where they use another ESB project which acts as their governance registry.

This solution is an integral component of GBT’s aim to provide travel management tools that offer millions of customers around the world the best possible travel experience. “The fact that WSO2 Enterprise Integrator is open source and allows for flexibility were big plus points for us. Apart from that, the support has been great. I’ve been using the product for over 6 years and I’ve only raised a support ticket once, which was solved within the day,” says Pradeep.

To learn more about how GBT created Global Trip Record™, watch this video:

Skate to Where the Puck Will Be: How Wells Fargo Created an Award Winning, Customer Facing API Channel

When studying Internet user habits, Wells Fargo came across a surprising revelation – although the amount of time that individuals spend online has leaped significantly over a 16 year time frame (from 2000 to 2016), only around 3% of that time is allocated to browsing about financial services. This got Eric Halverson, SVP, Head of Gateway Support & Services at Wells Fargo, thinking about their existing distribution channel and how it can be improved to provide better experiences for people. For Eric (and Wells Fargo), doing what’s right for customers means not only answering customer expectations, but exceeding them and building relationships that last a lifetime. Enter the Wells Fargo API Gateway, created using our open source WSO2 API Manager. This platform delivers all their products and services to customers’ digital experience of choice and supports all of Wells Fargo’s business units across the company.

Eric Halvorson presenting a keynote at WSO2Con USA 2018

Yet how do you begin to provide APIs to customers all around the world? Upon realizing there were no large banks in the US that had an API platform, a team of 4 from Wells Fargo spoke to banks in Europe and Southeast Asia, in addition to companies in the US who had built API platforms. Following which Wells Fargo decided to expand this particular team from 4 to 150 within six months. They also decided to use agile, and in essence live the agile manifesto, over the waterfall fashion. The API Gateway was launched on September 2016, with 5 APIs and DevPortal 1.0 (the latter was very basic at the time, although it had all the functionalities for integration).

Fast forward to July 2018, Wells Fargo had hundreds of implementations with many customers who are performing multiple API implementations. The platform provides streamlined on-boarding for both new and existing partners, round the clock operations and support, and multiple security layers in addition to the existing risk management controls. They’ve also launched DevPortal 2.0 which bagged a Monarch Award for its creativity and innovation.

Engaging with their community of customers and partner groups takes precedence for Wells Fargo. They’ve repeatedly heard from customers about the difficulties they face when implementing large scale platforms. Which is why from the project’s inception, Wells Fargo went that extra mile to ensure that customers can integrate easily. The fastest onboarding time so far? One day!

Customers and partnerships will continue to be at the forefront as Wells Fargo continues to explore the many API opportunities that are out there. Currently they’ve identified 3 areas of interest: creating API products for wholesale customers, partnerships with 3rd party platforms, and accelerate Wells Fargo integrations with vendor solutions. Eric explains further, “As we gain more experience with our customers and see how our integrations work, we’ll open up to more as we go along. It’s a constantly evolving strategy of trying to be where the puck will be – we want to be where the industry is moving before it gets there.”

Some use cases of the Wells Fargo API Gateway include account aggregation, ACH payments, and foreign exchange. Retail customers are a big beneficiary of account aggregation APIs, as they can control access to their data through a product named Control Tower™ which Wells Fargo introduced specifically for this purpose. Customers can check their account balance and activity data on approved aggregator sites. As the top ACH payment provider in the US, Wells Fargo has built up their transactional APIs to be re-used, allowing customers to move from one experience to another with minimal changes to their resources underlying the APIs. Customers who need to transfer funds internationally benefit from the foreign exchange platform, which is directly connected to customers’ ERP or customer portals. These customers can obtain a foreign exchange quote, book a deal, and settle the payments all in one go. “We’re making people’s lives richer by embedding financial services in the moment they’re at, and delivering services to where the customer is at rather than making them come to us,” concludes Eric.

Watch Eric’s presentation for more details about the Wells Fargo API Gateway.

Learn more about WSO2 API Manager. Did you know? We were named as a Leader in The Forrester Wave™: API Management Solutions, Q4 2018 Report. You can download this report here, no details required.

Agile Digital Transformation Strategies and Success Stories at WSO2 Summit

A packed audience of CXOs and solutions architects greeted us at our first WSO2 Summit for the year in London recently! Held in several locations around the world, WSO2 Summit offers C-level executives and architects a valuable opportunity to speak to our leadership, and discuss how WSO2 technology can help organizations create successful digital transformation strategies.

This year’s Summits are held on the theme of enabling organizations to create their digital transformation strategies and put them into practice. Our CEO Tyler Jewell started the event in London with an introduction to the many reasons as to why enterprises can choose the open source WSO2 platform for digital agility. He also gave a brief recap of our performance last year, including the growth of our global customer base and the other exciting initiatives we have planned for this year.

Continuing on the topic of digital agility, our CTO and Co-Founder Paul Fremantle elaborated on why the only competitive organizations in the future will be those that create adaptive digital experiences for their customers. Paul discussed in detail about what he means by an adaptive enterprise, how enterprises can become more adaptive, and the needs of such enterprises i.e. both centralized and decentralized integration, and architectural units of composition. His talk concluded on the point that open source (and open cross cloud) is of immense value in the business architecture of an adaptive enterprise.

Business architecture and the importance of adapting to change also formed the basis of Asanka Abeysinghe’s discussion. Asanka, who’s the VP of architecture at the CTO office, shared the essential guidelines for building a business architecture – understand consumer behavior, seek to create new consumer experiences, select the right channel to engage with them, and take advantage of data to improve these experiences. He then explained how the different WSO2 product capabilities (API management, integration, identity and access management, and analytics) can be used to connect, create, secure, and govern digital enterprises.

WSO2 Summits also feature success stories of enterprises that have used our technology to create digital transformation strategies and innovative experiences for their customers/users. The first of these stories was presented by the Malta Information Technology Agency (MITA), on how they used WSO2’s API management and integration capabilities to create myHealth NG application, enabling better interactions between patients and doctors, and thereby facilitating better primary healthcare services for individuals. Brian Muscat, a solutions architect from MITA who delivered this story, recounted the challenges which MITA had to overcome (such creating a secure and scalable application, creating an architecture resilient to change), in order for this project to become successful.

The other success story was presented by Wheeve (a WSO2 Partner), on how they used WSO2 technology to deliver business value for one of their customers in the engineering industry. Jack Hanison, CTO and Co-Founder of Wheeve, described how their customer faced certain data matching issues in several operational areas, which eventually had an impact on their financial reporting, revenue recognition, and overall customer perceptions of the organization. A cloud hosted WSO2 platform was used to overcome these challenges and improve business operations – resulting in cost savings for the organization.

A huge thank you to both Wheeve and Chakray who supported the WSO2 Summit in London as Partner Sponsors!

The Summit may have concluded in London, but we’re heading to Chicago and New York in June, and Sydney and Sao Paulo in October! If you’re in any one of these locations, do drop by to meet Tyler, Paul, and Asanka and discover what WSO2 technology can do for your enterprise.