All posts by Vichitra Godamunne

Women in Open Source Tech Roundup: April and May 2019

We launched a campaign to celebrate the intelligent, awesome, and interesting personalities behind our technology earlier in the year. In April and May, we spoke to female software engineers, a technical writer, an enterprise architect, and a research engineer to find out how they found themselves where they are today and why they want more girls to join this industry.

This roundup gives you the chance to get to know them better.

Dakshitha Ratnayake

We started April by featuring Dakshitha, an enterprise architect at WSO2’s CTO office. Dakshitha defines success in life as being the ability to juggle both motherhood and career development to the best of her ability. “Keep learning” is her mantra, because change is constant and it’s never too late to learn, adapt, and improve yourself in the long run. When she’s not at work, she loves to run, play basketball, sing, bake, and cook – Dakshitha has a lot going on always!

Some interesting facts about Dakshitha…

  • Pet peeve: Cantankerous keyboard warriors
  • Childhood ambition: To become an astronaut
  • If she weren’t an enterprise architect, she’s be a writer, a chef, or a teacher.

Anupama Pathirage

As a teenager, Anupama wanted to be a hacker. But she became a software engineer instead and is currently a technical lead for Ballerina, a cloud native programming language. Anupama first came across a programming language as a teenager, and she never thought that one day, she’ll be working on developing a new programming language from scratch. Success for Anupama is the ability to be satisfied with whatever we choose to do in life.

Some interesting facts about Anupama…

  • Pet peeve: People who constantly talk about doing something but never take action or follow through
  • Childhood ambition: To become a computer system hacker (of course!)
  • If she weren’t a software engineer, she’d be an entrepreneur.

Sinthuja Rajendran

Sinthuja is a senior technical lead at WSO2. She loves her job as it involves conducting research about current and emerging trends in technology, and advising others in her team. Although she studied telecommunications engineering at university, her true career passion lies in computer science and software engineering. Sinthuja, success is inner happiness – whether it’s following your dreams or you’re delighted that you performed a simple task better than you initially anticipated.

Some interesting facts about Sinthuja…

  • Pet peeve: Expecting great results sans the effort
  • Childhood ambition: To become a pilot
  • If she weren’t a software engineer, she’s be an interior designer.

Yvonne Wickramasinghe

Yvonne loves animals, helping to rescue stray animals wherever she can. She’s passionate about nature, raising awareness on issues such as deforestation and environmental damage. Yvonne is also a technical writer at WSO2. She believes in being true to one’s self to achieve success and advises others to not be afraid of failure. Yvonne thinks that women have a remarkable ability to thrive in fast-paced environments – and sometimes, this can lead to misinterpretations.

Some interesting facts about Yvonne…

  • Pet peeves: Cruelty to animals, deforestation, and destroying nature
  • Childhood ambition: To become a medical practitioner
  • If she weren’t a technical writer, she’d be a business analyst or product manager.

Nayantara Jeyaraj

Nayantara (or Taro as she’s more commonly known as) loves music, Instagramming, and pop culture. When she was at university, she learnt about the digital divide in today’s world. Eventually, this is what spurred her to become a research engineer so that she can contribute to bridging this gap – in whichever way she can through her work. She encourages others to move out of their comfort zones, keep learning, and introduce new ideas.

Some interesting facts about Taro…

  • Pet peeve: When someone says that they don’t like k-pop, even worse, BTS
  • Childhood ambition: To be an adventure-fiction writer
  • If she weren’t a research engineer, she’d be a pop-culture content producer at BuzzFeed.

Keep a lookout on our LinkedIn and Twitter pages because we’ll be featuring more of these videos in June. Kudos to Ishara and Vidyas for being a part of this project with me behind the scenes. We’d love to hear from more women who work in open source technology to learn more about your experiences. Drop us an email on vichitra@wso2.com and isharan@wso2.com to be a part of this campaign.

Lindex: Innovating with APIs in the Fashion Retail Industry

Fashion is a dynamic industry and any fashion retail business needs to be as agile as possible, particularly in the present era of e-commerce and instant customer gratification. This is a reality that the Scandinavian based fashion chain Lindex is all too aware of, having been around since the 1950s. Currently Lindex has 470 stores in Scandinavia, Central Europe, Baltic states, Middle East, and the UK, with an employee base of over 5,000. Their business is underscored by sustainability, as 55% of their clothing is made from sustainable materials. Lindex decided to enhance their digital services by exposing APIs over their existing monolithic architecture. This enabled them to build applications that improved user experiences for both customers and employees.

Move With The Times

15 years ago, Lindex began their first foray into e-commerce. This was very much an experimental project, where a team was tasked with designing a platform and more importantly, monitoring customer responses to such a platform. Lindex started with a monolithic architecture which had worked satisfactorily for a decade. But there was a snag – they had accumulated a lot of technical debt over the years and moreover, security models had changed. It was time to try something new. Lindex considered open source, as they understood that it provides greater extensibility and flexibility when building a solution.

That something new was the development of a customer loyalty app – their change agent. Lindex wanted an omni-channel app which gave users a hassle free experience, with product information, prices, and promotions being shared between the app, website, and stores. They were clear that they did not want to integrate this new system with the existing monolith and furthermore, they also knew that a new team was needed.

The new platform consisted of customer loyalty app, the new ‘My Store’ app, and other customer experience solutions on the top layer, all to be exposed via an API layer. Once Lindex had completed the implementation of this first set of APIs it immediately became apparent that different levels of complexity within the backend systems would require different versioning of each of the created API’s moving forward as each monolithic application was adapted to become digital. It was recognized that the team would require some form of management for the API framework and a business case was undertaken to assess a number of API Manager systems which complied with industry standards and more importantly, would work seamlessly with their existing customer repository. Lindex also had a preference for a security solution that was able to work seamlessly with their existing customer repository. These requirements, along with the need for an open source solution, led them to WSO2 API Manager (which addresses API management, development, and integration). They also chose WSO2 Identity Server, which is optimized for identity federation and single-sign.

Multiple Teams for Multiple Customer Experiences

While the app team was developing the new application, Lindex’s team responsible for their existing monolithic architecture was busy refactoring the code in order to expose functionality in the customer shopping experience – i.e. features like shopping cart, wish list, pricing, promotions, and order details. They also had other development teams working on other areas of customer experience simultaneously. The ‘My Store’ program was upgraded, they were able to create a ‘My Stock’ app and a ‘My Customer’ app (when in-store personnel were acting on behalf of customers). During the complex process of setting up multiple levels of authentication across different user groups, Lindex found that WSO2 Identity Server provided the authentication capabilities needed for these apps. In total, there were 5 teams working on enhancing customer experience and there are plans for expansion.

Like their initial venture to e-commerce, this project has also been an experimental one for Lindex, to understand what works best and adds business value. They now believe that a gradual replacement of backend functionality is what works for them. “Thanks to WSO2 and the open source model, this has been a breeze. It’s been risk-free for us. The middleware has been rock solid from the get-go really,” says Johan Edling, an enterprise IT architect at Lindex.

Some Lessons Learnt Along the Way

Lindex gained some valuable insights when they worked on this project, and if they were to return to square one, their key advice to others starting this journey would be as follows:

  • Set up API statistics right at the start of the project, even if it looks expensive at first glance. Failing to do so is not the best course of action.
  • Time is always important – time must not only be allocated to the development of API resources, but to changes you anticipate as well.
  • Perform automatic testing of API resources and ensure that teams working on the project have the relevant API development skills are things to consider.
  • Document error handling guidelines.

With the new API design in place, Lindex now offers a modern shopping experience for their customers.

For more details, watch Johan’s talk.

WSO2 was named a Leader in The Forrester Wave ™: API Management Solutions, Q4 2018 report. Check it out here and learn about WSO2 Identity Server here.

Achieving GDPR Compliance in Heraklion, Crete

The city of Heraklion, capital of the Greek island of Crete, is many things – it’s a tourist attraction, a port and ferry dock, and a smart city. In fact, Heraklion was recognized as one of the world’s 21 smartest communities in 2014 and even has a technological university. As a tech-driven city, the Municipality of Heraklion decided to build a web portal for more than 6,000 users and a case management system for 700 employees. Also in this plan was the creation of an email system based on Postfix and Horde, mobile applications for the convenience of both citizens and employees, an e-payment gateway, and several WordPress sites for affiliated organizations of the municipality.

Solution Requirements

The IT infrastructure of the Municipality has multiple applications and users. And both ITDT and the Municipality wanted to create unique user profiles (and avoid duplications), a single-sign-on process for users, provide authentication mechanisms and very importantly, achieve GDPR compliance. A team comprising of the University of Crete, the National Technical University of Athens (NTUA), and ITDT Solutions (a company based in Cyprus working with a range of customers in Cyprus and the Balkans) worked with the Municipality of Heraklion to achieve these ambitious goals.

The new solution had a list of proposed items for successful project completion. The starting point for this project was the creation of a new LDAP infrastructure based on OpenLDAP (the LDAP infrastructure which existed at the time needed upgrading). User migration had to occur from the web portal’s database and other applications. Identity management is a huge requirement and the team used WSO2 Identity Server and the national identity provider for advanced security services. And the final important item was the migration of applications to SAML2 and OAuth2.

GDPR Compliance Made Easy

GDPR compliance and its importance led the project team to WSO2 Identity Server, which as an identity solutions provider, is GDPR ready. This meant that ITDT and the rest of the team did not have to do much to become GDPR compliant by themselves. ITDT created a single user store for convenience which simplified the process (the other option was to become compliant for each and every user store and application). The self-care user portal of WSO2 Identity Server plays a crucial role in GDPR compliance since it functions as a medium for users to exercise their individual rights as defined by GDPR for data managed and retained by WSO2 Identity Server. This self-care portal allows users to access and rectify any information about themselves at any point of time. Users can also request portal administrators to delete their entire user account if needed. It also enables users to revoke consent and exercise their right to be forgotten, in addition to providing them with a portal format of storing data, the right to pause/ restrict data processing, and of course, transparency on how their data will be processed.

WSO2 Identity Server comes with other perks as well. For one, it enabled ITDT and team to build a central identity so they migrated all their user stores to the central LDAP infrastructure by the project’s end. Secondly, WSO2 supported various inbound authentication mechanisms (SAML, OAuth, JWT, etc). Lastly (and best of all) is that WSO2 Identity Server is open source. This project did not have the most generous budget, and the Municipality of Heraklion needed a solution that did not have extra licensing costs attached to it. WSO2 Identity Server has an Apache 2.0 license, thereby giving the team heading this project the freedom to use this solution.

Benefits and Expansion

Apart from creating a robust solution to achieve GDPR compliance, ITDT has been able to create unique user experiences and reduce development costs for the Municipality. A digital transformation project of this nature (or indeed any such project), naturally provides insights to the team leading it by the project’s end. What ITDT learnt was that the migration of user stores is harder than they had initially anticipated as it required a lot of manpower. The team also learnt that WSO2 Identity Server is an ideal platform for creating custom solutions whilst keeping the core solution unchanged. Given the success of this project, the next step involves expansion – to other applications in Heraklion city and to other municipalities in Crete. Data exchange between municipalities and universities in Crete, and creating loyalty schemes between public and private bodies are other areas of interest. Identity management will continue to play a central role in all these plans.

Watch this presentation to learn more.

WSO2 Identity Server can be used for a host of identity management requirements, check it out here.

This article helps you understand how WSO2 Identity Server helps you achieve GDPR compliance.

Women in Open Source Tech Roundup: March 2019

Diversity. Inclusion. Challenging misconceptions. Gender equality. These are the topics in the tech industry that are being increasingly examined by organizations who are stepping up to change the percentage of women in the industry — offering them education, training, and mentoring opportunities. Globally, it is estimated that only 17% of technology jobs are occupied by women and of those, only 5% of women occupy leadership roles. A geographical breakdown of the number of women in leadership roles in the tech industry shows this, as North America accounts for 18.1%, Latin America for 13.4%, Africa and Europe for 11.2%, and Asia for 11.5%.

The numbers could look bleak (or encouraging, depends how you look at it), but the stories are always thought-provoking, warm, and inspirational. At WSO2, our story of inclusion is one we want to share. This March, we launched a video campaign starring the women at WSO2 who develop our open source products. Open source in general has a diversity problem yet interestingly, 33% of employees at WSO2 are women. When we say we’re open to integration, we mean it literally and figuratively. That means we want to create a workplace culture which strives for inclusion – be it hiring new team members from different parts of the world or hiring even more exceptional female candidates and giving them the same opportunities as their male counterparts.

We introduced some of these fantastic individuals in our teaser trailer.

This blog gives you the chance to get to know them better.

Seshika Fernando

We kicked off our campaign by featuring Seshika, who is the head of financial solutions at WSO2. Seshika’s had a versatile career so far – started in software engineering, before deciding to try something different – business analysis in the banking industry. She then returned to the tech industry (citing boredom). For Seshika, everything hinges on ability and capability. Her belief is that the company she works for must align with her personal values.

Sherene Mahanama

Sherene started her career as a technical writer at the age of 19. She didn’t necessarily plan on becoming a technical writer – rather, it was something that she came across due to her interest in writing and technology. At present, she works in identity and access management, and is very interested in GDPR and adaptive authentication (topics she even blogs about). Sherene thinks that we must all fight to maintain the highest standard of quality in our work and doesn’t believe that cultural misconceptions should discourage girls from exploring career paths that they want to pursue.

Some interesting facts about Sherene…

  • Pet peeve: Fake rumors
  • Childhood ambition: To become an FBI agent
  • If she weren’t a technical writer, she’d be a food taster!

Sithumini Senevirathne

Sithumini was very interested in learning more about programming and software development. So she started learning programming by herself, became a Sun Certified Java programmer, and developed a set of software. All this before she even began attending university! Sithumini thinks we must all establish a personal brand and collaborate to succeed. She advises women in particular to view their colleagues as potential collaborators (rather than competition) and work towards achieving a common goal.

Some interesting facts about Sithumini…

  • Pet peeve: People who spend more time on their phone during dinner or lunch than they do interacting with the people present at the table!
  • Childhood ambition: To become a news presenter
  • If she weren’t a software engineer, she’d be a university lecturer.

Natasha Wijesekare

This is Natasha’s first job. Natasha doesn’t think coding is easy – so she starts her day with a list of to do’s and if she’s managed to complete all of them, she’s satisfied. If she surpasses her daily list, then she’s absolutely ecstatic! Notwithstanding challenges, Natasha loves what she does. One of her favorite projects is Ballerina, a programming language, and she values the learning opportunities provided by this experience.

Some interesting facts about Natasha…

  • Pet peeve: People who talk over you when you’re clearly still in the middle of the sentence!
  • Childhood ambition: To become a scientist
  • If she weren’t a software engineer, she’d be a lecturer.

That’s it for March. Expect to see more stories in April on our Twitter and LinkedIn accounts.

We’re also keen to hear from women who work in open source technology all over the world and feature them in our campaign. Know anyone who has an awesome experience to share with us? Or perhaps you’re interested in being featured yourself (don’t be shy!)? Get in touch with me (vichitra@wso2.com) and Ishara (isharan@wso2.com) to start a conversation on how you can play the starring role in one of our videos or blogs!

***

And before we call it a wrap, great projects happen because of great team members. Shout out to Ishara and Vidyas, without whom the Women in Open Source Tech campaign wouldn’t have been possible.

Medical Device Integration for Better Decision Making in the Healthcare Industry: A Case Study From Engineering Ingegneria Informatica S.p.A

Medical devices that communicate with one another…sounds futuristic (or like something from a science fiction movie or novel), but it’s happening today. Engineering Ingegneria Informatica S.p.A, an Italian based software solutions provider, developed a Medical Device Integration (MDI) solution that enables devices to communicate securely, efficiently, and intelligently, enhancing patient care and monitoring capabilities. And to create their solution, they rely on the entire WSO2 Integration Agile platform.

Medical Device Integration with the WSO2 Integration Agile Platform

MDI comes with its distinctive set of challenges. Communication between medical devices is complex, hence each device needs a standard and secure communication protocol based on multiple channels. Then there’s the issue of processing thousands of events. A large hospital has a multitude of patient data, generated from thousands of sources. Engineering Ingegneria Informatica S.p.A needed to analyze these events and view patient data in the form of trend lines on customized dashboards. Also needed were monitoring dashboards displaying data regarding the status of devices.

The architecture behind MDI makes use of WSO2 Identity Server, WSO2 API Manager, WSO2 Enterprise Integrator, and WSO2 Stream Processor, along with WSO2’s IoT platform (now developed and supported by Entgra). To begin with, WSO2 Identity Server – a holistic identity and access management product – makes this solution and communication between components secure by using protocols such as OAuth2 with JWT tokens. This identity platform also generates tokens to access WSO2 API Manager.

WSO2 Enterprise Integrator facilitates all the communications in this solution and comes with integration runtimes, message brokering, and business process modeling capabilities. This agile integration platform is responsible for communicating with external modules, between the various devices and the central MDI system, and with Terminology Services to perform compensation and transformation of incoming/outgoing streams. Furthermore, WSO2 Enterprise Integrator provides technology for this solution to generate alerts or notifications from MDI to application solutions.

WSO2 Stream Processor – a lightweight stream processing platform – analyzes clinical messages from the device driver in real-time. Technical and clinical information has been divided into different complex event processing (CEP) flows. This makes it possible to manage technical warnings or CEP feeds of clinical data, and the machine learning component acquires and refines classified algorithms to help predict critical situations. WSO2 Stream Processor, in particular, has helped Engineering Ingegneria Informatica S.p.A to address the challenges of processing and analyzing the many events and the need for a customized dashboard.

The IoT capabilities are used to develop device drivers with installation packages. Each device driver has a health module that transmits technical information (which ranges from data like the heartbeat to the status of components). Each driver is also able to transform specific device protocols (such as RS232, HL7, etc.) into an encrypted generic platform message, thereby eliminating the need for MDI to identify each protocol.

The Benefits for Patients in Real Life

There’s quite a complex architecture in operation, so how does it function in a real-life situation? Marco Mastroianni, a software architect at Engineering Ingegneria Informatica S.p.A, explains how their solution applies to an Intensive Care Unit (ICU). Patients in the ICU are dependent on monitoring and life-sustaining devices where the use of information from combined (or integrated) data sources play a critical role in predicting a patient’s condition. Underpinning everything is time and the speed of communication. In such environments, monitoring capabilities and notification mechanisms come to the foreground. The data generated by these devices appear in the form of signals which is of value to signal processing techniques. Therefore, this process helps to both monitor patients and design algorithms that are used to implement patient alarms.

Patient monitoring is not limited to hospital premises – the MDI solution helps to monitor them in their homes too. Monitoring is dependent on communication between devices, how they’re managed, and how patient data is received by medical professionals. An MDI solution such as this reduces the probability of errors (particularly human errors) – greatly supporting the wellbeing of patients and the quality and speed of decision making.

You can listen to Marco’s presentation for more details on the MDI solution built by Engineering Ingegneria Informatica S.p.A.

WSO2 offers an open source integrated platform for digitally driven organizations who want to become integration agile. Everything you need to know is here.

Scaling Single-Sign-On with the Swiss Alpine Club

Mountain climbers and hikers in the Alps need reliable assistance, and that’s exactly what the Swiss Alpine Club (SAC) provides. Established in 1863, SAC is passionate about alpinism. They’ve contributed to the development of the Alpine region over the centuries and are advocates of safe, responsible mountaineering whilst ensuring free access to the mountain world.

Today, SAC has approximately 150,000 members, 111 sections in Switzerland that manage 153 mountain huts. On average, SAC sees 1 million daily visitors to these huts. SAC offers a range of services to both members and non-members. They have a SAC route portal, manage an online store with SAC products, offer discounts for accommodation, organize educational and training opportunities, and much more. Furthermore, SAC relies heavily their 7,000 volunteers who work as officials, guides, and youth organizers. These volunteers are supported by SAC’s IT office, which is located in the Swiss city of Bern.

Integration and Identity Management for User Convenience

SAC defined their digital strategy 2 years ago, and the cornerstone of this strategy is easy usage and access of services for their members and non-members. To this end, they had a straightforward set of goals which include: one identity login across all SAC services, single-sign-on (SSO) to access different services, easy onboarding of members, and to provide self-management of user accounts. SAC has around half a million users (this number keeps growing daily) and there are about 6,000 roles. Given the number of roles and types of membership (for example, officials, wardens, subscribers, etc.) means that there is a quite complex identity management structure at SAC.

SAC worked together with WSO2 Certified Integration Partner Avintis to implement their strategy. Right from the beginning of this project, both SAC and Avintis agreed on the consolidation of SAC’s user store. SAC’s new solution is composed of 2 parts – one part is concerned with integration and the other focuses on authentication, powered by WSO2 Enterprise Integrator (which can be used to build, scale, and secure integration solutions) and WSO2 Identity Server (which is a uniquely flexible product for identity needs) respectively. Being open source, both WSO2 Enterprise Integrator and WSO2 Identity Server provide SAC with a solution to avoid vendor and data lock-in, and use open standards for identity management and integration. This also further enables SAC to keep abreast with ever changing market needs.

The solution has a bi-directional integration with Microsoft Dynamics NAV and WSO2 Enterprise Integrator. They’ve also implemented REST based web services. This solution also consists of one master user store, with multiple service providers. At present, they have 6 service providers but this could potentially increase to 100 depending on the speed at which their implementation progresses. SAC translates their business cases to their user store and assign the right roles in the user store. They’ve created a login app on top of WSO2 Identity Server, which received the customer services that passes through WSO2 Enterprise Integrator. Furthermore, the identity management component follows the OpenID connect protocol.

The Result: One Login App for Everything (Literally)

SAC has reduced their data silos with the new solution. The resulting single login app facilitates user authentication, registration, membership applications, account activation, and password resets. Users can now book accommodation, subscribe to SAC services, shop in the online store, and access any other service with one single identity.

SAC’s plans extend beyond creating a seamless and convenient user experience. They’re now looking at WSO2 API Manager (which can be used to address any spectrum of the API lifecycle, monetization, and policy enforcement) for secure access to and management of upcoming/ existing APIs. In order to achieve scalability and reduce downtimes to zero, SAC runs most of the applications in Docker containers using Jelastic PaaS, and plans to migrate all of their web infrastructure to this cloud platform.

With plenty of changes anticipated in the near future (along with rising numbers of visitors to the Alps), Daniel Fernandez, head of IT at SAC, advises meticulous planning when undertaking a digital transformation project of this nature. And in addition to planning, he advocates being prepared for unexpected situations, as in his opinion a project such as this has an impact on everything else in an enterprise.

Listen to Daniel’s presentation for more details on how SAC implemented SSO.

WSO2 API Manager, WSO2 Enterprise Integrator, and WSO2 Identity Server form the WSO2 Integration Agile Platform. Learn all about our open source approach here.

Delighting Customers with an API First Approach at Proximus

Proximus, the largest telecommunications provider in Belgium, has been around since 1930. At present, Proximus provides internet, TV, telephone, and network-based ICT services. Their brand portfolio includes Scarlet, NBRACE, tango, ClearMedia, TeleSign, Davinsi Labs, telindus, BEMOBILE, and bics. Collectively, these brands have presence beyond Europe – in the Middle East, Americas, Africa, and APAC.

APIs Are Great – Again

Proximus has 2,000 to 3,000 applicators in the entire organization, integrating internally and externally with partners, competitors, and customers. Most importantly, these integrations have to be managed. The scenario that would result in not doing so is endless difficulty and inconvenience. A decade ago, Proximus designed their architecture for managing commodity services such as authentication, authorization, routing, and monitoring. So far, so good.

Change came in the form of agile business transformation. By becoming more agile, they were looking to deliver services faster, of better quality, and at lower cost. Proximus achieved business agility by building functionality shaped building blocks that are re-usable and loosely coupled. These building blocks are used to provide their digital solutions, all at lower costs and higher quality. Agile transformation has been made possible by WSO2 API Manager, which supports any spectrum of the API lifecycle, and WSO2 Identity Server, a holistic identity and access management (IAM) solution. Both are open source.

“We had to rethink what we were doing and essentially look at making APIs great again,” says Sean Kelly, an enterprise architect at Proximus. They’ve already worked with APIs, mainly to offer services – but agile transformation means approaching everything differently. This began by bringing together architectural domains that are well-defined and separate. For one, there was a functional domain which operated on specific blocks of functionalities (such as customer address management). Then there was an important security domain that is responsible concerns such as GDPR compliance. The application domain handles patching, upgrading, migrations, and such. And finally, the infrastructure domain is needed for deployment.

Functional Domain in Detail

Sean explains the new approach at Proximus by using the functional domain as an example. The team at Proximus documented all business capabilities and they first defined the characteristics of a capability. For starters, a capability must be a subject matter expert i.e. a customer address management capability is the owner and master of this specific block of data. This capability is the single source of data for the particular function, with a specific team attached to it. Furthermore, business capabilities are also mutually exclusive – unique, but independent, self-contained, and well defined.

The implementation of this new API-first approach happened in a very structured manner. APIs at Proximus are lightweight and powerful, with simpler life cycles and release cycles. Product teams were empowered and the API management platform is more agile. Although the API management platform is a self-service one, there are certain controls in place. Collaboration plays a big role too. Given the number of architectural domains, collaboration could be a challenge and it required a shift in mindset across the organization.

Organizational Change from Service Orientation (SOA) to Resource-Based Architecture

Proximus adopted the Bimodal practice to deal with organizational change. Introduced by Gartner, Bimodal refers to the strategy of coping with change and it’s comprised of two modes (modes 1 and 2). As per Gartner’s definition, these 2 modes are cycles, and not separate groups or departments in the company. “Mode 1 is the marathon runner, that is, it refers to APIs that perform core business functions. Mode 2 is more like a sprinter. These are the APIs that respond to the environment, are closer to your customers, more agile, and typically more disruptive,” Sean explains. At Proximus, mode 1 is applied to internal APIs and existing SOA services. Mode 2 is applied to external APIs and this is where they publish their digital products, with a strong focus on security.

Apart from the Bimodal practice, Proximus has also adopted several principles. There’s no domain dumping model at Proximus, and they use concepts that are known and understood within the organization. They design for loose coupling, as vendor-neutral APIs are preferred and it allows them to change one component to another with minimal impact. Proximus also use industry standards such as O-Auth2, XACML, SID, JWTE, etc. Another is the use of smart endpoints and dumb pipes, which is to avoid business logic in a centralized middleware. Security is coded, rather than configured. As such, the code is typically only written once and then validated by security, making it easier to manage this process as well. Proximus also do not use the latest version of a particular technology offered – they prefer to trail behind the bleeding edge, as they’re on the lookout for the first round of patches and use the functionality with greater confidence at a later time. And finally, Proximus only builds components or purchases software that is cloud native.

Delighting Customers

The team at Proximus are satisfied with their API first approach and the resulting API marketplace. “We’re focusing on delighting our customers, delivering value, and doing all this at a lower cost. We use WSO2 to do what they do best. For us, WSO2 is an API management platform and we let them handle that while we focus on the business,” says Sean. As with any innovative business, there are more changes afoot at Proximus and they’re looking to take WSO2 along with them as their business evolves.

Watch Sean’s presentation for more information about the transformation at Proximus.

Check out our product pages for WSO2 API Manager and WSO2 Identity Server to find out how you can use these products in your enterprise.

Open Banking Implementations in Europe and Africa: The Story of Société Générale (So Far)

Investment and retail bank Société Générale has its headquarters in Paris, France plus 45 branches in 36 countries, representing over 18 million customers globally. Retail banking services support 3 business lines in the regions of Europe, Africa and the Mediterranean, and Russia. Their 2020 strategic plan is simply named “Transform to Grow.” Open is the keyword here. “We want an open approach to develop offers and client satisfaction,” says Jean-Louis Rocchisani, enterprise architect at Société Générale.

The Transformative Powers of Open Banking

Open banking plays a crucial role in Société Générale’s transformative approach to business growth. Their open banking journey started in 2015, having recognized the opportunities it presents for improving the time-to-market and reforming their business model. Their open banking efforts have not passed by unnoticed. Recently, Société Générale was selected as the most advanced company out of 44 listed companies in the French market. After investing in the needed architecture, Société Générale now looking to extend towards the bank as a platform model.

Société Générale also sees the the transformative power of technology and APIs in its future. “We’re currently in the proprietary model, but we see the opportunities to increase our distribution power by creating a smooth digital end-to-end process,” says Jean-Louis. “We’re also looking to monetize our services and most importantly, create interactions between service producers and customers – which is also quite hard to launch. But this is possible because we have APIs as a product.”

Société Générale is guided by open banking drivers in the many parts of the world that they operate in. These include PSD2 compliance and beyond in Europe, modernizing B2B2C models, and enhancing digital banking services (as is the case in Africa). Community plays a central role in Société Générale’s open banking efforts, as markets are different and evolving across countries, and working with local communities of financial service providers is essential.

Jean-Louis presenting at WSO2Con EU

How Société Générale Came Across WSO2 Open Banking

Société Générale and WSO2 have a strategic partnership that dates back to 2015, ever since the first successful implementation. Their first success story and the fact that WSO2 is open source were major deciding factors for Société Générale. SOSMART is the acronym for Société Générale’s architecture principles which are sustainable, open, modular and real-time, and API first. They were looking for a technology partner who would accompany them for the entirety of their open banking journey. WSO2 Open Banking provides the technology for open APIs, secure integration with banks and third parties, and integration analytics capabilities. “WSO2 has innovative products, efficient people, and a shared vision with us,” explains Jean-Louis.

Use Cases From Africa and Europe

Germany: This was the first use case implemented by Société Générale and is centered on equipment finance, financing for big customers through vendors. This project began by implementing a B2B2C platform using WSO2 Open Banking, using the support from local vendors. This platform is now extended to include international vendors as well, using a federated model rather than a shared one to improve its efficiency.

Czech Republic: A large bank in the Czech Republic needed to leverage PSD2 towards open APIs, using WSO2 Open Banking. The bank is now working with fintech developers and partners in the country, using the API platform which was launched. This bank is looking to close the gap between iteration and deployment and they’re satisfied with their progress so far.

Africa: Société Générale works on innovations to digital and mobile banking rather than regulatory compliance in their African business operations. They currently have 12 banks in Africa, all of whom are different despite sharing the same core banking system and is therefore difficult to scale use cases from one country to another. An API layer has reduced the time to market, and the next stage is to open this platform to fintechs and other service providers in the ecosystem.

France: Société Générale’s French overseas territories banks have to achieve PSD2 compliance. In spite of the tight deadline, Société Générale believes this can be achieved on time and are using WSO2 Open Banking to speed up the implementation.

What’s Next?

With experience gained from a string of successes, Société Générale has more exciting projects lined up together with WSO2 Open Banking. For Jean-Louis, technology is an enabler (and not a constraint) and he says, “We believe in an interoperable world, where technology opens up possibilities leading to more success stories.”

Listen to Jean-Louis’s complete presentation in this video.

WSO2 Open Banking helps you achieve regulatory compliance in Europe and Australia, with successful use cases from around the world. Learn all about its capabilities here.

Macmillan Learning and Ribbonfish: Solving Diverse Integration Needs to Help Students and Instructors Better

Macmillan Learning is a leader in the education publishing and EdTech industries, with a target market of over 9,000 colleges and 50,000 high schools in USA and Canada. Their partnerships with many of the world’s best researchers, educators, and administrators, as well as their emphasis on top quality content drive their business. Macmillan Learning teamed up with Ribbonfish, who specializes in offering service solutions to the media and publishing industries, to answer the changing needs of the education industry – helping both students and instructors improve their outcomes.

A Technology Strategy for an Evolving Industry

Macmillan Learning observed how the education industry has been evolving over the years and realized that they need a strategy to answer to the rapid developments that are taking place in this industry. Key among their goals was responding to market needs faster and providing students with interactive digital solutions to support their education.

However, the education industry is a seasonal one and Macmillan Learning wanted to ensure their new solutions caused the least amount of disruption, particularly during peak times. Another important consideration was the internal organizational structure. “You can’t develop a technology strategy in isolation, we need to be mindful of both the structure and culture of an organization. The culture needs to be improved, particularly when partnering with others and the structure needs to be standardized across the various teams,” says Sagar Bujbal, VP technology at Macmillan Learning.

Like any other business, Macmillan Learning integrates with many disparate systems. “Around 60 to 80% of your time is spent on supporting these various systems, rather than concentrating on innovation. When thinking about the right solutions implement, we really need to quantify the strengths and weaknesses of each of these systems,” says Paul King, a solutions architect at Ribbonfish. Both Paul and Sagar stress on the point that seamless integration in such a context requires architectural guardrails and governance. They explain that a well-defined target reference architecture (prior to development) with a long term vision, taking into account changes that will have to be encountered over the years, is a solid starting point. Best practices and utilizing out-of-box platform capabilities are further requirements for seamless integration.

Sagar and Paul presenting at WSO2Con USA

Selecting the Right Technology

Both Sagar and Paul believe that an enterprise integration platform is one of the most strategic technology decisions that a business makes. They were looking to build a target reference architecture that was business driven, rather than focusing on a particular technology and evaluated several technology vendors based on this. Macmillan Learning and Ribbonfish considered factors such as platform capabilities, maturity of the product, type of agility provided for developers, quality of production support, costs, and the vendor’s willingness to work closely with a business to solve their particular needs. Both were of the view that WSO2 Enterprise Integrator, with its integration runtimes, message brokering, business process modeling, and analytics capabilities, catered to their requirements.

Achieving Seamless Integration

Given the fact that integration needs at Macmillan Learning were diverse, Sagar and Paul decided on APIs as the de-facto standard for integrating all their systems. They also made sure that there was no direct coupling. Their current architecture includes the Macmillan Learning integration layer composed of WSO2 Enterprise Integrator along with Salesforce. Paul explains that one of their main goals when building the new architecture was to not over complicate things and using WSO2 helped, “One of the big things we really took from it when we selected WSO2 as a platform and service was that there are plenty of solutions within WSO2 itself.”

Paul and Sagar state that documenting the inventory of business processes and interactions contributed a lot to their success, as it helped them to better define their target reference architecture. They also believe that defining their integration techniques, constant communication with their engineering team, and weekly reviews of what they implemented helped them immensely.

More innovation is planned for Macmillan Learning and Ribbonfish. The huge scale of transformation at Macmillan Learning means that there is a continuous demand to meet these requirements. Proactive customer service plays a key role in this transformation. Macmillan Learning and Ribbonfish gain insights from interactions between customer care agents, students, and instructors to improve this transformation process and customer satisfaction. And as mentioned earlier, they will continue to review what they do for the best possible outcomes.

To learn more about how Macmillan Learning and Ribbonfish are working together, watch this video:

Everything you need to learn about WSO2 Enterprise Integrator is here.

Using Open Source Technology to Solve Complex Integration Needs at American Express Global Business Travel

American Express Global Business Travel (GBT) is a travel and meetings management company, which operates in 140 countries at present. They receive over 3 million messages and make 100 million service calls, all in one day! To effectively deal with the sheer volume of messages and calls, GBT launched Global Trip Record™, a platform that captures all global bookings on various transport companies in one system and functions as their single source of real-time and historic trip data.

A Strong Orchestration Layer: The Need of the Hour

GBT was looking for a strong orchestration layer on which to build this platform. They had an existing legacy system, part of which was a Java application that had thousands of lines of code across different files. For this reason, each redeployment required IT to shut-down, then re-start, the entire system. “No integration is easy and proprietary software doesn’t allow you to change much,” says Pradeep Chintam, software engineer at GBT. “As a developer, I like working with the code everyday. We were also looking for a product that allowed customization together with reliability. Hence, the decision to use WSO2 Enterprise Integrator,” he explains.

Eventually GBT decided on a microservices approach, yet they evaluated the pros and cons carefully first. Pradeep had a lot of questions on how microservices can be used to orchestrate between services, how to proceed with service discovery, and how to perform load balancing and fault tolerance. “When discussing microservices architecture, a lot of people are of the view that you should have smart endpoint and dumb pipes. I honestly don’t agree with that. What do we want from a solution – to follow principles to the letter or an application that functions without glitches? I think many people would choose the latter, no matter how important principles are,” says Pradeep. That was exactly what was done with WSO2 Enterprise Integrator when building their new platform.

GBT has many connecting systems and wanted to enforce a single entry point to their application. Thus, the architecture is built in way that everything connects via WSO2 Enterprise Integrator, and all orchestration between microservices happen within WSO2 Enterprise Integrator itself. This architecture has worked for 2 years to date, without a single instance of downtime.

Pradeep speaking at WSO2Con

The Deployment Model

Every message passes through at least thirty microservices and all the message transformation is handled by WSO2 Enterprise Integrator. GBT scales up their microservices so that they can handle hundreds of transactions and messages per second, but they scale the Enterprise Service Bus (ESB) based on their needs. To accomplish this, GBT also also uses Apache Kafka to bring elasticity to the application, as they do not want to overload WSO2 Enterprise Integrator when connecting 30 different downstream vendors.

During the deployment model, the code is first checked into git. The architecture includes a Jenkins server where the build is triggered and it then passes to SonarQube which verifies all vulnerabilities and bugs. It is then packaged to CAR files. A plain ESB image is pulled, customized files are overwritten, and the CAR files are then copied to appropriate folders. After that, the final Docker image is created and published in their Nexus repository. Deployment is triggered in OpenShift which only receives the image tag number. OpenShift will then pull the image from Nexus, deploy it, and is finally ready to serve the request.

Unlike the industry standard, GBT does not use a governance registry in their architecture. As a result, Pradeep limited the number of instances and technologies. GBT uses a custom solution, where they use another ESB project which acts as their governance registry.

This solution is an integral component of GBT’s aim to provide travel management tools that offer millions of customers around the world the best possible travel experience. “The fact that WSO2 Enterprise Integrator is open source and allows for flexibility were big plus points for us. Apart from that, the support has been great. I’ve been using the product for over 6 years and I’ve only raised a support ticket once, which was solved within the day,” says Pradeep.

To learn more about how GBT created Global Trip Record™, watch this video: