LOW-CODE
PREFABS
SOLUTIONS
EVALUATE

Wired for experience®

BLOG

Embedded finance, low-code and the
emerging face of adaptability

The years 2020-21 will be remembered for the pandemic and the subsequent resurgence. It will also be remembered for the time where over half the world’s population pulled out their mobile phones to buy groceries, order food, get paid for services, shop for clothes, and even pay for healthcare. While the pandemic ravaged nations, humans quickly adapted to new ways of transacting. Financial transactions through almost any app of any industry became a reality and more or less a force of habit.

What made that drastic leap possible was set in motion years ago with the advent of Open APIs. The emergence of public APIs and regulatory changes such as PSD2 spearheaded the ‘Open Banking' revolution. A flurry of fintech companies followed, offering to ‘embed' financial services in non-financial apps. Financial capabilities once considered the privilege of banks, became a necessary touchpoint in the customer journey of any brand. While banks still held dominion over regulatory licensing, fintech was able to squeeze in financial offerings between the layers of ‘bank' and ‘brand' with alacrity: Thus leading to the emergence and rise of ‘embedded finance'.

In fact, according to Juniper Research, in 2021 alone, the ‘embedded finance’ market is said to be valued at $43 billion and is set to soar by 215% by 2026.

Early Adopters and Present Trends

Uber and Lyft are some of the most well-known early adopters of embedded finance.. Tackling the simple pain-point of cab riders (searching for cash, taking out a credit card, toggling between apps), Uber introduced embedded payment in its cab booking app. Its early success in alleviating a major pain point in customer experience spawned a rush for embedded payments in large, digital savvy, non-traditional players ranging from e-commerce (Amazon) to food delivery apps (Deliveroo). Fintech with technical know-how and financial acumen followed suit with offerings customizable for banks and brands.

This led to the emergence of another layer between fintech and banks, what is called Banking-as-a-Service (BaaS). Unlike Open Banking that offered only data, BaaS offers APIs for banking services that fall under the ambit of regulatory services. The fact that these APIs could now be leveraged in any digital customer journey opened up a plethora of value propositions for brands, hitherto not possible--retailers providing a ‘Buy Now, Pay Later'(BNPL) option, car dealers offering loans and insurance, and utility providers launching wallets.

The customer-share pie for financial services became open to all.

What started as embedded payments has now evolved into multiple use cases such as embedded insurance, embedded banking, embedded credit, and embedded investment. The use case list has expanded to every industry from retail to HR and has the potential to morph further. While digital-savvy, large enterprises are quick to adopt, small businesses are also jumping into the fray. Uber which was only offering payment services, now offers loans to its drivers and an Uber debit card for a checking account to its users. On the other hand, banks, both new and traditional, are opening up new avenues to reach out to their customers.

For brands, it is the customer journey that matters. For banks, it is high volume and less cost. A win-win in any case.

Speed Bumps in API Adoption

If we look at banking trends over the decades, the underlying driving force that has spawned thousands of new players in the financial services industry is most surely -- APIs. From Open Banking to now Banking-as-a-Service, companies that have proactively embraced the evolution of APIs have been successful in embedding financial services. However, it is easier said than done.

Banks/ Providers typically have an API-only approach. There is no touch and feel. The graphical elements or abstractions on top of these APIs need to be recrafted and customized per brand, per use case. With virtually every bank jumping into the bandwagon, brands (especially SMBs) look for technical expertise to evaluate and buy from the exhaustive list of APIs. Navigating the labyrinth of APIs would also involve sourcing and integrating APIs from multiple providers, brands, and third parties. To build a digital layer over the APIs, the brand has to either depend on its own IT and available tools, or they have to turn to fintech or ISVs that can help them leverage the power of these APIs on an integrable platform.

Think Beyond APIs: Go Low-Code

In the end, APIs are a means to an end.

Businesses spend inordinate amounts of money and time to consume complex APIs and launch embedded finance services. Traditional hand-coding while integrating with APIs is cumbersome and can lead to latency in time-to-market. Subsequently, many businesses lose their first-mover’s advantage.

Low-code platforms can help businesses in two ways to gain momentum:

  1. Businesses can perform quick roll-outs of showcase applications and MVPs on a low-code platform, thereby gaining a sense of the market pulse and figuring out what works and what does not.
  2. BaaS providers can use low-code to enable hyper-accelerated app development by provisioning ready-to-use contextual components over their APIs, which can be easily provided as a bundled financial offering for business apps.

A low-code platform can now act as an aggregator of financial and non-financial APIs and provide a contextual layer that is customized per brand/bank.

Battling out on fierce financial terrain, are large and small brands and FIs. Whether it is ‘Buy’ or ‘Build’, businesses, fintech, and ISVs agree that application development platforms need to offer two very important aspects while integrating APIs: flexibility and security.

Low-code platforms that come with inbuilt security and a “whatever-whenever-wherever” facilitation effectively neutralize these two major concerns faced by incumbents of the financial services industry.

To Embed or Not is Not a Question!

Over the past two years, industries have shown resilience and adaptability like never before. Embedding finance into a consumer app has become a norm. A norm that took wings years before but gained momentum in the past two years. The hyper-acceleration of embedded finance in financial and non-financial applications is the phenomenon of businesses reacting to unforeseen circumstances in the most creative manner. Low-code platforms like WaveMaker can assist small and large brands in consuming and integrating disparate APIs with ease and provide a contextual consumer interface abstraction over them.

The synergy created by low-code, embedded finance, rapid application tools, and digital transformation in general, are shaping the face of what creative adaptability looks like.

Forrester finds that, in 2020, over 27% of organizations improved their customer experience (CX) index scores, a big number compared to the few who were making progress in the years before.

“To emerge successfully from this global crisis, brands must build experiences that help them engage with their customers at an emotional level,” wrote Forrester SVP, Sharyn Leaver.

So, how do enterprises engage customers at an emotional level when the predominant
channel of interaction is now digital?

By delivering insights-driven, personalized, contextual, end-to-end digital customer experiences anytime, anywhere, across channels and devices.

To achieve this, at accelerated time-to-value and scale, enterprises need a springboard: A Digital Experience Platform.

Gartner defines a Digital Experience Platform (DXP), as an integrated set of technologies, based on a common platform, that provides a broad range of audiences with consistent, secure, and personalized access to information and applications across many digital touchpoints.

At WaveMaker, we visualize it in three layers:

  • Foundational Business Engine
  • Digital Engagement Hub, which brings together APIs from the business engine
  • Customer Experience Suite, which is the UX layer, made up of apps
Digital Experience Platform

Most enterprises have the business engine and the digital engagement hub, even if some of them might be legacy software. However, the digital customer experience layer needs to respond to rapidly evolving needs, offering opportunities for experimentation and rapid implementation. It is here that low-code can help. Here’s how.

Transforming applications to a customer-oriented approach

In most industries, IT is designed around the organizational structure, not customer needs. For instance, the technology architecture of a retail organization is driven by the supply chain — divided into inventory, point of sale, customer relationship management, e-commerce, etc. So, if a customer wants to check on the company’s website whether a product is available in their nearby store, it would be next to impossible because the e-commerce engine doesn’t speak to the inventory management system.

A digital experience platform can enable enterprises to address such use cases without elaborate investments in product development. When the business engine is built on customer-oriented architecture, deploying applications as microservices, loosely coupled, and API-driven with functional encapsulation, the low-code customer experience suite empowers you to drag and drop any combination of features and functionalities to create a new app. It effortlessly abstracts the various business engines to create apps with little manual programming.

Leveraging data for personalized digital experience

No customer wants to search and scroll endlessly on their shopping app to find the product they want. Nor do they want to manually drag and drop features into their interface to personalize it themselves. They want personalized experiences that are meaningful, engaging, and, most importantly, efficient.

A digital experience platform can leverage advanced analytics to deliver that. The low-code customer experience suite can form the abstraction over the analytics engine to bring together user, interaction, and business data to create a 360-degree view of the customer. It can enable dynamic user experiences, ensuring continuity of customer relationships, displaying cross-sell/up-sell opportunities contextually.

Delivering omnichannel engagement

In the era of ‘hand-off’ between devices, customers demand a smooth omnichannel experience from enterprises. For instance, an e-commerce customer today wants to add items to their cart from any device, anywhere, anytime, and purchase them all together when they’re ready.

Digital experience platforms are built to enable this seamlessly. By integrating various digital business engines, the low-code customer experience suite allows you to build omnichannel customer journeys — effortlessly moving from one channel to another, ensuring continuity of engagement across devices.

Enabling dynamic content delivery

Traditional applications are optimized for short-term transactions, while digital experience platforms are built to create long-term customer value. For instance, an e-commerce application is typically built around capabilities like search and checkout, focussing on the efficiency of shopping. But customers today are seeking more engagement. Perhaps why social commerce — blending of social media like Instagram and shopping — is gaining popularity, as it stresses the ‘experience' of shopping.

The digital customer experience suite enables enterprises, especially in industries like banking, media, retail, or fashion to design websites, portals, apps, etc. to deliver personalized, contextual, relevant, and timely content to improve stickiness and loyalty.

Ensuring end-to-end digital service

Today, saying “you need to come to the store to get this done” is a sure-shot way of losing a customer, especially given that the cost of switching to a new provider is the lowest it has ever been. However, traditional shelf-ware is heavily restrictive in the functionalities they can offer.

Digital experience platforms enable you to deliver end-to-end digital service. With the customer engagement suite, enterprises can:

  • Build and deploy new applications quickly for customers
  • Enable dashboards with predictive analytics for employees
  • Create chatbots to automate answers to common concerns
  • Automate data collection in the form of feedback through email, SMS, or app notifications
  • Streamline product and business innovation based on customer behavior and preferences

In 2018, PwC found 32% of customers say they would stop doing business with a brand after one bad experience, even if they had loved it before. On the other hand, customers are willing to pay a 7-16% price premium for a good experience. This becomes even more telling in the post-pandemic era.

Today, just offering a digital avenue isn’t enough. The digital channel(s) is the storefront, relationship manager, customer service, marketing, sales, product catalog — all rolled into one. The true success of a digital channel is in dynamically adapting to customer needs. A digital experience platform helps you achieve that.

With a robust low-code customer experience suite built with WaveMaker, you can accelerate your digital experience platform journey significantly. Its ability to provide features such as a composable architecture, scalability, cloud-native capabilities, customizability, repeatability and security strengths enable your application teams to create differentiated experiences at a fraction of the time and cost.

To see how low-code can accelerate your digital platform journey, try a demo of WaveMaker today.

Authored by Gopi Mishra, Principal Architect - Development, WaveMaker, Inc

Enterprises are increasingly using ‘Direct-to-Consumer’ digital initiatives. They are parallelly digitizing their internal processes with increased velocity. These changes bring with them a tide of security threats. From insider threats to exposed marketplaces, there is always a security hazard lurking around the corner--one that can assume mammoth proportions if security doesn’t become an ingrained part of application development. In fact, according to a report by cyber security firm 'Checkpoint', cyberattacks on organizations worldwide jumped by 29% during the first half of 2021 as compared to the same period in the previous year.

So if an enterprise is adopting the web, mobile, and cloud, and directly selling to the consumer, it would be paramount that the IT team prioritizes the security of its product, and most importantly ingrain the best practices of weaving security into the development process.

Who better to don the mantle of defense than the ‘developer’? After all, when it comes to the security of an application, ‘developers’ are the first line of defense!

Defense-In-Depth

A ‘Defense-In-Depth’ approach to security for applications is a layered approach to security. What it essentially means, is that developers should take necessary action to mitigate security risks at every layer, be it the front-end (client), middle-tier, database services, or even the network layer. To do that, developers need to collaborate with various stakeholders: customers, DevOps teams, IT-networking, and the security teams handling the necessary infrastructure.

A developer has to have the same approach while developing secure applications using a low-code platform. WaveMaker comes fortified with SAST tested auto-generated code that is VeracodeTM verified. While developers working with WaveMaker can rest assured of the inherent security of the platform, there are a few best practices that a one can follow while using WaveMaker low-code to develop secure applications.

Embed security using WaveMaker

Developers need to think about security primarily in three areas: Data, Business Logic, and Coding. Data in itself could be static or could be in transmission. Depending on its state, the developer needs to keep an eye out for the following checkpoints:

secure applications using Low code

Data at Rest:

  • Ensure that no personally identifiable information is stored at the client-side (in-cache of web application or in device storage of a mobile application)
  • For mobile applications, store relevant and critical information in secure elements
  • Avoid storing information such as service credentials and connection strings in an accessible file. If stored, ensure that there is a proper authentication and authorization mechanism in place to access these files
  • If possible, use rooted/jailbreaking detection for mobile apps.
    Cordova provides plugins for the same. This can be added to the application by importing the plugin to the application. Plugins can be imported as described here.
secure applications using Low code

Data in Motion:

Secure data in motion from being intercepted

  • Use HTTPS for all calls between the client and the server-side
  • Use TLSv1.2
  • Ensure that the data between client and server-side is encrypted
  • Use updated security certificates that have the latest and secure cipher algorithms
  • Ensure validity of certificates. In case, certificate pinning is used on mobile applications ensure that certificates are renewed before expiry and app uploaded to app/play store to avoid apps breaking in production
  • Protect API calls with authentication
  • Do not include PII data as a part of a GET call
secure applications using Low code

Business Logic:

  • Use multi-factor authentication
  • Have a password policy and validation
  • Include input validation as a part of data length, type, and white-listed characters
  • Do not include passwords as a part of the ‘Remember Me’ functionality
  • Do not provide the reason for the failure of authentication in event of a validation failure
secure applications using Low code

Coding Best practices :

  • Do not log sensitive information like passwords
  • Include all loggings as a part of the ‘isDebugEnabled’ flag so that they can be disabled in the production
  • If ‘Request’ and ‘Response’ are logged or can be logged in debug mode then create filters for sensitive data
  • Use the latest versions of third-party plugins that are imported into the application
  • Use the latest SDKs/APIs that are tested against vulnerabilities
  • Flush out session data during logout
  • Error stack trace should not have sensitive information. It is always advisable to add custom messages as error messages rather than simply passing or printing the error stack trace which may have application class/file names or sensitive data.
  • WaveMaker is VeracodeTM certified and the auto-generated code is protected against OWASP Top 10 security risks. However, while designing an application the developer should keep these risks in mind and design the application to safeguard it against them (For a greater list of guidelines, follow this OWASP cheat sheet]
  • When using WaveMaker low-code platform, ensure that VeracodeTM-like scans are performed for both JavaScript and Java code

Security is an inarguable conclusion

While security best practices can help developers immensely, what is more important, is that they develop a ‘security mindset’. Security must be a priority and not an afterthought. While developing applications using ‘Agile Practices’, security should be a criterion in the ‘Definition of Done’ of user stories. Bigger pieces should be taken up as enabler stories. Regular penetration tests should be performed early in the development stage and should be a part of every sprint release. A security loophole caught early in the game will alleviate future pain points, bring down costs and reduce technical debt.

Being secure is not an option, it is an inarguable conclusion. Developers with a finer sense of security will hold this as their mantra.

Author’s Bio

Gopi is a software architect with over 15 years of experience in the financial tech and IT domain including 9 years he spent on mastering mobile architecture design. He presently leads a team of low-code developers and mentors them about best practices in software development. In his free time, he loves to read non-fiction, watch history channels or binge-watch movies.
Write to Gopi Mishra at info@wavemaker.com

secure applications using Low code

Authored by Akhil Pillai, Principal Engineer, WaveMaker, Inc

The web has been a unique platform to develop applications for decades. Of late, platform-specific applications have created a lot of buzz, mainly owing to their reliability and extensive features. Some of them work offline, some have hardware capabilities while some of them can notify users of important updates. PWAs or Progressive Web Applications are the web’s newest attempt at matching the level of reliability and richness that these native applications offer.

What exactly are Progressive Web Applications?

Progressive Web Apps are just plain old web applications with newer capabilities enabled on modern browsers using progressive enhancement. That is, even if the modern features are not supported by the browser, the user still gets the core experience of a web app. PWAs make use of web-platform features like service workers and manifests to give users an experience on par with native apps.

Some of the features that PWAs offer are:

Progressive Web App

Installable

PWAs allow users to install them through prompts that are either on the browser or implemented by the developer. Once installed, they mimic native apps that are available on home screens, docks, or taskbars. The application opens up as a different window rather than as a tab in a browser and is shown as part of the app switcher, thus tightly integrating it with the platform.

Progressive Web App

Reliable

Speed is crucial to keep the user interested and reduce bounce rates. Google's research shows that an increase in page load times from 1 to 10 seconds leads to a 123% increase in bounce rates. The capability of PWAs to cache resources and load them from the cache greatly increases speed and performance. This not only helps with load times but also helps when the network is slow or there is no network at all. This means even when offline you have access to your favorite application unless network connections are indispensable.

Progressive Web App

Linkable

Being a web application, PWAs can be easily shared using URLs. Anybody with a URL can install a PWA on any platform with a supported browser. This greatly reduces the effort it takes to distribute an app through an app store. Managing versions are made easy too with auto-updates or prompted updates that allow partial updates. With this feature, gone are the days when we had to download entire applications for just a small change in text.

Progressive Web App

Enables Notifications

One of the biggest flexes that native applications had over web applications is the ability to push updates to the user. Though web applications could show notifications, they needed to be running in a window to do so. PWAs have overcome this hurdle through service workers. A service worker is a piece of code that runs in the background even after the web application is closed by the user. This allows the web application to run background tasks and receive notifications. This makes it easy to keep the user engaged even when the application is not running.

Progressive Web App

Secure

PWAs are inherently secure. The service worker, which is the core part of a PWA, is only activated if the connection is secure. If the connection is not established over a secure HTTPS protocol, PWAs behave just like normal web applications.

Though these are some of the main features that PWAs offer, there is much more to them like background sync and hardware communication among others.

How can PWAs impact business?

Most of the features directly or indirectly affect the way users interact with web applications. This in turn drives business decisions. For example, giving a native feel to a web application is made easier with PWA. This allows businesses to ship applications faster while skipping app stores and their complex policies. PWAs while reducing development effort also reduce the associated development cost. Faster loading times give a big boost to customer retention while notification capabilities keep the user engaged.

In terms of data supporting these tall claims, let's take the case of Twitter. Twitter saw a 65% increase in pages per session, 75% more Tweets, and a 20% decrease in bounce rate. Nikkei saw 2.3 times more organic traffic, 58% more subscriptions, and 49% more daily active users. Hulu replaced their platform-specific desktop experience with a Progressive Web App and saw a 27% increase in return visits. As they say, numbers don't lie. PWAs are definitely influencing customer interaction with applications.

How can WaveMaker help?

PWAs combine the native feel of platform-specific applications with the dynamic nature of web applications. But how do we implement all these features? Using vanilla JavaScript and HTML to implement such rich features would take a lot of time and effort. Of course, libraries like Angular and Workbox can help but WaveMaker goes a step further. With the latest 10.9 release, PWA is officially in its beta stage on WaveMaker. All the user has to do is enable an ‘app.pwa.enabled' flag in the profile they use for production. Detailed instructions can be found here.

WaveMaker uses Angular’s built-in support for PWA and throws in a bit of its own magic to enable these features. As soon as the flag is enabled, two of the most prominent features are baked right into the WaveMaker web applications - installability and caching. Notifications are also enabled by default that can be made to work with a few app-specific changes. WaveMaker also allows the user to choose a custom icon for the installable app. What better than having your brand image in your user’s app drawer!

At WaveMaker we realize that continuous improvement and innovation is the path to creating customer satisfaction. As of now, PWA features that are in the beta stage are subject to continuous improvement. The way forward is to enhance features like notifications and to gradually add features dictated by customer interests.

PWAs are here to stay and WaveMaker will help your business embrace the technology with as little code as possible.

Watch this video to know more.

Author’s Bio

Akhil Pillai is a full-stack developer with more than 10 years of experience in software development. He is a technology enthusiast and a polyglot with a soft spot for machine learning. In his free time, he loves to read technical content and listen to music.

Progressive Web App Developer

Low-code is high on learning: A developer’s perspective

Mankind and the systems that it relies on are in a constant state of flux. From the transportation systems we travel in, to the medicines we take, evolution has been a constant phenomenon in human life. If that were not so, we would still be stuck in stone-age. Development tools are no different. From low-level languages like COBOL to high-level languages like Java and Python, coding has evolved to make application development easy. Similarly, IDEs are constantly evolving to make the developer’s life easy. From text editors to GUI-based IDEs to IDEs that even autocomplete your code, development environments have come a long way. Low-code is the next eventual milestone.

Hi! I am Sagar Vemala, from Hyderabad, India and I work for WaveMaker, Inc. After completing my engineering course, I joined WaveMaker as an intern where I was introduced to low-code development and I found the concept of converting ideas into products rapidly; absolutely fascinating! I had an offer in hand to join a reputed technology company as a developer even before I was offered an internship at WaveMaker, but I must say that the internship introduced me to a whole new world of application development and I decided to stay. When I started as a full-time developer at WaveMaker, I was warned by my peers about being labeled as a ‘low-code developer’ but my gut instincts told me that I was making the right decision. Looking back, am glad I stuck to my decision. A low-code developer’s job is not restricted to simple coding, it is an expansive sea of learning, of thinking outside the box and more importantly, it is a job that solves a problem.

In this context, I would like to share my experiences from my journey, clear some misconceptions and present my point of view about my career as a low-code developer. Here are a few pertinent questions that I get asked about low-code:

If it is just drag and drop, then what is there for a developer to do?

I learned Java on notepad++. While it is the best way to learn Java, it is not necessarily the best way to develop faster. Seeing me code on a text editor, my friend introduced my novice self to the Eclipse IDE and it is there that I was introduced to the world of GUI IDEs with cool features like generating import statements, getters, and setters methods automatically.

My ‘world of coding’ just became so much more flexible.

The first time I saw how WaveMaker worked, it was déjà vu--Once again a complicated process had been made so much easier. My life as a developer is made ‘easier’ by WaveMaker. Here is how:

WaveMaker has a real code-behind approach and allows full customization and extension on every level. I consider WaveMaker as an advanced IDE (RAD) which generates open standards-based code following best architectural practices. It offloads monotonous tasks like setting up the project and environment, managing framework, and library upgrades and allows me to focus on the problem at hand. Also, it helps developers by providing configurational code for standard features like multi-language support, security, and scalability. With all that being taken care of by WaveMaker, I can focus on areas where my knowledge and experience are needed, like solving requirements and writing business and integration logic.

By being a low-code developer, am I restricting my learning and knowledge?

Absolutely not! I see myself as a problem solver and not just as a developer. I get to work on so many layers of technologies, right from designing the DB schema to preparing the backend to composing the UI and deploying the app.

In a traditional setup, this would require a large team of dedicated backend and front-end developers working for months to build an app. In today’s world, there is an imminent danger of irrelevance by the time an app is developed. With WaveMaker, a small team does the job in weeks that would traditionally take months and as a plus, I get to dip my toes in every kind of technology.

As development became more agile and the time frame became shorter, I got to work on many applications across different domains. At times, I would digest requirements directly from the client. With total control over development at all layers, I was able to provide accurate estimates. After observing diverse apps getting built, I started to think about another important aspect of development--user experience. This skill that I picked up while using low-code helped me deliver applications even without the help of a business analyst or a user interaction designer. My learning outside just coding, sky-rocketed.

I also got the opportunity to work with DBAs, senior developers, technical team leads, and architects of various enterprises as a WaveMaker SME. All apprehensions about not being ‘technical enough' disappeared after my conversations with them and I believe that I was able to add value to decisions that are agnostic of WaveMaker.

In a nutshell, the horizon of my learning expanded.

If the platform generates most of the code, won't that make developer's learning gloomy and less interesting?

Circling back to the point of learning, let’s elucidate with an example. Let’s say, a ‘traditional’ JavaScript developer has just started learning Angular. If the said person follows the documentation of a ‘to-do’ app and merely replicates the steps without understanding the intricacies of how Angular is helping, will the person be able to actually ‘learn’ and contribute to projects? No, right? The same logic applies here as well. There is learning in any sphere of creation. Developers who aspire to work with WaveMaker low-code need to use or will learn the below-mentioned skills to understand WaveMaker generated code and make the best use of it.

As a low-code developer, am I stuck? What is the future of a low-code developer?

I strongly believe that low-code may not be a hammer for every nail but is a necessary tool in the developer kit. Enterprises have and will adopt this methodology into their practices for years to come. Digital transformation has become ubiquitous with every enterprise and if an enterprise is looking at ways to create safe, scalable, and modern products with faster go-to-market, low-code is a safe bet. According to Gartner, the low-code development market is predicted to reach a worldwide total of $13.8 billion in 2021. In fact, the demand for low-code developers has been rising exponentially.

After having worked for WaveMaker for more than 5 years, I find myself with an abundance of choice and skills. I have the skills and knowledge to go the full-stack way, I can lead teams of low-code developers, I can be a solution architect, or I can choose to use low-code for hybrid development. There is a myriad of opportunities and options available. You only have to choose.

Finally, I think I chose the road less taken, even though opinions around me were not as positive about low-code, as they are today, I feel I made an interesting choice that fueled a unique career for me, and that has made all the difference.

Author’s Bio

Sagar Vemala has been with WaveMaker since 2015 and has implemented several customer projects as part of the professional services team. He has built a variety of API-driven applications in workforce planning, inventory management, finance and insurance. If you are developing an application and plan to use low-code, Sagar can share best practices using WaveMaker. Write to him at info@wavemaker.com

Tech-savvy users are swiping left aggressively and swiping right selectively. No, we are not talking about dating apps. We are talking about how quickly the customers of today are changing their banking preferences. Loyalty is a fickle emotion. As Jeffrey Gitomer says “You don't earn loyalty in a day. You earn loyalty day-by-day", by responding to the customer's needs every single day. Otherwise, they just move on.

How responsive banks are to the changing needs of the customer will now decide their longevity. Or else, it’s a swipe left for sure.

With so much at stake, what can banks do to retain their customer’s loyalty?

Going digital is an obvious answer, but then everyone is doing it. Every bank of repute has a digital face--some, more advanced than others. What spruces up the relationship between the customer and the banking app is the customer journey. It is all about how the relationship started and how it sustains--the qualities that keep the customer engaged, the features that make a banking app sticky. So what are the features in a banking application that entices customers, and how does the WaveMaker low-code platform help?

  • Intuitive interfaces
    Clean and intuitive interfaces that keep screens simple but engaging to use, top-grade UI widgets that help create this clean look should be integrated into the low-code platform that aids this kind of interaction. WaveMaker has a plethora of widgets with diverse themes and styles that can be further customized per customer needs.
  • Account information at a glance
    Accessing account information need not be a cumbersome process involving multiple authentications. Modern banking systems allow their customers to view their account information with just Touch ID or Face ID without having to log in using a password. WaveMaker low-code allows developers to interface with external biometric components by providing customized abstractions over the APIs.
  • Corporate and Personal bank accounts management
    A single app should be able to handle multiple associated accounts, link to third-party offers, offer rewards like cash backs, and provide intelligent and relevant offers. The WaveMaker low-code platform allows the creation of prefabs or reusable software components customized to the banks’ requirements enabling composable banking and bringing in value addition to the application.
  • Virtual smart cards management
    Physical credit cards are passe. Virtual cards are in. Modern banking apps allow the creation of virtual cards within the application within minutes. Customers can transfer funds in and out of the cards and perform transactions all within the context of the application. Virtual card management prefabs within the WaveMaker low-code platform allow developers to just pull in the prefab and customize it according to their requirements with just a few changes.
  • Visualization of data
    Customers should be able to see their information in one place. It is not just what information they see but what inferences that they can draw--spend analysis, expense management, ways to improve credit score--a real-time visual dashboard. WaveMaker facilitates these visualizations where developers can access data from all modern data sources and integrate them with relevant UI abstractions with just a few steps.
  • And……….
    Interlinked payment gateways, QR code scanners, OCRs, loan applications made easy, instant digital KYC, added conditional authentication, currency converters, instant loans, multi-device support, mobile photo bills, wearables and so on.

Though a banking application may not necessarily be composed of all of the above, it should at the very least be provided compatible platforms that enable the development of these features leading to the creation of a composable banking app. So the question one may ask is, does WaveMaker as a low-code platform support the integration of these features into a composable banking app?

The answer is a resounding yes!

A developer working on WaveMaker can take two approaches:

One, use the built-in prefabs to quickly conjure up a banking-specific component.
Two, integrate third-party banking components into the application.

This is helped by two factors:

  • One that Wavemaker has an exhaustive repository of reusable components (also an evolving list of customizable banking components)
  • Two, WaveMaker is an API-first development platform that allows the integration of third-party components easily

WaveMaker allows seamless collaboration of ecosystem partners with ease--the foundation of a composable banking architecture. It helps banks, BaaS players, fintech, and ISVs respond to what customers ask for--modern experiences, intuitive interfaces with stunning visual components, security, smooth onboarding, and device-agnostic feature-rich applications. WaveMaker with its API-first approach, prefabs, support for all major databases, and vault-like security with VeracodeTM certified code has all the qualities to broker a long-lasting partnership with the bank and the customer with agility.

Banks can expand the reuse of legacy core banking, offer services to brands as a BaaS player, or launch greenfield initiatives; with WaveMaker, the possibilities are endless.

So, this time when the user swipes right, banks can swipe right back at them!

*Watch this space for our next article on our banking software components

By Vikram Srivats, Vice President, WaveMaker

Enough has been said and written about the effect of the pandemic in hyper-accelerating the shift to digital – for enterprises and consumers alike. This is one widely accepted fact we can note and move on from.

The combination of low-code development and BaaS APIs are enabling more companies than ever to add banking services to existing apps and products

However, another rising wave has been afoot for a few years now – something that Bain Capital Ventures (BCV) thinks is far greater than the Internet, Cloud, and Mobile combined (yes, you read that right) – with a projected market value of $3.6 trillion by 2030. BCV heralds this wave as the Fourth Platform: financial services in an embedded (or integrated) form within technology-driven businesses.

Andreesen-Horowitz (a16z) and CB Insights talk about this being the banking industry’s “AWS moment”, with new Banking-as-a-Service (BaaS) players offering all (or parts of) the banking stack as-a-service for a new crop of fintech and tech-driven brands. a16z further predicts that every company will become a fintech company – embedding finance across digital and traditional brands – by leveraging offerings from BaaS providers.

Embedded finance and BaaS are two sides of the same coin. Brands and fintech offer embedded financial services to consumers and businesses while BaaS providers are the suppliers and enablers for those brands and fintech.

Two trends collide to form one massive opportunity

With the pandemic driving a tectonic shift to online, virtual, and instant gratification, embedded finance allows brands and disruptive new financial products to gain and delight customers, increase share-of-wallet and create stickiness. From a customer standpoint, the financial experience is in the moment, contextual and seamless within the brand experience – to the extent that the finance is almost invisible.

For example, think of Apple – which now offers a credit card backed by Goldman Sachs – or Shopify – going above and beyond by offering embedded payments, balance accounts, and loans to aspiring e-commerce businesses. With the likes of Amazon, Google, Doordash, Chime and Affirm, the list of embedded finance and BaaS-powered use cases and players is growing rapidly.

This growth is primarily fueled by a whole slew of capable BaaS players – Synapse, Treasury Prime, Stripe, Marqeta, Bond, Finastra, Railsbank, Solarisbank, Unit, Galileo, BBVA Open Platform, GPS, and many more – offering differentiated and compelling technical and financial propositions. These BaaS players in turn have partnerships with one or more banks and offer APIs (sometimes a single API) for a brand or fintech customer to call and access the offered financial service via the API.

In a way, things have come full circle – from the software powering financial services (core and engagement platforms) at FIs, we now have banking subsumed into software and offered via APIs.

BaaS APIs are becoming the new currency in the world of financial services

With this BaaS revolution going on in the background, the low-code market has grown exponentially, with more than 100 platform providers – with different specializations – competing for market share. 

Microsoft, Mendix, OutSystems, and ServiceNow are some of the leading players while there are specialist challenger firms more focused on specific personas (professional developers, citizen developers, and business process users) and target areas (apps, workflow, automation, analytics, and so on).

To say that low-code adoption was propelled further by the pandemic is an understatement. Whether for businesses urgently wanting to digitally transform or for more advanced corporations, low-code has comfortably hit its stride as a new paradigm in software development.

Now, with over 2,000 fintech launched in 2019, the rise and maturity of BaaS offerings and differentiated embedded finance use cases/opportunities, and a world where APIs rule, developers are now the first customers of the banking and financial services capability stack.

Brands and fintech, banks and third-party software developers, independent software vendors, and system integrators need to find, attract, hire, train, mentor, motivate, manage and drive world-class development teams to deliver business outcomes.

They must do all this in the face of non-trivial challenges:

  • Talent wars in a field of wider opportunities as business lines blur and career options abound for software developers.
  • Walking the fine line between investing to build a truly high-quality product that customers will love, yet balancing cash burn and ROI.
  • Navigate a web of technology choices for every aspect of the tech stack, including most importantly, the BaaS vendor stack itself.
  • Be prepared to execute quickly – and pivot on a dime – to get ahead of the market in an extremely competitive, dynamic, and fast-paced environment.

A breed of developer-friendly, open, API-driven, modern, enterprise-grade low-code platforms could be the answer. Here is how:

  • Serious B2C and B2B2C digital experiences at the speed of change – delivered using visual full-stack development with pre-existing widgets, themes, styles, and layouts – while still playing well with existing assets, best practices, and architectural choices.
  • Significantly cut development (specifically UI) cost by reuse – Lego-like composable experience development by dragging and dropping custom-built, rich multi-API widgets – “prefabs” – that combine powerful functionality, pixel-perfect UI, and data.
  • Democratized and collaborative development – Citizen developers build out experiences based on user journeys and hand them to pros to make apps “enterprise-compliant”; or in a B2B2C context, expert developers build out the core app which is then extended and customized by less-skilled professional services teams.
  • Deliver on tough innovation problems – convert teams to full-stack development, become agnostic to tech stack changes, handle custom UI demands through app lifecycle, move B2B customers to a self-serve model, and more.
  • Peace of mind guaranteed – apps built are performant and secure, the tech stack is modern and future-proof, deploy anywhere without lock-in, generated code is “real” code that can be exported and extended (as an insurance policy), easily available, low-cost skills for writing custom extensions, no price tag for scaling up apps/app objects/app end users and such like.

In 2020, Microsoft cited research predicting that more than 500 million new apps will be built in the next five years, which is more than the total number of apps built in the last 40 years, even as companies struggle to find software developers. According to KPMG, despite the overall market softness in H1 2020, H2 rebounded and saw almost $72 billion in fintech investment (across PE, VC, and M&A deals). Klarna, Revolut, and Chime raised mega rounds north of $500 million each. KPMG goes on to predict that embedded finance will emerge as the *new North Star* in fintech.

Low-code development layered on BaaS APIs may be embedded finance’s hockey stick moment

Embedded fintech and low-code development are massive scale markets in their own right. The next 1,000 or 10,000 fintech, FIs, and brands that deliver embedded financial services will need to be laser-focused on their customers and business to compete and win. Agility, automation, and reuse will underpin composable enterprises and personalized experiences, and modern, powerful low-code platforms already are delivering complex, compelling and contextual experiences for discerning development and business teams globally.

To further explore banking solutions by WaveMaker, please view our exclusive BFSI offerings here.

Or, start a conversation with our expert consultants for solutions to your unique requirements.

Originally published in Fintech Futures

Team access to artifact repository, improved workflows for artifact publishing, prefabs versioning, and more

WaveMaker 10.8 brings capabilities and features that harness the power of artifacts and prefabs on the WaveMaker low-code platform--especially for teams. Prefabs are custom widgets that can be reused across projects within a team. With this release, the platform consolidates its strength on prebuilt software components by making collaboration across teams faster and easier to manage.

WaveMaker continues to enable enterprise IT teams, ISVs, and all stakeholders to co-create value faster and better with low-code.

Teams - Together and Transparent

Artifacts in Teams

Artifacts are reusable components that can be developed and maintained independently. Various components such as prefabs, project shells, template bundles, and themes come under the umbrella of artifacts on the WaveMaker low-code platform. V10.8 allows the sharing of a central repository of artifacts in teams promoting collaboration between team members.

Team members can view a list of all available artifacts providing clear visibility. Developers have complete access to the repository of available components and are free to choose the artifact version that suits their requirements best. This in turn makes activities such as documentation, maintaining change logs, and version control of artifacts a seamless process.

A new and improved flow

Artifact approval

With 10.8, developers creating and using artifacts across teams and projects can manage their workflows seamlessly. Consider a scenario where a developer publishes an artifact and waits for approval from the team admin. The admin can then review the artifact on the team portal and approve the same, making it accessible for all developers to use or reject it and send it back with changes.

Not just that, the same prefab or artifact can be versioned multiple times with each version visible to all team members. Developers can search and view available prefabs under projects, teams, or system prefabs and import specific versions into the projects.

One component, different forms

Support for specific prefab versions

Different projects can use different versions of the same prefab with a scope for upgrading. Developers can choose versions that suit their requirements with the help of changelogs and get real-time notifications of newer versions. Minor patch updates on prefabs can be published independently using branch support. Development teams can update patches and upgrades seamlessly without disrupting the existing environment and projects.

For ISVs, having access to the latest versions of artifacts is of great value. This allows for both forward and backward compatibility with respect to prefabs with minimum disruption. With every new update, WaveMaker continues to bring developers together, fostering collaboration, and helping them build powerful applications.

To know more about WaveMaker 10.8.0, please read the release notes here.

Create, publish and consume APIs effortlessly with WaveMaker low-code platform

Digital transformation is no longer a buzzword. It has become a way of life for enterprises that want to stay in business. In the current post-pandemic era, business maturity is being evaluated in terms of digital maturity. The road to digital adoption has many emerging technologies in force but working silently behind the scenes and aiding this rapid acceleration, is the unseen ‘super glue’ of all business services - Application Programming Interfaces (API). Technically, APIs have been around for two decades at different levels of operability but it is only in recent years that there has been an explosion of sorts in the usage of APIs.

The demand for multichannel experiences and the everything-on-cloud approach has accelerated the use of APIs. Whether it be composable architecture or microservices, APIs enable the kind of business collaborations that were unheard of before. The partnering of transportation services with a bank, retail shops with payment apps, and banks offering investment opportunities, loans, currency transactions, and payment services on an e-commerce platform have all been made possible by the growth of APIs. Similarly, offloading certain business tasks to ecosystem partners and liberating internal services from silos has been fueled by the synergy between APIs.

API-driven development

API-driven development is the practice of designing and building the API contract first and then developing the application around the contract. Also, known as the API-first approach, this paradigm involves the front-end developers building mocks around APIs and creating refined end-user experiences. In parallel, the back-end developers implement the underlying logic of the APIs.

Dedicated test suites are created around these APIs and, in a way, they foster the idea of test-driven development. In an API lifecycle, the API Publisher designs and deploys the API whereas the API Consumer discovers and integrates the APIs. Each of these roles has multiple functions associated with them and those functions define the characteristics of the API.

API Management with WaveMaker low-code platform

WaveMaker is an open standards-based, developer-centric low-code platform built for modern development practices. The platform enables app developers to play the role of an API Publisher and API consumer. The platform has a natively integrated component called the API Designer which is used to ease the process of designing, creating, and consuming APIs.

  • API- first approach: With WaveMaker, a REST API is generated automatically for every service that is imported. These APIs are available for consumption as well as modification through the API designer that can be used for:
  1. Exploring the various APIs generated by the platform
  2. Testing the APIs 
  3. Customizing APIs generated by Java services
  • API GeneratorWaveMaker generates standards-based REST annotations for the above services which can be consumed by API tools for generating documentation using the API generator. The design of these auto-generated REST APIs can be updated further by configuring their description, visibility, method types, and parameter types.
  • Open APIs: The platform generates core REST APIs endpoints using Swagger/Open API compliant contracts for database services, Java services, web services, custom code business logic, or even third-party imports. It also to generates UI functionality for Create, Read, Update, Delete (CRUD) operations for REST APIs which conform to Open API specifications. Integrating an existing REST endpoint with any of the 100+ UI widgets offered by WaveMaker is also straightforward without writing a single line of code. Open API helps WaveMaker apps consume other WaveMaker APIs enabling applications within an enterprise to talk to each other.
  • API Security & TestingSecurity is auto-enabled for an application that can be viewed in the API designer. API security is ensured by securing it with role-based access within the enterprise. API endpoints are also OAuth protected. Once the REST APIs are defined successfully, they can be tested with the “Test” tab. On successful testing, APIs are published along with the applications.
  • Legacy APIs: APIs are invariably REST-based but there remain big remnants of legacy SOAP-based APIs. WaveMaker automatically creates a REST API endpoint for the SOAP services that are imported into an application thus enabling the reuse and modernization of legacy technologies.

WaveMaker offers an API-driven development platform with:

developer-friendly low-code platform abstracts the complexities of API management and provides UI-based connectors to work on the endpoints without having to hand-code. WaveMaker scores high on effortless API creation and management with an API-driven approach and an in-built API designer. The platform’s inbuilt adherence to the rules of the API game and its innate ability to convert any service as an API makes the job of all stakeholders so much easier.

APIs have become an inherent part of software building. Programmableweb (API directory) had a listing of mere 54 APIs in 2005. Today there are close to 24000 APIs listed there, and this is excluding the internal enterprise-level APIs and the ones that haven’t been made discoverable yet. Fuelling this expansion are tools and platforms that help us design, manage, test, produce, and consume APIs. Rapidly, easily and securely.

Imagine your enterprise architecture, not as a collection of disparate business processes with some loosely defined interdependencies, but as a neatly fit, well composed, well maintained, synchronized set of autonomous and API-driven Packaged Business Capabilities (PBC). Each process fitting into another like a well-thought-out jigsaw puzzle. What’s more, the scope for adding more such processes is unlimited and the pieces to the puzzle are interchangeable. Such a modular architecture makes it possible for each of these PBCs to have separate life cycles of its own which can then be deployed, tested, and reused causing minimum disruption.

composable-architecture

If this visualization evokes your interest, welcome to the world of  ‘composable architecture’.

PBCs are in fact, products by themselves either built in-house or by SaaS vendors or best of breed application factories. According to Gartner, by 2023, 30% of applications will be sold as PBCs.

Why compose?

A composable approach to application development helps businesses deliver the needed solutions at the pace of modern business change. - Louis Vistola, Devops.com

CIOs are using composability to tackle disruptions - pandemics, natural disasters, market fluctuations, and changing customer needs. Composable architecture brings several benefits to the composable enterprise concept, specifically the agility and innovation to respond to changing business needs. It reduces the need to build configurability reducing complexity and thereby reducing the QA cycles. Other than the possibility of unlimited scaling, it also focuses on shortening the gap between IT and business, bringing deep personalizations based on roles, and the ability to build new business models.

Role of low-code platforms in the
journey to being composable

As organizations move towards digital transformation, the low code plus composable combination offers maximum flexibility, delivering value at greater speed. - Elizabeth Wallace, RTInsights.com

Low-code is built on the premise of visually composing applications and services with the help of built-in components. Therefore, a low-code platform like WaveMaker becomes a plausible choice for the rapid development and integration of PBCs. However, where, in the journey of building a composable architecture does a low code platform play its part?

Depending on the size and affordability of the enterprise, a low-code platform can don many hats.

  • Use it to build new PBCs
  • Democratize application development
  • Increase collaboration with IT and business users
  • Use it as a business capability development tool
  • Define new user experiences and customize your applications
  • Utilize low-code as an aggregator/ integrator of various PBCs
  • Provide a visual abstraction over complex API calls

The list is exhaustive.

A low-code development platform like WaveMaker comes with an innate plug and play approach, and can do a lot of heavy lifting for an organization looking at composability. Let’s see how.

API-driven approach: The API Designer

Application Programming Interface (API) management market size is set to
grow from USD 1.2 billion in 2018 to USD 5.1 billion by 2023

Application Programming Interfaces(APIs) are the catalysts in creating a well-composed architecture. PBCs expose their functionalities using APIs. When all processes within an enterprise are API-enabled, developers and business collaborators can access them seamlessly to suit their needs resulting in faster delivery and increased composability. All communication across enterprise applications is streamlined with the help of APIs.

WaveMaker enables an API-driven app development approach. The platform extends its capabilities beyond just publishing, wrapping, and sharing APIs within the enterprise, by also enabling partners and third-party developers to consume APIs vital to their business. Representational State Transfer(REST) APIs are autogenerated for any application that is created on the WaveMaker low-code platform. For every service that is imported on the platform whether it be database, Java, SOAP, or a third-party service, an API is auto-generated. This enables easy composability of critical services like databases and third-party functionalities into the application canvas and the larger ecosystem of applications. The platform has a feature called ‘API designer’ where all APIs available to the application can be viewed, tested, and customized.

Wavemaker is also OpenAPI Specification 2.0 (OAS) compliant and extends the functionality of OpenAPIs by integrating REST endpoints in a Web/Mobile application. Once a REST endpoint is generated, it can be easily integrated with any of the 100+ UI widgets available on the platform without the hassles of hand-coding. What’s more, applications within the enterprise can talk to each other.

All platform-generated APIs deliver enterprise-grade security, OAuth capabilities, and users are provided with fine-grained control over the usage of APIs.

Reusable software components: Prefabs

Within the WaveMaker studio, “Prefabs” are customizable, reusable, distributable, components/widgets that help in accelerating digital app development. ‘Prefabs’ are the building blocks that enable composable architecture through WaveMaker. These groups of components are gathered in the Design-Toolbox within the WaveMaker Studio. More than 100 prefabs covering a wide range of features cater to different use cases throughout the product. Every enterprise customer owns an artifact repository of components that can be as granular as a UI widget or an entire workflow such as a Loan application microapp.

Similar to an application, prefabs have their own development cycle - a prefab is developed, tested, and deployed independently. Additionally, it can be retrofitted to suit varying business scenarios and repurposed. In fusion teams, Prefabs can be created by developers and can be consumed by non-developers (business users and citizen developers) to exponentially accelerate development. WaveMaker users can just gather (drag and drop) the necessary prefabs from the enterprise repository and then compose an entirely new application with the centralized built-in module.

You can find a detailed article on prefabs here.

Microservices

“The golden rule: can you make a change to a service and deploy it by itself without changing
anything else?” - Sam Newman, Building Microservices

Microservices are known for their composability, but are microservices akin to PBCs? A PBC is composed of several microservices and in some cases, a microservice can act as a PBC providing a tangible business capability. Therefore, the ability to support microservices is a crucial tenet for a low-code application development platform that enables composable architecture.

Since REST APIs are auto-generated in WaveMaker, Microservices are inherently supported. Some of these APIs are available for further customization based on the app integration needs and as Sam Newmann says, the primary benefit of using microservices is that you can change and deploy a service with minimum disruption - An important principle when it comes to composability.

Integration of features and modules happens more often at the customer experience layer. Micro Frontends, in the microservices world, is a scalable design practice that enables users to produce composable independent modules which can serve in building a new app or progressively integrate features to an existing app. WaveMaker is the only low-code platform to support Micro Frontend modules extending rapid development benefits to Micro Frontend development. It adopts the runtime integration approach for Micro Frontends & works with the Single-spa framework.

WaveMaker also enables seamless deployment of business services into the choice of infrastructure. Enabling business services as individually versioned microservices makes the entire CI/CD process effortless leading to what we call Zero DevOps.

Low-code platforms and composable architecture share a symbiotic relationship. They have shared goals namely agility, velocity, collaboration, and the ability to build powerful applications that can be plugged into the enterprise ecosystem without disruption. Technical tools and platforms that allow enterprises to pivot and adapt rapidly are the need of the hour. Composable architecture requires the ability to utilize several modern technologies such as API enablement, reusable software components, support for REST and SOAP services, modern CI/CD technologies combined with microservices (Kubernetes), multi-cloud enablement, and data protection.

WaveMaker is an open low-code platform that delivers all these and more.