LOW-CODE
PREFABS
SOLUTIONS
EVALUATE

Wired for experience®

BLOG

Embedded finance, low-code and the
emerging face of adaptability

The years 2020-21 will be remembered for the pandemic and the subsequent resurgence. It will also be remembered for the time where over half the world’s population pulled out their mobile phones to buy groceries, order food, get paid for services, shop for clothes, and even pay for healthcare. While the pandemic ravaged nations, humans quickly adapted to new ways of transacting. Financial transactions through almost any app of any industry became a reality and more or less a force of habit.

What made that drastic leap possible was set in motion years ago with the advent of Open APIs. The emergence of public APIs and regulatory changes such as PSD2 spearheaded the ‘Open Banking' revolution. A flurry of fintech companies followed, offering to ‘embed' financial services in non-financial apps. Financial capabilities once considered the privilege of banks, became a necessary touchpoint in the customer journey of any brand. While banks still held dominion over regulatory licensing, fintech was able to squeeze in financial offerings between the layers of ‘bank' and ‘brand' with alacrity: Thus leading to the emergence and rise of ‘embedded finance'.

In fact, according to Juniper Research, in 2021 alone, the ‘embedded finance’ market is said to be valued at $43 billion and is set to soar by 215% by 2026.

Early Adopters and Present Trends

Uber and Lyft are some of the most well-known early adopters of embedded finance.. Tackling the simple pain-point of cab riders (searching for cash, taking out a credit card, toggling between apps), Uber introduced embedded payment in its cab booking app. Its early success in alleviating a major pain point in customer experience spawned a rush for embedded payments in large, digital savvy, non-traditional players ranging from e-commerce (Amazon) to food delivery apps (Deliveroo). Fintech with technical know-how and financial acumen followed suit with offerings customizable for banks and brands.

This led to the emergence of another layer between fintech and banks, what is called Banking-as-a-Service (BaaS). Unlike Open Banking that offered only data, BaaS offers APIs for banking services that fall under the ambit of regulatory services. The fact that these APIs could now be leveraged in any digital customer journey opened up a plethora of value propositions for brands, hitherto not possible--retailers providing a ‘Buy Now, Pay Later'(BNPL) option, car dealers offering loans and insurance, and utility providers launching wallets.

The customer-share pie for financial services became open to all.

What started as embedded payments has now evolved into multiple use cases such as embedded insurance, embedded banking, embedded credit, and embedded investment. The use case list has expanded to every industry from retail to HR and has the potential to morph further. While digital-savvy, large enterprises are quick to adopt, small businesses are also jumping into the fray. Uber which was only offering payment services, now offers loans to its drivers and an Uber debit card for a checking account to its users. On the other hand, banks, both new and traditional, are opening up new avenues to reach out to their customers.

For brands, it is the customer journey that matters. For banks, it is high volume and less cost. A win-win in any case.

Speed Bumps in API Adoption

If we look at banking trends over the decades, the underlying driving force that has spawned thousands of new players in the financial services industry is most surely -- APIs. From Open Banking to now Banking-as-a-Service, companies that have proactively embraced the evolution of APIs have been successful in embedding financial services. However, it is easier said than done.

Banks/ Providers typically have an API-only approach. There is no touch and feel. The graphical elements or abstractions on top of these APIs need to be recrafted and customized per brand, per use case. With virtually every bank jumping into the bandwagon, brands (especially SMBs) look for technical expertise to evaluate and buy from the exhaustive list of APIs. Navigating the labyrinth of APIs would also involve sourcing and integrating APIs from multiple providers, brands, and third parties. To build a digital layer over the APIs, the brand has to either depend on its own IT and available tools, or they have to turn to fintech or ISVs that can help them leverage the power of these APIs on an integrable platform.

Think Beyond APIs: Go Low-Code

In the end, APIs are a means to an end.

Businesses spend inordinate amounts of money and time to consume complex APIs and launch embedded finance services. Traditional hand-coding while integrating with APIs is cumbersome and can lead to latency in time-to-market. Subsequently, many businesses lose their first-mover’s advantage.

Low-code platforms can help businesses in two ways to gain momentum:

  1. Businesses can perform quick roll-outs of showcase applications and MVPs on a low-code platform, thereby gaining a sense of the market pulse and figuring out what works and what does not.
  2. BaaS providers can use low-code to enable hyper-accelerated app development by provisioning ready-to-use contextual components over their APIs, which can be easily provided as a bundled financial offering for business apps.

A low-code platform can now act as an aggregator of financial and non-financial APIs and provide a contextual layer that is customized per brand/bank.

Battling out on fierce financial terrain, are large and small brands and FIs. Whether it is ‘Buy’ or ‘Build’, businesses, fintech, and ISVs agree that application development platforms need to offer two very important aspects while integrating APIs: flexibility and security.

Low-code platforms that come with inbuilt security and a “whatever-whenever-wherever” facilitation effectively neutralize these two major concerns faced by incumbents of the financial services industry.

To Embed or Not is Not a Question!

Over the past two years, industries have shown resilience and adaptability like never before. Embedding finance into a consumer app has become a norm. A norm that took wings years before but gained momentum in the past two years. The hyper-acceleration of embedded finance in financial and non-financial applications is the phenomenon of businesses reacting to unforeseen circumstances in the most creative manner. Low-code platforms like WaveMaker can assist small and large brands in consuming and integrating disparate APIs with ease and provide a contextual consumer interface abstraction over them.

The synergy created by low-code, embedded finance, rapid application tools, and digital transformation in general, are shaping the face of what creative adaptability looks like.

Forrester finds that, in 2020, over 27% of organizations improved their customer experience (CX) index scores, a big number compared to the few who were making progress in the years before.

“To emerge successfully from this global crisis, brands must build experiences that help them engage with their customers at an emotional level,” wrote Forrester SVP, Sharyn Leaver.

So, how do enterprises engage customers at an emotional level when the predominant
channel of interaction is now digital?

By delivering insights-driven, personalized, contextual, end-to-end digital customer experiences anytime, anywhere, across channels and devices.

To achieve this, at accelerated time-to-value and scale, enterprises need a springboard: A Digital Experience Platform.

Gartner defines a Digital Experience Platform (DXP), as an integrated set of technologies, based on a common platform, that provides a broad range of audiences with consistent, secure, and personalized access to information and applications across many digital touchpoints.

At WaveMaker, we visualize it in three layers:

  • Foundational Business Engine
  • Digital Engagement Hub, which brings together APIs from the business engine
  • Customer Experience Suite, which is the UX layer, made up of apps
Digital Experience Platform

Most enterprises have the business engine and the digital engagement hub, even if some of them might be legacy software. However, the digital customer experience layer needs to respond to rapidly evolving needs, offering opportunities for experimentation and rapid implementation. It is here that low-code can help. Here’s how.

Transforming applications to a customer-oriented approach

In most industries, IT is designed around the organizational structure, not customer needs. For instance, the technology architecture of a retail organization is driven by the supply chain — divided into inventory, point of sale, customer relationship management, e-commerce, etc. So, if a customer wants to check on the company’s website whether a product is available in their nearby store, it would be next to impossible because the e-commerce engine doesn’t speak to the inventory management system.

A digital experience platform can enable enterprises to address such use cases without elaborate investments in product development. When the business engine is built on customer-oriented architecture, deploying applications as microservices, loosely coupled, and API-driven with functional encapsulation, the low-code customer experience suite empowers you to drag and drop any combination of features and functionalities to create a new app. It effortlessly abstracts the various business engines to create apps with little manual programming.

Leveraging data for personalized digital experience

No customer wants to search and scroll endlessly on their shopping app to find the product they want. Nor do they want to manually drag and drop features into their interface to personalize it themselves. They want personalized experiences that are meaningful, engaging, and, most importantly, efficient.

A digital experience platform can leverage advanced analytics to deliver that. The low-code customer experience suite can form the abstraction over the analytics engine to bring together user, interaction, and business data to create a 360-degree view of the customer. It can enable dynamic user experiences, ensuring continuity of customer relationships, displaying cross-sell/up-sell opportunities contextually.

Delivering omnichannel engagement

In the era of ‘hand-off’ between devices, customers demand a smooth omnichannel experience from enterprises. For instance, an e-commerce customer today wants to add items to their cart from any device, anywhere, anytime, and purchase them all together when they’re ready.

Digital experience platforms are built to enable this seamlessly. By integrating various digital business engines, the low-code customer experience suite allows you to build omnichannel customer journeys — effortlessly moving from one channel to another, ensuring continuity of engagement across devices.

Enabling dynamic content delivery

Traditional applications are optimized for short-term transactions, while digital experience platforms are built to create long-term customer value. For instance, an e-commerce application is typically built around capabilities like search and checkout, focussing on the efficiency of shopping. But customers today are seeking more engagement. Perhaps why social commerce — blending of social media like Instagram and shopping — is gaining popularity, as it stresses the ‘experience' of shopping.

The digital customer experience suite enables enterprises, especially in industries like banking, media, retail, or fashion to design websites, portals, apps, etc. to deliver personalized, contextual, relevant, and timely content to improve stickiness and loyalty.

Ensuring end-to-end digital service

Today, saying “you need to come to the store to get this done” is a sure-shot way of losing a customer, especially given that the cost of switching to a new provider is the lowest it has ever been. However, traditional shelf-ware is heavily restrictive in the functionalities they can offer.

Digital experience platforms enable you to deliver end-to-end digital service. With the customer engagement suite, enterprises can:

  • Build and deploy new applications quickly for customers
  • Enable dashboards with predictive analytics for employees
  • Create chatbots to automate answers to common concerns
  • Automate data collection in the form of feedback through email, SMS, or app notifications
  • Streamline product and business innovation based on customer behavior and preferences

In 2018, PwC found 32% of customers say they would stop doing business with a brand after one bad experience, even if they had loved it before. On the other hand, customers are willing to pay a 7-16% price premium for a good experience. This becomes even more telling in the post-pandemic era.

Today, just offering a digital avenue isn’t enough. The digital channel(s) is the storefront, relationship manager, customer service, marketing, sales, product catalog — all rolled into one. The true success of a digital channel is in dynamically adapting to customer needs. A digital experience platform helps you achieve that.

With a robust low-code customer experience suite built with WaveMaker, you can accelerate your digital experience platform journey significantly. Its ability to provide features such as a composable architecture, scalability, cloud-native capabilities, customizability, repeatability and security strengths enable your application teams to create differentiated experiences at a fraction of the time and cost.

To see how low-code can accelerate your digital platform journey, try a demo of WaveMaker today.

Authored by Gopi Mishra, Principal Architect - Development, WaveMaker, Inc

Enterprises are increasingly using ‘Direct-to-Consumer’ digital initiatives. They are parallelly digitizing their internal processes with increased velocity. These changes bring with them a tide of security threats. From insider threats to exposed marketplaces, there is always a security hazard lurking around the corner--one that can assume mammoth proportions if security doesn’t become an ingrained part of application development. In fact, according to a report by cyber security firm 'Checkpoint', cyberattacks on organizations worldwide jumped by 29% during the first half of 2021 as compared to the same period in the previous year.

So if an enterprise is adopting the web, mobile, and cloud, and directly selling to the consumer, it would be paramount that the IT team prioritizes the security of its product, and most importantly ingrain the best practices of weaving security into the development process.

Who better to don the mantle of defense than the ‘developer’? After all, when it comes to the security of an application, ‘developers’ are the first line of defense!

Defense-In-Depth

A ‘Defense-In-Depth’ approach to security for applications is a layered approach to security. What it essentially means, is that developers should take necessary action to mitigate security risks at every layer, be it the front-end (client), middle-tier, database services, or even the network layer. To do that, developers need to collaborate with various stakeholders: customers, DevOps teams, IT-networking, and the security teams handling the necessary infrastructure.

A developer has to have the same approach while developing secure applications using a low-code platform. WaveMaker comes fortified with SAST tested auto-generated code that is VeracodeTM verified. While developers working with WaveMaker can rest assured of the inherent security of the platform, there are a few best practices that a one can follow while using WaveMaker low-code to develop secure applications.

Embed security using WaveMaker

Developers need to think about security primarily in three areas: Data, Business Logic, and Coding. Data in itself could be static or could be in transmission. Depending on its state, the developer needs to keep an eye out for the following checkpoints:

secure applications using Low code

Data at Rest:

  • Ensure that no personally identifiable information is stored at the client-side (in-cache of web application or in device storage of a mobile application)
  • For mobile applications, store relevant and critical information in secure elements
  • Avoid storing information such as service credentials and connection strings in an accessible file. If stored, ensure that there is a proper authentication and authorization mechanism in place to access these files
  • If possible, use rooted/jailbreaking detection for mobile apps.
    Cordova provides plugins for the same. This can be added to the application by importing the plugin to the application. Plugins can be imported as described here.
secure applications using Low code

Data in Motion:

Secure data in motion from being intercepted

  • Use HTTPS for all calls between the client and the server-side
  • Use TLSv1.2
  • Ensure that the data between client and server-side is encrypted
  • Use updated security certificates that have the latest and secure cipher algorithms
  • Ensure validity of certificates. In case, certificate pinning is used on mobile applications ensure that certificates are renewed before expiry and app uploaded to app/play store to avoid apps breaking in production
  • Protect API calls with authentication
  • Do not include PII data as a part of a GET call
secure applications using Low code

Business Logic:

  • Use multi-factor authentication
  • Have a password policy and validation
  • Include input validation as a part of data length, type, and white-listed characters
  • Do not include passwords as a part of the ‘Remember Me’ functionality
  • Do not provide the reason for the failure of authentication in event of a validation failure
secure applications using Low code

Coding Best practices :

  • Do not log sensitive information like passwords
  • Include all loggings as a part of the ‘isDebugEnabled’ flag so that they can be disabled in the production
  • If ‘Request’ and ‘Response’ are logged or can be logged in debug mode then create filters for sensitive data
  • Use the latest versions of third-party plugins that are imported into the application
  • Use the latest SDKs/APIs that are tested against vulnerabilities
  • Flush out session data during logout
  • Error stack trace should not have sensitive information. It is always advisable to add custom messages as error messages rather than simply passing or printing the error stack trace which may have application class/file names or sensitive data.
  • WaveMaker is VeracodeTM certified and the auto-generated code is protected against OWASP Top 10 security risks. However, while designing an application the developer should keep these risks in mind and design the application to safeguard it against them (For a greater list of guidelines, follow this OWASP cheat sheet]
  • When using WaveMaker low-code platform, ensure that VeracodeTM-like scans are performed for both JavaScript and Java code

Security is an inarguable conclusion

While security best practices can help developers immensely, what is more important, is that they develop a ‘security mindset’. Security must be a priority and not an afterthought. While developing applications using ‘Agile Practices’, security should be a criterion in the ‘Definition of Done’ of user stories. Bigger pieces should be taken up as enabler stories. Regular penetration tests should be performed early in the development stage and should be a part of every sprint release. A security loophole caught early in the game will alleviate future pain points, bring down costs and reduce technical debt.

Being secure is not an option, it is an inarguable conclusion. Developers with a finer sense of security will hold this as their mantra.

Author’s Bio

Gopi is a software architect with over 15 years of experience in the financial tech and IT domain including 9 years he spent on mastering mobile architecture design. He presently leads a team of low-code developers and mentors them about best practices in software development. In his free time, he loves to read non-fiction, watch history channels or binge-watch movies.
Write to Gopi Mishra at info@wavemaker.com

secure applications using Low code

Low-code is high on learning: A developer’s perspective

Mankind and the systems that it relies on are in a constant state of flux. From the transportation systems we travel in, to the medicines we take, evolution has been a constant phenomenon in human life. If that were not so, we would still be stuck in stone-age. Development tools are no different. From low-level languages like COBOL to high-level languages like Java and Python, coding has evolved to make application development easy. Similarly, IDEs are constantly evolving to make the developer’s life easy. From text editors to GUI-based IDEs to IDEs that even autocomplete your code, development environments have come a long way. Low-code is the next eventual milestone.

Hi! I am Sagar Vemala, from Hyderabad, India and I work for WaveMaker, Inc. After completing my engineering course, I joined WaveMaker as an intern where I was introduced to low-code development and I found the concept of converting ideas into products rapidly; absolutely fascinating! I had an offer in hand to join a reputed technology company as a developer even before I was offered an internship at WaveMaker, but I must say that the internship introduced me to a whole new world of application development and I decided to stay. When I started as a full-time developer at WaveMaker, I was warned by my peers about being labeled as a ‘low-code developer’ but my gut instincts told me that I was making the right decision. Looking back, am glad I stuck to my decision. A low-code developer’s job is not restricted to simple coding, it is an expansive sea of learning, of thinking outside the box and more importantly, it is a job that solves a problem.

In this context, I would like to share my experiences from my journey, clear some misconceptions and present my point of view about my career as a low-code developer. Here are a few pertinent questions that I get asked about low-code:

If it is just drag and drop, then what is there for a developer to do?

I learned Java on notepad++. While it is the best way to learn Java, it is not necessarily the best way to develop faster. Seeing me code on a text editor, my friend introduced my novice self to the Eclipse IDE and it is there that I was introduced to the world of GUI IDEs with cool features like generating import statements, getters, and setters methods automatically.

My ‘world of coding’ just became so much more flexible.

The first time I saw how WaveMaker worked, it was déjà vu--Once again a complicated process had been made so much easier. My life as a developer is made ‘easier’ by WaveMaker. Here is how:

WaveMaker has a real code-behind approach and allows full customization and extension on every level. I consider WaveMaker as an advanced IDE (RAD) which generates open standards-based code following best architectural practices. It offloads monotonous tasks like setting up the project and environment, managing framework, and library upgrades and allows me to focus on the problem at hand. Also, it helps developers by providing configurational code for standard features like multi-language support, security, and scalability. With all that being taken care of by WaveMaker, I can focus on areas where my knowledge and experience are needed, like solving requirements and writing business and integration logic.

By being a low-code developer, am I restricting my learning and knowledge?

Absolutely not! I see myself as a problem solver and not just as a developer. I get to work on so many layers of technologies, right from designing the DB schema to preparing the backend to composing the UI and deploying the app.

In a traditional setup, this would require a large team of dedicated backend and front-end developers working for months to build an app. In today’s world, there is an imminent danger of irrelevance by the time an app is developed. With WaveMaker, a small team does the job in weeks that would traditionally take months and as a plus, I get to dip my toes in every kind of technology.

As development became more agile and the time frame became shorter, I got to work on many applications across different domains. At times, I would digest requirements directly from the client. With total control over development at all layers, I was able to provide accurate estimates. After observing diverse apps getting built, I started to think about another important aspect of development--user experience. This skill that I picked up while using low-code helped me deliver applications even without the help of a business analyst or a user interaction designer. My learning outside just coding, sky-rocketed.

I also got the opportunity to work with DBAs, senior developers, technical team leads, and architects of various enterprises as a WaveMaker SME. All apprehensions about not being ‘technical enough' disappeared after my conversations with them and I believe that I was able to add value to decisions that are agnostic of WaveMaker.

In a nutshell, the horizon of my learning expanded.

If the platform generates most of the code, won't that make developer's learning gloomy and less interesting?

Circling back to the point of learning, let’s elucidate with an example. Let’s say, a ‘traditional’ JavaScript developer has just started learning Angular. If the said person follows the documentation of a ‘to-do’ app and merely replicates the steps without understanding the intricacies of how Angular is helping, will the person be able to actually ‘learn’ and contribute to projects? No, right? The same logic applies here as well. There is learning in any sphere of creation. Developers who aspire to work with WaveMaker low-code need to use or will learn the below-mentioned skills to understand WaveMaker generated code and make the best use of it.

As a low-code developer, am I stuck? What is the future of a low-code developer?

I strongly believe that low-code may not be a hammer for every nail but is a necessary tool in the developer kit. Enterprises have and will adopt this methodology into their practices for years to come. Digital transformation has become ubiquitous with every enterprise and if an enterprise is looking at ways to create safe, scalable, and modern products with faster go-to-market, low-code is a safe bet. According to Gartner, the low-code development market is predicted to reach a worldwide total of $13.8 billion in 2021. In fact, the demand for low-code developers has been rising exponentially.

After having worked for WaveMaker for more than 5 years, I find myself with an abundance of choice and skills. I have the skills and knowledge to go the full-stack way, I can lead teams of low-code developers, I can be a solution architect, or I can choose to use low-code for hybrid development. There is a myriad of opportunities and options available. You only have to choose.

Finally, I think I chose the road less taken, even though opinions around me were not as positive about low-code, as they are today, I feel I made an interesting choice that fueled a unique career for me, and that has made all the difference.

Author’s Bio

Sagar Vemala has been with WaveMaker since 2015 and has implemented several customer projects as part of the professional services team. He has built a variety of API-driven applications in workforce planning, inventory management, finance and insurance. If you are developing an application and plan to use low-code, Sagar can share best practices using WaveMaker. Write to him at info@wavemaker.com

Tech-savvy users are swiping left aggressively and swiping right selectively. No, we are not talking about dating apps. We are talking about how quickly the customers of today are changing their banking preferences. Loyalty is a fickle emotion. As Jeffrey Gitomer says “You don't earn loyalty in a day. You earn loyalty day-by-day", by responding to the customer's needs every single day. Otherwise, they just move on.

How responsive banks are to the changing needs of the customer will now decide their longevity. Or else, it’s a swipe left for sure.

With so much at stake, what can banks do to retain their customer’s loyalty?

Going digital is an obvious answer, but then everyone is doing it. Every bank of repute has a digital face--some, more advanced than others. What spruces up the relationship between the customer and the banking app is the customer journey. It is all about how the relationship started and how it sustains--the qualities that keep the customer engaged, the features that make a banking app sticky. So what are the features in a banking application that entices customers, and how does the WaveMaker low-code platform help?

  • Intuitive interfaces
    Clean and intuitive interfaces that keep screens simple but engaging to use, top-grade UI widgets that help create this clean look should be integrated into the low-code platform that aids this kind of interaction. WaveMaker has a plethora of widgets with diverse themes and styles that can be further customized per customer needs.
  • Account information at a glance
    Accessing account information need not be a cumbersome process involving multiple authentications. Modern banking systems allow their customers to view their account information with just Touch ID or Face ID without having to log in using a password. WaveMaker low-code allows developers to interface with external biometric components by providing customized abstractions over the APIs.
  • Corporate and Personal bank accounts management
    A single app should be able to handle multiple associated accounts, link to third-party offers, offer rewards like cash backs, and provide intelligent and relevant offers. The WaveMaker low-code platform allows the creation of prefabs or reusable software components customized to the banks’ requirements enabling composable banking and bringing in value addition to the application.
  • Virtual smart cards management
    Physical credit cards are passe. Virtual cards are in. Modern banking apps allow the creation of virtual cards within the application within minutes. Customers can transfer funds in and out of the cards and perform transactions all within the context of the application. Virtual card management prefabs within the WaveMaker low-code platform allow developers to just pull in the prefab and customize it according to their requirements with just a few changes.
  • Visualization of data
    Customers should be able to see their information in one place. It is not just what information they see but what inferences that they can draw--spend analysis, expense management, ways to improve credit score--a real-time visual dashboard. WaveMaker facilitates these visualizations where developers can access data from all modern data sources and integrate them with relevant UI abstractions with just a few steps.
  • And……….
    Interlinked payment gateways, QR code scanners, OCRs, loan applications made easy, instant digital KYC, added conditional authentication, currency converters, instant loans, multi-device support, mobile photo bills, wearables and so on.

Though a banking application may not necessarily be composed of all of the above, it should at the very least be provided compatible platforms that enable the development of these features leading to the creation of a composable banking app. So the question one may ask is, does WaveMaker as a low-code platform support the integration of these features into a composable banking app?

The answer is a resounding yes!

A developer working on WaveMaker can take two approaches:

One, use the built-in prefabs to quickly conjure up a banking-specific component.
Two, integrate third-party banking components into the application.

This is helped by two factors:

  • One that Wavemaker has an exhaustive repository of reusable components (also an evolving list of customizable banking components)
  • Two, WaveMaker is an API-first development platform that allows the integration of third-party components easily

WaveMaker allows seamless collaboration of ecosystem partners with ease--the foundation of a composable banking architecture. It helps banks, BaaS players, fintech, and ISVs respond to what customers ask for--modern experiences, intuitive interfaces with stunning visual components, security, smooth onboarding, and device-agnostic feature-rich applications. WaveMaker with its API-first approach, prefabs, support for all major databases, and vault-like security with VeracodeTM certified code has all the qualities to broker a long-lasting partnership with the bank and the customer with agility.

Banks can expand the reuse of legacy core banking, offer services to brands as a BaaS player, or launch greenfield initiatives; with WaveMaker, the possibilities are endless.

So, this time when the user swipes right, banks can swipe right back at them!

*Watch this space for our next article on our banking software components

Team access to artifact repository, improved workflows for artifact publishing, prefabs versioning, and more

WaveMaker 10.8 brings capabilities and features that harness the power of artifacts and prefabs on the WaveMaker low-code platform--especially for teams. Prefabs are custom widgets that can be reused across projects within a team. With this release, the platform consolidates its strength on prebuilt software components by making collaboration across teams faster and easier to manage.

WaveMaker continues to enable enterprise IT teams, ISVs, and all stakeholders to co-create value faster and better with low-code.

Teams - Together and Transparent

Artifacts in Teams

Artifacts are reusable components that can be developed and maintained independently. Various components such as prefabs, project shells, template bundles, and themes come under the umbrella of artifacts on the WaveMaker low-code platform. V10.8 allows the sharing of a central repository of artifacts in teams promoting collaboration between team members.

Team members can view a list of all available artifacts providing clear visibility. Developers have complete access to the repository of available components and are free to choose the artifact version that suits their requirements best. This in turn makes activities such as documentation, maintaining change logs, and version control of artifacts a seamless process.

A new and improved flow

Artifact approval

With 10.8, developers creating and using artifacts across teams and projects can manage their workflows seamlessly. Consider a scenario where a developer publishes an artifact and waits for approval from the team admin. The admin can then review the artifact on the team portal and approve the same, making it accessible for all developers to use or reject it and send it back with changes.

Not just that, the same prefab or artifact can be versioned multiple times with each version visible to all team members. Developers can search and view available prefabs under projects, teams, or system prefabs and import specific versions into the projects.

One component, different forms

Support for specific prefab versions

Different projects can use different versions of the same prefab with a scope for upgrading. Developers can choose versions that suit their requirements with the help of changelogs and get real-time notifications of newer versions. Minor patch updates on prefabs can be published independently using branch support. Development teams can update patches and upgrades seamlessly without disrupting the existing environment and projects.

For ISVs, having access to the latest versions of artifacts is of great value. This allows for both forward and backward compatibility with respect to prefabs with minimum disruption. With every new update, WaveMaker continues to bring developers together, fostering collaboration, and helping them build powerful applications.

To know more about WaveMaker 10.8.0, please read the release notes here.

Create, publish and consume APIs effortlessly with WaveMaker low-code platform

Digital transformation is no longer a buzzword. It has become a way of life for enterprises that want to stay in business. In the current post-pandemic era, business maturity is being evaluated in terms of digital maturity. The road to digital adoption has many emerging technologies in force but working silently behind the scenes and aiding this rapid acceleration, is the unseen ‘super glue’ of all business services - Application Programming Interfaces (API). Technically, APIs have been around for two decades at different levels of operability but it is only in recent years that there has been an explosion of sorts in the usage of APIs.

The demand for multichannel experiences and the everything-on-cloud approach has accelerated the use of APIs. Whether it be composable architecture or microservices, APIs enable the kind of business collaborations that were unheard of before. The partnering of transportation services with a bank, retail shops with payment apps, and banks offering investment opportunities, loans, currency transactions, and payment services on an e-commerce platform have all been made possible by the growth of APIs. Similarly, offloading certain business tasks to ecosystem partners and liberating internal services from silos has been fueled by the synergy between APIs.

API-driven development

API-driven development is the practice of designing and building the API contract first and then developing the application around the contract. Also, known as the API-first approach, this paradigm involves the front-end developers building mocks around APIs and creating refined end-user experiences. In parallel, the back-end developers implement the underlying logic of the APIs.

Dedicated test suites are created around these APIs and, in a way, they foster the idea of test-driven development. In an API lifecycle, the API Publisher designs and deploys the API whereas the API Consumer discovers and integrates the APIs. Each of these roles has multiple functions associated with them and those functions define the characteristics of the API.

API Management with WaveMaker low-code platform

WaveMaker is an open standards-based, developer-centric low-code platform built for modern development practices. The platform enables app developers to play the role of an API Publisher and API consumer. The platform has a natively integrated component called the API Designer which is used to ease the process of designing, creating, and consuming APIs.

  • API- first approach: With WaveMaker, a REST API is generated automatically for every service that is imported. These APIs are available for consumption as well as modification through the API designer that can be used for:
  1. Exploring the various APIs generated by the platform
  2. Testing the APIs 
  3. Customizing APIs generated by Java services
  • API GeneratorWaveMaker generates standards-based REST annotations for the above services which can be consumed by API tools for generating documentation using the API generator. The design of these auto-generated REST APIs can be updated further by configuring their description, visibility, method types, and parameter types.
  • Open APIs: The platform generates core REST APIs endpoints using Swagger/Open API compliant contracts for database services, Java services, web services, custom code business logic, or even third-party imports. It also to generates UI functionality for Create, Read, Update, Delete (CRUD) operations for REST APIs which conform to Open API specifications. Integrating an existing REST endpoint with any of the 100+ UI widgets offered by WaveMaker is also straightforward without writing a single line of code. Open API helps WaveMaker apps consume other WaveMaker APIs enabling applications within an enterprise to talk to each other.
  • API Security & TestingSecurity is auto-enabled for an application that can be viewed in the API designer. API security is ensured by securing it with role-based access within the enterprise. API endpoints are also OAuth protected. Once the REST APIs are defined successfully, they can be tested with the “Test” tab. On successful testing, APIs are published along with the applications.
  • Legacy APIs: APIs are invariably REST-based but there remain big remnants of legacy SOAP-based APIs. WaveMaker automatically creates a REST API endpoint for the SOAP services that are imported into an application thus enabling the reuse and modernization of legacy technologies.

WaveMaker offers an API-driven development platform with:

developer-friendly low-code platform abstracts the complexities of API management and provides UI-based connectors to work on the endpoints without having to hand-code. WaveMaker scores high on effortless API creation and management with an API-driven approach and an in-built API designer. The platform’s inbuilt adherence to the rules of the API game and its innate ability to convert any service as an API makes the job of all stakeholders so much easier.

APIs have become an inherent part of software building. Programmableweb (API directory) had a listing of mere 54 APIs in 2005. Today there are close to 24000 APIs listed there, and this is excluding the internal enterprise-level APIs and the ones that haven’t been made discoverable yet. Fuelling this expansion are tools and platforms that help us design, manage, test, produce, and consume APIs. Rapidly, easily and securely.

Imagine your enterprise architecture, not as a collection of disparate business processes with some loosely defined interdependencies, but as a neatly fit, well composed, well maintained, synchronized set of autonomous and API-driven Packaged Business Capabilities (PBC). Each process fitting into another like a well-thought-out jigsaw puzzle. What’s more, the scope for adding more such processes is unlimited and the pieces to the puzzle are interchangeable. Such a modular architecture makes it possible for each of these PBCs to have separate life cycles of its own which can then be deployed, tested, and reused causing minimum disruption.

composable-architecture

If this visualization evokes your interest, welcome to the world of  ‘composable architecture’.

PBCs are in fact, products by themselves either built in-house or by SaaS vendors or best of breed application factories. According to Gartner, by 2023, 30% of applications will be sold as PBCs.

Why compose?

A composable approach to application development helps businesses deliver the needed solutions at the pace of modern business change. - Louis Vistola, Devops.com

CIOs are using composability to tackle disruptions - pandemics, natural disasters, market fluctuations, and changing customer needs. Composable architecture brings several benefits to the composable enterprise concept, specifically the agility and innovation to respond to changing business needs. It reduces the need to build configurability reducing complexity and thereby reducing the QA cycles. Other than the possibility of unlimited scaling, it also focuses on shortening the gap between IT and business, bringing deep personalizations based on roles, and the ability to build new business models.

Role of low-code platforms in the
journey to being composable

As organizations move towards digital transformation, the low code plus composable combination offers maximum flexibility, delivering value at greater speed. - Elizabeth Wallace, RTInsights.com

Low-code is built on the premise of visually composing applications and services with the help of built-in components. Therefore, a low-code platform like WaveMaker becomes a plausible choice for the rapid development and integration of PBCs. However, where, in the journey of building a composable architecture does a low code platform play its part?

Depending on the size and affordability of the enterprise, a low-code platform can don many hats.

  • Use it to build new PBCs
  • Democratize application development
  • Increase collaboration with IT and business users
  • Use it as a business capability development tool
  • Define new user experiences and customize your applications
  • Utilize low-code as an aggregator/ integrator of various PBCs
  • Provide a visual abstraction over complex API calls

The list is exhaustive.

A low-code development platform like WaveMaker comes with an innate plug and play approach, and can do a lot of heavy lifting for an organization looking at composability. Let’s see how.

API-driven approach: The API Designer

Application Programming Interface (API) management market size is set to
grow from USD 1.2 billion in 2018 to USD 5.1 billion by 2023

Application Programming Interfaces(APIs) are the catalysts in creating a well-composed architecture. PBCs expose their functionalities using APIs. When all processes within an enterprise are API-enabled, developers and business collaborators can access them seamlessly to suit their needs resulting in faster delivery and increased composability. All communication across enterprise applications is streamlined with the help of APIs.

WaveMaker enables an API-driven app development approach. The platform extends its capabilities beyond just publishing, wrapping, and sharing APIs within the enterprise, by also enabling partners and third-party developers to consume APIs vital to their business. Representational State Transfer(REST) APIs are autogenerated for any application that is created on the WaveMaker low-code platform. For every service that is imported on the platform whether it be database, Java, SOAP, or a third-party service, an API is auto-generated. This enables easy composability of critical services like databases and third-party functionalities into the application canvas and the larger ecosystem of applications. The platform has a feature called ‘API designer’ where all APIs available to the application can be viewed, tested, and customized.

Wavemaker is also OpenAPI Specification 2.0 (OAS) compliant and extends the functionality of OpenAPIs by integrating REST endpoints in a Web/Mobile application. Once a REST endpoint is generated, it can be easily integrated with any of the 100+ UI widgets available on the platform without the hassles of hand-coding. What’s more, applications within the enterprise can talk to each other.

All platform-generated APIs deliver enterprise-grade security, OAuth capabilities, and users are provided with fine-grained control over the usage of APIs.

Reusable software components: Prefabs

Within the WaveMaker studio, “Prefabs” are customizable, reusable, distributable, components/widgets that help in accelerating digital app development. ‘Prefabs’ are the building blocks that enable composable architecture through WaveMaker. These groups of components are gathered in the Design-Toolbox within the WaveMaker Studio. More than 100 prefabs covering a wide range of features cater to different use cases throughout the product. Every enterprise customer owns an artifact repository of components that can be as granular as a UI widget or an entire workflow such as a Loan application microapp.

Similar to an application, prefabs have their own development cycle - a prefab is developed, tested, and deployed independently. Additionally, it can be retrofitted to suit varying business scenarios and repurposed. In fusion teams, Prefabs can be created by developers and can be consumed by non-developers (business users and citizen developers) to exponentially accelerate development. WaveMaker users can just gather (drag and drop) the necessary prefabs from the enterprise repository and then compose an entirely new application with the centralized built-in module.

You can find a detailed article on prefabs here.

Microservices

“The golden rule: can you make a change to a service and deploy it by itself without changing
anything else?” - Sam Newman, Building Microservices

Microservices are known for their composability, but are microservices akin to PBCs? A PBC is composed of several microservices and in some cases, a microservice can act as a PBC providing a tangible business capability. Therefore, the ability to support microservices is a crucial tenet for a low-code application development platform that enables composable architecture.

Since REST APIs are auto-generated in WaveMaker, Microservices are inherently supported. Some of these APIs are available for further customization based on the app integration needs and as Sam Newmann says, the primary benefit of using microservices is that you can change and deploy a service with minimum disruption - An important principle when it comes to composability.

Integration of features and modules happens more often at the customer experience layer. Micro Frontends, in the microservices world, is a scalable design practice that enables users to produce composable independent modules which can serve in building a new app or progressively integrate features to an existing app. WaveMaker is the only low-code platform to support Micro Frontend modules extending rapid development benefits to Micro Frontend development. It adopts the runtime integration approach for Micro Frontends & works with the Single-spa framework.

WaveMaker also enables seamless deployment of business services into the choice of infrastructure. Enabling business services as individually versioned microservices makes the entire CI/CD process effortless leading to what we call Zero DevOps.

Low-code platforms and composable architecture share a symbiotic relationship. They have shared goals namely agility, velocity, collaboration, and the ability to build powerful applications that can be plugged into the enterprise ecosystem without disruption. Technical tools and platforms that allow enterprises to pivot and adapt rapidly are the need of the hour. Composable architecture requires the ability to utilize several modern technologies such as API enablement, reusable software components, support for REST and SOAP services, modern CI/CD technologies combined with microservices (Kubernetes), multi-cloud enablement, and data protection.

WaveMaker is an open low-code platform that delivers all these and more.

Enabling composable architecture with custom-built software components

In WaveMaker, ‘Prefabs’ are customizable widgets that enable composable architecture. They are reusable, distributable, and independently testable micro applications that can be dragged and dropped into any WaveMaker project. They cover a wide landscape of operations and are present in the enterprise repository of every customer. As of now, the WaveMaker studio contains more than 100 different prefabs ready to be plugged into any application canvas of choice.

Prefabs can be rendered for diversely different business scenarios and can be reused by multiple teams within an enterprise. They can emulate commonly used components like ‘Location Indicator’ or can even abstract independent business workflows like ‘Account Management. Prefabs are ideal for blended teams consisting of business users and IT developers within the enterprise

Composable architecture through prefabs

Composable architecture is the ability to create applications with prebuilt software components. It is akin to creating a Lego model. Similar to the model, software components interlock with each other to create a larger artifact – the application. Just like a model, a singular component can be removed, repurposed, or fit elsewhere to suit the changing needs. What’s more, new blocks(read components) can be added to the model to make it larger and stronger. Prefabs are the Lego ‘building blocks’ of the WaveMaker platform. These components could be as fine-grained as a ‘list box’ or as macro as an entire workflow. What’s important is that these various components can be easily placed into the application canvas with seamless synchronization. Simply put, the components can talk to the application. Prefabs are not just abstractions in UI format, they are also components with characteristics and behavior. One that can be easily integrated with the help of exposed methods and events. This plug-and-play model of orchestration is made possible by their respective REST APIs. During application deployment, WaveMaker resolves all prefab dependencies and deploys the app as one single component onto a Docker container. As the application expands, further prefabs can be added to the canvas ensuring scalability and flexibility.

Easy API consumption

Prefabs can be effectively used to talk to complex API calls. This can be done by abstracting these calls with a UI layer in the form of a prefab. A business user then can simply drag and drop the prefab into their WaveMaker project and set custom properties to suit their application. Their behavior is invoked by the associated events or method calls. From OAuth APIs to third-party widgets, prefabs come to the rescue by encapsulating the complexity in a UI shell.

Prefab repositories

Developers can create custom component repositories solely for use in a single application (application repository). Additionally, an enterprise can create a custom prefabs repository, one that contains software components customized to their brand. Independent contributors can even publish prefabs to the general repository of the platform that can be reused across enterprises.

Third-party Widgets

Third-party widgets can be repurposed as prefabs on the WaveMaker platform. This can be done easily by just importing the widget-specific files to the platform and then abstracting it with a UI element to create a completely new component. They can further leverage the extended features of the external widgets to customize it even further. Popular prefabs like YouTube, GoogleMaps, Docusign, and QRCode ship with WaveMaker. Additionally, OAuth services for Facebook, LinkedIn, Instagram are rendered through prefabs on the WaveMaker platform. A similar repository for WaveMaker Online is currently being developed.

A multitude of benefits follows the usage of prefabs. Reusability, encapsulation of functionality, scalability, speed of composition, building blocks of composable architecture, and consistent quality are some of the given advantages. WaveMaker customers, especially ISVs and core software builders use prefabs for easy customization and faster implementations.

In the banking & financial software world, prefabs can be domain-specific and an extremely crucial asset to deliver differentiated brand experiences to banking customers. For instance, general workflows such as loan repayment, account management, transaction management, and user management can be developed as prefabs in the enterprise repository which can then be retrofitted into custom banking solutions.

At WaveMaker, we understand the dynamics of the market in terms of the need for speed and differentiated brand experiences. Prefabs enable composable architecture, faster go-to-market, and hyper customization to empower core software builders developing modern applications and platforms.

You can find a detailed guide to prefabs here.

By Mayur Shah, Senior Director – Product Management, WaveMaker

The low-code market is seeing meteoric rise across the world, as companies try to keep up with digitization demands and shrinking IT budgets. Even as we witness increasing low-code adoption among professional as well as citizen developers, an intriguing question comes to mind – What lies ahead for low-code, and could it ever become a mainstream approach for modern development teams?

The answer may well be an open source, low-code platform that offers high productivity, while supporting seamless integration with the overall fabric of modern software development practices within an enterprise.

It’s feasible to assume that low-code will evolve to become open low-code, resulting in greater innovation and agility.

To further understand what this means, let’s dive deeper. What are open systems?

According to Wikipedia, open systems are computer systems that provide some combination of interoperability, portability and open software standards.

Over the years, the software industry has seen great benefits from designing, implementing and consuming open systems. TCP/IP protocol standards, UNIX systems, Web browsers, REST APIs – all of these are shining examples of open standards that went on to become highly successful and widely adopted. By remaining open, they enabled higher interoperability, streamlined development and fostered rapid innovation.

Low-code is now at a critical stage in its adoption curve. For the last few years, we have seen citizen developers successfully execute shadow IT with low-code and churn out applications at a breathtaking pace. Today, low-code platforms are hardened for enterprise use, are programmed to understand the scalability and security needs of a complex application and have integration capabilities mature enough to seamlessly fit in with existing tools and technologies. As a result, we are now seeing greater adoption of low-code within the professional development community, covering a diverse set of use cases from simple dashboards to complex applications. The natural next evolution of low-code is that it becomes mainstream within enterprise IT, and is used to build mission-critical applications and systems. So, how does this next phase play out for application development?

The Case For an Open Low-Code Platform

The approaches and techniques of modern software development teams has changed dramatically to meet the demands of modern, software-enabled business. Developer velocity and organizational agility have become key benchmarks for high performing software development teams, as those metrics have a direct correlation with software excellence and superior business performance. According to a research report by McKinsey, teams that belong to the top quartile with regards to developer velocity score have 60% higher total shareholder returns and 20% higher operating margins. Such teams can experiment faster and release code to production without delays.

As application teams continue to embrace low-code for mainstream development, it is vital that low-code platforms support developers so they are encouraged to employ modern application development and delivery best practices. Low-code should introduce minimal disruptions to a developer’s working practices and workflow. Also, it is important that low-code can integrate seamlessly with the fabric of the overall enterprise application architecture. This can happen if a low-code-platform is open standards-based and flexible so that the rest of the enterprise application infrastructure can coexist with it.

What Makes a Low-Code Platform Open?

Developer-Centric Features

Developers like control, flexibility and a unified experience. They find comfort in sticking to their preferred languages, tools and application development and delivery workflows. A low-code platform that offers productivity with equal flexibility, with a focus on building robust enterprise architecture, is bound to be the future of application development. Platforms should focus on providing a unified developer experience across concept, design, integration, development and deployment stages of the app life cycle, employing a technology stack that is modern, best-of-breed and cloud-native. It’s equally important to provide a way for developers to easily bring any external innovations into the low-code platform.

Visualization, Customization and Ownership

Many low-code platforms do not generate 100% of an application’s code. Also, most of the code generated by proprietary platforms is also proprietary, and quite often remains hidden and not easily accessible or extensible. A platform that generates open standards-based, real code is a great asset, especially for professional developers building complex applications that require extensive customization and deep integration with enterprise tooling (security, testing, debugging, integration etc.). The code generated should be based on developer-friendly, best-of-breed application stacks and standard design patterns. This way, application teams will have complete familiarity with and understanding of the code. Enabling full export of the code allows teams to own the code created by the platform.

Flexible Application Architecture

The application architecture should be loosely coupled, supporting microservices and micro front ends that can be independently built, deployed and scaled. This way, architecture can support cloud-native application development easily. Also, all other aspects of the application life cycle should allow for plug-and-play capability. This includes, but is not limited to, plugging in custom UI components (widgets, templates), custom security providers, custom back end code, logging frameworks, event driven systems, etc. A plug-and-play model ensures that development teams can integrate custom providers that are fine-tuned for the enterprise.

Modern Development Best Practices

Modern application development practices have evolved to allow teams to experiment faster and release code to production at a never-seen-before pace. Optimizations in performance and scalability have resulted in applications that can support millions of end users. As developers warm up to low-code, the platforms should align with and implement all modern development practices while building applications. The idea is to minimize friction in a developer’s journey towards low-code, so that they continue to leverage the same design principles, application tooling and enterprise integrations as they do in the complex programming world.

Infrastructure-as-Code (IaC)

Developers need a way to continuously deploy software so there is always a version of the application ready for production. Low-code platforms should support an IaC option, so code generated is always deployable seamlessly on the developer’s infrastructure of choice. Platform should integrate to build, test and release systems (version control systems, CI/CD, artifact repos, container image repos, Kubernetes clusters and public or private cloud instances, for example). This way, artifacts built by low-code are continuously integrated and deployed to the enterprise’s operational systems.

Low-code is at an inflection point within enterprises, as it becomes the platform of choice for digital transformation and application modernization. This is the opportunity for low-code platforms to become a key ingredient of an enterprise application architecture. An open low-code approach will allow application development teams to benefit from the underlying best practices prevalent within the organization.

Low-code is not merely a productivity tool; it has the potential to be a technological and cultural catalyst that drives enterprise innovation and business agility.

Originally published in DevOps.com