Flutter vs React Native: Choose the best cross-platform framework for your learning app

How to ensure your app runs across multiple platforms with the least effort?

The global online e-learning space received its biggest trigger in 2020, with the pandemic forcing closures of schools and colleges worldwide. The already buoyant market is forecasted to grow even further to a massive $374 billion by 2026, averaging a compounded growth rate of 14.6%.

If you are building an education or learning app, you probably want to know your development framework options. This article attempts to capture the essence of what stands out for each prospect, especially in developing a learning or educational app.

Flutter vs React Native: Mindshare

When it comes to cross-platform development frameworks, Flutter with 42% and React Native with 38% together controlled about 80% developer mindshare in 2021. This is as per the data drawn from the JetBrains Statista 2021 study with 31.7k developers surveyed worldwide. Essentially this means that you are in good hands between these two frameworks from a development stack perspective.

Build engaging and responsive cross-platform apps with the best suitable framework. Let’s talk

Impressive Deployed base

React Native wins hands down when it comes to popular consumer apps with a large volume user base: For example, Pinterest with over 250 million MAUs (monthly active users) and with 82% mobile users, FB Ads with over 5.4 million advertisers and 18 billion ad variations market to over 1 billion users, Instagram with over 500 mil daily active users (DAUs) and with 1 billion searches per day, are all built using React Native.

Examples of popular applications built using Flutter are Google Ads, the world’s most busy e-com marketplace – Xianyu by Alibaba, PostMuse (Instagram photo editor), Groupon (discount coupon and group deals marketplace), and eBay Motors. These apps also have significant scale, seamlessly work across platforms, and provide a superior user experience.


Flutter is an open-source UI SDK (software development kit) from stables of Google (2017) that helps develop cross-platform apps for Android, iOS, Linux, Mac, Windows, Google Fuchsia, and Web platform. The first version was code-named SKY and ran on Android. By September 2021, Dart SDK and Flutter version 2.5 were released. The update was targeted at improving Android, iOS full-screen mode, and other enhancements.

React Native is an open-source UI software framework created by Meta Platforms, Inc. (formerly Facebook) in 2013 and is used to develop applications for Android, iOS, macOS, Web, and Windows.

How Flutter Works

Flutter components: Flutter consists of the following parts briefly summarized here with their core functions.
Dart Platform Flutter runs in Dart VM with a JIT (Just in Time engine allowing stateful hot reload while the app is running, thus avoiding a restart or loss of state.

Flutter engine: C++ code is a portable runtime software for hosting Flutter applications and implements Flutter core libraries, file, and network I/O, plugin architecture.

Foundation Library: written in Dart, provides basic classes and functions used to construct Flutter apps and design specific widgets of 3 types: stateful, stateless, and inherited widgets. These are widely used for most Flutter applications.

How React Native Works

React Native runs in a background process, interprets Java Script directly on the end-device, and communicates with the native platform via serialized data over an asynchronous or batched bridge.

Syntax of React Native is like CSS, but it does not use HTML or CSS. The messages from JS threads are used to manipulate native views instead. React Native allows developers to write native code in Java, Kotlin for Android, Objective -C for iOS, C++, or C# for Win 10, making it even more flexible.

You may also like: Flutter vs Xamarin: Choose the best cross-platform framework for your project in 2022

Ease of Start

Kickstarting Flutter development is simple. All you need to do is download the file for the OS you need, and you are ready to go with all documentation built into the official site.

React Native is also easy to use. Since the framework uses the UI library developed by Facebook, code creation is further simplified.

Learning Apps throw unique challenges based on specific use cases: a substantial volume of simultaneous users for test prep, online class streaming lessons, or gamified lessons with animations.

Both React Native and Flutter have several examples of holding forth in such challenging environments.

Cross-platform framework capabilities

Flutter: A single code base allows programmers to quickly adapt to a new platform avoiding detailed system study and planning, saving time and energy.

Flutter comes with high-performance widget ergonomics allowing low data exchange between the app and mobile platform. It also comes with the ability to compile into native code for Android and iOS.

A React Native project contains an iOS directory and an Android directory. These directories act as entry points into each platform. They include the code specific to each platform, and this is where the JS code is bridged for each platform.

Code Reuse

Flutter’s components are all in-built, allowing cross-platform development from the get-go. Apps on Flutter are widget-based with customization allowing native-app look and feel. Code reusability in Flutter is about 80%.
With React Native, there are reports of large chunks of code base reuse – in many cases up to 80-85%.

Development Ease

Hot reload is a term used to describe a framework’s ability to insert code changes live on a running app without bringing it down and restarting. It is a powerful feature as it completely avoids restart and saves time in educational/learning environments.

React Native also supports the ‘Hot Reload’ feature allowing users to see code changes without compilation.

Developer Support

Google’s strong global support makes the developer community comfortable taking the plunge into Flutter.
Facebook has an enviable record of some of the largest software talent pools to support you on your development journey. On this front, too, there is not much difference between the two approaches, and either way, you will safely reach your goal.

End-user Experience

The amazing thing about React Native apps is that they render an on-par experience to Native apps. Whether the context is text-heavy or fast transactions with rapid-load requirements, React Native has delivered at scale. This is what you see on Instagram and Pinterest with hundreds of millions of simultaneous users.

However, some users believe that React Native adds unnecessary complexity and is not best suited for CPU-intensive applications, typically leading to performance issues or degraded end-user experience.

Flutter or React Native?

Both Flutter and React Native are powerful platforms running large-scale businesses with widely available global developer support. The key parameters that will determine the choice of the platform are app requirements, use cases, user experience, and budget. Sage wisdom recommends – bringing in the experts.

Work with a suitably talented, experienced partner who can take a consultative position and advise you based on the need.

Build your cross-platform app with Trigent

That partner could be Trigent: a software development partner who can bring in expert opinion on multiple frameworks such as Xamarin, Flutter, Angular UI, JQuery, Appium, Cordova, and React Native and deliver to your exact requirements.

Looking for an expert assessment? Call us for a quick consultation

Five popular databases for mobile apps in 2022 – Choose the right one for your application

Today, mobile apps are the face of any service or business online. One of the biggest challenges for a mobile app developer is to choose the right database to support the app.

The app can require a database for multiple reasons such as, to store the following information

  • user authentication information, 
  • transactions carried out by a user, 
  • listing and updating inventory,
  • offline state when out of network

The database for an app is selected based on the purpose of building the app. This blog aims to aid the app developer in choosing the correct database based on some specific criteria. In doing so, we have listed five popular databases for mobile apps in 2022, with their benefits and limitations to help an app developer make an informed decision.

Choosing the right database for your mobile application

Here are some of the vital pointers to look out for while selecting a mobile database 

Need for using the local store of the device

  • If the app does not have a server requirement
  • If the app needs to function everywhere, even when the network is off
  • If the app is a part of a distributed landscape and needs to store data pertaining to itself
  • If the load is to be shared with the app’s local store and a central database

Cross-platform support

  • If the app has to be built across ios or android or all platforms
  • If the app is hybrid

Data Model

  • A relational database would be the right choice if the schema is well defined and requires consistency, more writes and complex querying.
  • For a continuously evolving app, a NoSQL database makes sense.

Synchronization support

If the application needs to sync with peers or a central database, it is best to go with a database that provides a sync feature such as Realm or Couchbase Lite.

Type of database

One would need to go in for a structured RDBMS or an unstructured NoSQL database based on many factors. These factors are:

Schema evolution – A startup or, broadly, an internet company requires quicker Agile cycles of product changes and, therefore, a flexible data schema. Choosing an RDBMS would mean expensive Alter statements and time-consuming data migration. It would need a full-time DBA, whereas a NoSQL database is built for this kind of flexibility.

Fixed data structure – An RDBMS would make sense over a NoSQL. If the app requires a large volume of data reads instead of writes, a NoSQL could be considered. 

Storing large volumes of data – Again, a NoSQL database comes with sharding facilities out of the box. Large data storage can be achieved manually with RDBMS, but they are classically built for vertical scalability.

Transactions – While a few NoSQL databases ensure consistency, the more extensive set provides availability over real-time consistency. This is where an RDBMS works best. 

Analytics – RDBMS works best for complex analytical queries.

Caching – A good datastore for managing user sessions would be a key value of the NoSQL database.

Social network operations  – A graph-based NoSQL database would work best.

Cost – Legacy RDBMS requires expensive hardware and annual licenses. Cloud-based databases could run up a bill based on the kind of querying or updates required.

SAAS-based app – Ideally, the database would be on the cloud. Banking apps require high security and, therefore, might be on-premise.

App or platform’s technology–  Choice of the database can also be governed by the type of technology used. Mongo is popularly used with NodeJS, Postgresql with Python, and Mysql with Java. It is not a deciding factor but based on the skill pool. 

Have questions on which database would suit your application the best? Talk to us now!

Here are five popular databases available in the market today to choose from for mobile app development –


SQLite is a lightweight SQL database engine following the principles of RDBMS. It is built into every mobile device.


  1. Lightweight –  As is needed in a mobile device.
  2. Cost – Free and zero configuration.
  3. Performance – Very fast when compared to writing the file system
  4. Reliable – It updates content continuously so that data is not lost due to power failure.
  5. Platform support – It provides cross-platform support like iOS, Android, Windows, and Mac.


  1. Not scalable and not suitable for large data storage.
  2. It does not support concurrent transactions
  3. Lacks built-in data security features
  4. It’s not a full-fledged RDBMS like MYSQL lacking fine-grained access control, support for joins, a GUI for ease of use.


Realm is an open-source object database for the mobile app by Mongo. It runs on the client device and is available for both native and cross framework apps.


  1. Object-oriented data model and therefore easy for developers to understand and work with
  2. Realm is offline first. Data is read and written to the device. If server-side sync is required, then Realm sync can be enabled. This synchronizes data with the Mongo realm using a background thread on the server-side.
  3. Realm enables fast querying with its lazy loading and a zero-copy architecture. All Realm objects are live objects that reflect the most current data and can be subscribed to for changes. 
  4. Realm Triggers automatically execute a function at a scheduled time or when an event occurs, such as a change to a database or a call to an HTTP endpoint. 
  5. Data can be encrypted in-flight and at rest, keeping even the most sensitive data secure. Realm has built-in user management that can be integrated with third-party authentication providers such as Google and Facebook. Rules can be defined for controlling data access.
  6. Realm is open source. It is distributed under the Apache 2.0 license and backed by MongoDB.
  7. It is cross-platform and can be used with Swift, Objective-C, Java, Kotlin, C#, and JavaScript.


  1. Realm affects the apk size.
  2. Realm requires a schema to model the data and relationships. Therefore migrating to Realm DB comes at a cost. 
  3. Realm objects can be modified only within a transaction, making it cumbersome and requiring disciplined use of the database. 
  4. Auto-increment of primary keys does not come out of the box. It has to be taken care of programmatically.
  5. Closing Realm connection after use should be followed strictly to prevent memory leaks as the garbage collector does not know how to work with Realm objects.
  6. Realm Sync does not currently support sharded MongoDB Atlas clusters. However, a sharded cluster can be accessed as data sources through functions and MongoDB Data Access.
  7. Syncing to Mongo at the back-end comes at a cost.

Couchbase Lite

Couchbase Lite is another NoSQL-based mobile database for the offline-first experience. 


  1. Couchbase mobile supports both native and cross-platform frameworks
  2. Couchbase provides an end to end data management solution referred to as Couchbase Mobile with –
    1. Couchbase Lite as the embedded store for the app, 
    2. Sync gateway synchronizes data over the web using constructs such as REST APIs, batch updates, events.
    3. Couchbase Server, which can serve as the full-fledged central back-end store
  3. Data security is provided across the entire stack, including user authentication, role-based access, and data encryption at rest and in motion.
  4. Data can be stored as JSON documents or blobs. Therefore storing multimedia, IoT, or regular data of applications can be stored easily. 
  5. Since Couchbase Mobile allows JSON documents, it is schemaless, and therefore migration comes at zero cost.
  6. It is lightweight, between 1-5MB


  1. Arbitrary querying is not possible. It has to be done only through views which are indexes internally and therefore extremely fast. But views don’t work well with complex queries that might require more than one view to resolve.
  2. CouchDB does not work well with full-text searches.
  3. Doesn’t have an out-of-the-box object mapper. This needs to be coded in by the developer.
  4. Couchbase is shipped with a small instance of Memcache to handle the in-memory cache, which hogs memory for many documents and degrades performance.
  5. Enterprise support is expensive.

Cloud Firestore

Cloud Firestore is a NoSQL database provided by Google as a part of its mobile application development platform, Firebase. While the data storage is online-first, it does support offline data persistence. This feature, when enabled, caches a copy of the data to write/read when the device is offline. It syncs back to the server when the device is back on the network. The benefit of choosing Firestore is that it’s a part of Firebase, which provides a host of services to enable the app developer to use ready-made features such as user authentication to analytics with minimal customization and no servers to manage.


  1. Data is stored in the form of documents that can be queried easily
  2. Provides automatic sync of data between devices offline data storage and notifies the app on data changes.
  3. Firestore provides strong authentication and authorization based on user identification and other criteria. It also integrates with Firebase authentication, which supports user/password and third-party authentication integration such as Google, Twitter, and Facebook.
  4. Very high performance.
  5. Backed by Google’s cloud infrastructure, Firestore scales easily.
  6. It provides excellent cross-platform support.


  1. It can become expensive.
  2. Complex queries and full text-based search are not handled well in most NoSQL databases.
  3. Offline query performance is slow.
  4. Document size is limited to 1 MB
  5. Writes are expensive and limited to 1 write/second. It works best for read-intensive apps.

Oracle Berkeley DB

Oracle Berkeley DB is an open-source embeddable database allowing developers the choice of SQL, Key/Value, XML/XQuery, or Java Object storage for their data model. It is available in three versions -Berkeley DB, Berkeley DB Java Edition, and Berkeley DB XML


  1. Provides a choice of schema between NoSQL and RDBMS
  2. Berkley DB provides a SQL API that is fully compatible with SQLite. This gives the developer an option to migrate to Berkeley or use SQLite under the hood.
  3. Provides cross-platform support
  4. Rich querying, indexing, and transactional support provide a tremendous full-text search for the SQL implementation.


  1. Heavier footprint compared to the NoSQL option.
  2. It allows an open-source license as long as the developer’s code is freely redistributable. Otherwise, one has to go for the commercial license.
  3. Support under an open-source license is not great.

Ultimately, selecting an ideal database for your mobile application depends on its requirements and feasibility for the application. 

Build your mobile app with Trigent 

With decades of experience and highly skilled experts, our end-to-end mobile app development services are designed to ideate, build, update, deploy and maintain your mobile applications with ease.

Leverage the best skills to build responsive cross-platform & native mobile apps. Book a consultation now!

Will Dart and Flutter Lead the List of Mobile App Development Frameworks?

Dart, as we know, is an open-source, object-oriented, general-purpose programming language developed by Google in 2011. It uses a `C’ style syntax and optionally trans-compiles it into JavaScript. While it is frequently used from client-side and server-side web development it is also used actively for mobile app development – both native and cross-platform. As per the TIOBE 2019 ranking – the de-facto standard for gauging the popularity of programming languages, Dart is in the 26th position, halfway through the listing of the top 50 preferred languages. Delphi and R, are however in the 15th and 16th position, which essentially means that they continue to remain popular programming options.

Dart’s entry timing might have been wrong, and its position amongst giants, makes it seem a negligible option. This could be the reason for its infamous ranking in Codementor in 2018. Codementor, listed Dart back then as the number one not to be learned the language. This period in its evolution was also not very encouraging if you see the lackluster demand in the job market for programmers with Dart skills. This, in spite of the fact, that Dart offers programmers ease of use and is naturally lightweight. With these two classical features, it should have been a programmer’s best friend, but in the competitive world of languages, Dart’s better features were ignored. That is until recently! Now, what could be the clincher for Dart is Google’s recent Cross-Platform mobile development Framework, Flutter completely supports Dart. This is definitely changing Dart’s fortune for the better. Flutter is popular and Dart is back on track.

Flutter – Understanding the mobile app development frameworks

Towards the end of last year, Google’s new cross-platform mobile app framework Flutter released its first version. Though initially it was intended for mobile app development, now they are making it as a multi platform framework. Let’s take a closer look at what Flutter is doing for app development today.

Flutter is an open-source, cross-platform mobile app development framework. It currently supports iOS and Android development, with potential for other platforms including web and desktop support. Flutter sets itself apart from competition like React Native and Xamarin through consistency across platforms.

A Flutter app made using Material Design will look exactly the same on iOS as it does on Android. Additionally, Flutter is powered by Google’s Dart programming language, which should feel familiar to developers of various backgrounds.

Flutter first entered the programming world as `Sky’ and it ran on the Android operating system. Now Flutter completely supports Dart platform and uses its advanced features. On Android, iOS, Linux and Windows, Flutter apps use just-in-time and ahead-of-time compilations. Special feature of it is `hot reloads’, i.e. make modifications to running apps. This feature sets Flutter apart from the crowd.

Flutter support’s Google’s Skia graphics library, opening the world to its core world of animation and graphics.

Flutter – a game changer for Dart

Forbes.com’s Todd Fabacher, Experienced Chief Executive Officer, with an extensive history of working in the computer software industry for over 25+ years, says that he is constantly asked a fundamental question by companies, “What development language should I choose, and what tech is coming around the next corner?”

His answer is Flutter and Fuchsia. He also says that these two words will dominate all programming discussions in 2019.

Flutter is footloose and free and ideal for young, cash strapped developers. `Download it and start’ is the mantra.

Fuchisa is Google’s take on Android and is an operating system of the future. But then aren’t there enough operating systems? Why bother to create a new one? According to Todd, the answer to this question is three simple letters: IoT. It’s all those hundreds of millions of devices that are starting to be embedded in our everyday lives: Amazon’s Alexa, self-driving cars from Tesla, intelligent temperature control devices and even smart locks for our homes. Fuchsia might make is home in the billions of IoT devices in the next few years, and its secret will be Flutter. Flutter makes the development look easy, and it is built for the future.

The three forces, Dart, Fuchsia and Flutter are gearing up to take on the world of hybrid and cross-platform mobile application development and in a few years, they will be most programmers best friends.

Mobility for workforce and customer engagement

We, at Trigent, have crafted and implemented comprehensive mobility solutions for large enterprises and SMBs. We can extend this capability to design, develop, and provide mobility solutions to empower you with seamless ecosystems that transcend distances, devices, and distribution models. To know more about our mobility offerings, click here.

Not just the Vendor, Choose the Right Development Team for Your Product!

Presale discussions with prospective customers can be very interesting!

Initial discussions would focus on one of their products to be built or supported. But, when the prospect realizes that he/she is talking to a solution architect, who is technically sound, and a good problem solver, the discussions would take a detour. It will focus on their issues with other products and we end up winning an entirely different project from them!

To explain further, most of the times, the discussions would focus on the issues related to their existing vendor. They will complain about their current vendor and how their product has suffered because of the poor management by the vendor.

In several such cases, when we delve further, we find that most of the companies have done their best to find a suitable vendor. However, after identifying a good vendor, they have trustingly handed over their product development work to them. They do not find out about the actual developers or conduct background checks on the developers who will be working on their projects. Big mistake I would say!

Build highly scalable, elastic, cloud-native software products

Let me share two recent, interesting presale calls:

First Presale Call:

This was with a prospective customer to discuss some clarifications for their new product RFP (Request For Proposal). However, a few minutes into the call, the discussion took a different direction. The prospect started explaining the issues related to their current website. He was worried about the fact that their website had been hacked three times in a span of four months!

Every time it was hacked, their vendor who had developed their website made few changes, charged them for the work and assured them that the website is safe. But, once again the site would be hacked and down for a few days. He was completely frustrated with the way it is going and was avoiding meeting the senior management as he did not know how to solve the problem.

The night before the call with us, the site had been hacked yet again and their hosting provider had suspended their account. They had written to him saying that unless the issue was rectified, they would keep the account in a suspended state as the hacker was inducing lot of traffic to the hosting provider.

I was curious and felt that the hacker must be very intelligent and the site must have a really complex loophole. I asked him to give us a chance to check this issue.

Since the site had already been hacked three times and this was the fourth time, I personally got involved, even though my team could have handled it. I found that the site was built using Drupal, PHP. When we dug deeper, we noticed that there was a PHP page which triggers an email based on the email id provided by users. That page was being called from another page where there was a ‘Captcha’. When checked, their PHP page was actually getting Captcha image along with the Captcha text from the server and then validating the user input with Captcha text in their Java Script i.e. on the client side! After validation, their Java Script was calling another PHP page with the email id provided, which is triggering an email.

No wonder the hacker easily got hold of the PHP page which was responsible for triggering the emails. It appeared as though some junior programmer must have coded this way as no experienced programmer can actually do the Captcha validation work on client side. Unfortunately, no one had checked the code again even after repetitive hacks!

Our team took care of it easily by moving that validation logic to server side. We also ran a security check on the whole website and then fixed a few other minor issues. After that fix, it is been three and half months and no news about their website going down!

Second Presale Call

In this presale call with a HR advising company, when I mentioned about using cloud for their new product, the suggestion shocked them. The client mentioned that they were already paying a huge amount for maintaining their current cloud infrastructure for one product. They did not want to go with cloud for any of their other products because of this cost. After checking we found that they were using a private cloud for hosting their web portal and database servers. There were just three medium level servers and they were paying US$8000 per month to the private cloud service provider.

As a leading healthcare company, they needed measures to be compliant with standards such as HIPAA, HITECH and so forth. Their current vendor had suggested the private cloud vendor and they had gone with the suggestion. After understanding their security requirements, we moved their current product to Microsoft Azure without compromising any of their security requirements. Now they pay just USD 720 per month. Huge savings. Isn’t it?

In both the cases, the vendors with whom they were working were very good. Customer had spent a lot of time and effort in selecting the right vendor. But after selecting the vendor, they had handed over their product development work to them.

To me it appeared that the problem was with the development team and not with the vendor.

In the first case, the development work was executed probably by someone who did not know how Captcha is meant to work. This could be how their web site became a prey to the hacker.

In the second case, after hearing security requirements, the development team/architect had suggested a private cloud (due to its popularity in security) maybe without considering other options.

Best Practices for Outsourcing Development Work

  • Generally, when companies outsource their product development work, they select a good vendor and will not bother to check the development team that works on their respective products. It is a fact that vendor companies place good technical people during presale calls. However, actual development could be taken care of by a different set of people. It is, therefore, a good practice for companies to insist that their vendors place the same set of technical people who speak to them during presale calls to work on their product development.
  • Companies should insist on being introduced to the development team (at least the leads/architects) and check their expertise on required technologies.
  • Also it would be great to get their profiles checked on social media sites like LinkedIn, and technical forums etc.
  • It is good to have a dialogue with them and make sure that they are fit the requirement. If you cannot understand the technology, get a consultant to do this work for you.
  • More importantly, stay constantly in touch with the development team to make sure that the same set of people are working on the product.
  • Also, if you have a requirement for cloud infrastructure services and if you are going to a vendor who has partnered with Microsoft, they will try to convince you to go with Azure cloud. It can be the same case with AWS or GCP, Armor and so forth. It is better to find a vendor and development team that knows all the technologies and recommends a suitable platform or the technology for your product.


For product companies, the product is like a baby. When something happens to a baby, we need to search for a pediatrician and not a general physician. It is important to evaluate the pediatrician. I am sure that no one will want to get their baby diagnosed by an intern even if the intern is working in a large hospital. Also, once that pediatrician is taking care of the child, it still needs the presence and the care of its parents.

Similarly, it is important to take care of your product by choosing a good vendor along with a good development team. After all, the product is your own baby and you are more responsible for its welfare than anyone else in the world, right?

So, How Secure is Your Mobile App ?

It’s no surprise, today, we hardly find a business without mobile presence. No longer can businesses afford to become mobile agnostic. Mobility has made deep inroads from enterprise corridors to our daily lives.

Right now, somebody is hacking..

Right now, while I am writing this, there are thousands of online transactions taking place on mobile apps across the globe and at the same time, thousands of companies devising their mobility roadmap.

On the darker side, there are millions of hackers busy in hacking!  But on the opposite side, mobile security teams and companies are working their way out to do their best to tackle the situations!

Each day, the number of mobile apps are rising in biblical proportion across App stores.  But as the number of these apps rise, so are the numbers of hackers and a new story to back the latest hack.  Mobile App development is a fast paced process and the time to market an app should be very quick. A little late entry can make way for the competitors to capture the market quickly. At such fast paced competitive dynamics, developers and companies spend a lot of time in finalizing the Functionality, User Interface (UI), User eXperience (UX), Business logic, Performance, QA etc. At the same time, most of the people neglect security aspects of their mobile applications as most of the time the focus is on rolling out their app to the market in a shortest time possible.

When an app is released in the app store without due consideration to security, the results can be catastrophic.

We have recently published an article on our site that talks about all these security aspects. Here are some of the talking points:

  • Security aspects of mobile apps
  • Impact of not giving much importance to security and
  • Few minimal set of security measures to be taken while developing a mobile app.

How Secure is Your Mobile App?

We are also in the process of publishing a whitepaper on ‘Security in Mobile Applications’, which is an exhaustive paper covering all the security aspects related to mobile applications. You can expect that in next few weeks. Keep watching this space for the same!

Do you want to share something on this topic ? Please do not hesitate to share your views and comments to vijendra_h@trigent.com

Is your application architecture effectively making use of cloud?

I have seen a lot of application products (web products or mobile apps) claiming that they are based on cloud architecture. But, when we dig more into the architecture, we can see that the products are just hosted on cloud server and sometimes utilizing cloud storage (file, DB etc.).

Let’s debunk the myth first!

Lot of IT folks are under the impression that if their application is hosted on cloud servers, then their solution can be called as cloud based architecture. Is it so? Can we call it as a cloud based architecture? I leave this question to be answered by readers after reading this blog post.

Only if an application makes use of the following four principles, can we call it as a cloud based architecture.

  1. Elasticity
  2. Pay-By-Use
  3. Self Service
  4. Programmatically

So, how is the web hosting different from cloud computing? Following table lists the differences.

Attribute Cloud Computing Web Hosting
Elasticity Yes No
Pay-By-Use Yes No
Self Service Yes Partial
Programmatically Yes No

If an application satisfies the above four principles, technically it can be said that it is based on cloud architecture. But is that enough? The answer is ‘No’.

So, what does it take to make effective use of Cloud?

There are many other things to do if we want our application architecture effectively make use of cloud and thus minimize the load on web server, minimize the utilization of different resources and ultimately reduce operating cost.

Let us take a simple example of how file transfer can happen in any web based product or mobile app. Following diagram shows a typical way of sending files from end user machine/device to cloud storage. I have seen this happening in many of the customer products.

This can be called as a traditional way and following are the steps in this process.

  • The end user initiates the process of uploading a file to server using web page or mobile app.
  • The file will get uploaded to web server and sits in the web server’s local file storage. Usually it will be server’s local hard disk or some network file storage.
  • Once web server ensures that the file upload is done by end user, it will indicate the backend service (can be a regular windows service or cloud service or a daemon process) to initiate the file transfer from its local file storage to cloud storage (can be Amazon’s S3 or Microsoft’s Azure). This would be usually asynchronous process. The indication to backend service can be direct way or by just updating DB records so that the backend service which keeps on polling DB will get to trigger with that change.

If the file gets bigger in size, the uploading process from end user’s machine/device to web server as well as the transfer from webserver file storage to cloud storage will take more time.

When too many users try to upload files to servers, more web servers have to be deployed (using auto-scaling feature or manual) to balance the load on web server.

Gosh. What a wastage of CPU time, resources and also the cost!  Also the end user will not get a clear picture about when the file will be available for his/her use from cloud storage(of course through web server or mobile app) as the backend service works asynchronously.

How Cloud Helps?

Let us see how the time and resources can be minimized when the application architecture effectively make use of cloud!

In this architecture, we’ll make use of cloud storage provided functionality called ‘Shared Access Signature‘. Also we will effectively make use of unlimited bandwidth (Unlike auto scaling, this is unlimited) of cloud storages. Here cloud storage can be

  • Amazon S3 or
  • Azure Blob

Both these cloud providers offer ‘Shared Access Signature’ feature. This concept allows any file/directory stored in cloud storage to be shared with anyone with read only/write/full access for a limited time. We can make use of this feature to make the end user directly upload file(programmatically) from his/her machine/device to cloud storage.

Let us see the steps about how file gets uploaded directly to cloud storage without any backend service or the webserver’s local storage usage.

  1. End user will initiate the upload file functionality on the webserver provided page or using mobile app.
  2. Webserver creates some temporary place on cloud storage (Blob or S3) and generates write access signature which is valid for some short time (say 60 minutes-this can change depending on the need).
  3. Webserver passes access signature to client browser or mobile app. Note that it is just a signature and not any credentials related to cloud.
  4. Client browser will use that signature and uploads the file directly to cloud storage.
  5. Once the file upload process completes, browser or mobile app will indicate that to webserver.
  6. Webserver will take care of moving the file to appropriate location within the cloud storage (cloud storage will take negligible amount of time to move a file from one place to another within it). Also takes care of removing shared access opened on the file.

Note that

  • There is no backend process involved in this flow at all
  • No usage of web server’s local storage
  • Web server’s time in getting a file from end user’s machine is totally saved. Thus, lot of reduction in the web server’s load.
  • Once the user uploads a file, it will be there in final destination within negligible time and webserver can use that for user’s other operations.

So, what’s your thought?

Surprised? There are many other tricks which can be used to make application architecture effectively making use of cloud. Let us see those in coming blog posts.

Feel free to share any such tricks at sales@trigent.com

How IBM MobileFirst can accelerate Apps development?

Because of the increasing demand for cross-platform mobile solutions and mobile development tools, several Mobile solutions providers sprung up during hay years of mobile application. However, each one had its own shortcomings like uncommon language for scripting, proprietary interpreters, and limited environment for development. This led mobile developers to compromise on costs, user experience and marketing time. It was then IBM MobileFirst (formerly IBM Worklight) came to rescue the forte of many.

IBM MobileFirst is based on ‘code once and run on multiple devices’ approach. It provides a standard based, comprehensive platform that includes IDE/SDK, mobile-middleware, private enterprise app store, strong security framework, management & analytics console. It currently supports iOS, Android, Windows and Blackberry platforms.

This software helps corporates to expand their businesses to mobile devices. It offers an open, advanced and more comprehensive platform for building, testing, running and managing mobile applications for tablets and smartphones. Thus, it reduces the cost of development and the time takes to market. Furthermore, it also improves the governance of mobile application and facilitates a secure atmosphere for mobile applications.

After IBM acquired the mobile platform product Worklight in Feb 2012, it has integrated this product into all of its products so as to provide a complete life cycle management solution. After acquisition, it was called IBM Worklight. But after their 6.3 version, they have renamed the product to IBM MobileFirst.

The standards based technologies used by IBM MobileFirst completely removes the usage of code translation, non- standard scripting languages, and proprietary interpreters. IBM MobileFirst can accelerate the business development by enabling the corporates to support several mobile operating platforms from an exclusive, shared code base; by easily getting connected and synchronized with enterprise data, cloud services and applications; by protecting mobile applications in a secure atmosphere; and by governing mobile application from a single point of control.  Without writing a single line of code, through the use of adapters it can provide secure access to internal services. Similarly unified push notifications and SMS made the developers work very easy. They can be used with just few lines of code. IBM MobileFirst internally uses Cordova (Formerly PhoneGap) cross mobile platform along with HTML5, JS and CSS for hybrid applications.

The IBM MobileFirst’s portfolio can help enterprises of any size to quickly expedite development tasks for multiple platforms at ease. It can be utilized productively to develop, connect, run and manage mobile applications for matching the security standards of any business to that of any global organization.

Have something to share on MobileFirst, write to me!

Exit mobile version