Tuesday, June 30, 2015

GoBank : No Overdraft Fees, No Worries, No trust ? - [UPDATE] - Trust regained

Update: July7, 10:16 pm

Wow. I can't believe what happened today. I had almost given up my hopes.
This afternoon, I got a call from a Kevin S. He told me that he is the director of the disputes division at Go Bank. He said that my case was escalated to him.
He then said that he deeply looked into my case and my records and has concluded that the transactions I had disputed were in fact fraudulent and they have credited my account with the disputed amount.
He then apologized for all the trouble that has been caused to me for the last few weeks. He explained in detail how their dispute process works and tried to reason why earlier they had classified the transactions as valid.
He said that in my case the transactions had happened very near to where I was (which usually is not the case with fraudulent transactions) and that the transactions were of a normal pattern that I had been doing and hence their system didn't raise any flags and hence they had reason to believe that they were normal.
He said they get a lot of disputes and their small team does not escalate each and every one. They try to apply heuristics to see if the transactions are valid or not. These include the geographical distance between the card holder and the transactions, simultaneous logins from different locations etc...

Funny thing is that now that it was escalated to him, he was able to deeply look at my case. This means all the 3 times before that none of the team members looked really deep?

But I kind of understand given that these transactions were very similar to what I would have done. Still, I think they should have had better communication with me with transparency early on. I clearly told him that I was disappointed because of these reasons while I do appreciate his call.

He apologized again and gave me his office contact info just in case I had more questions. He also said that I should stick with them and not judge them based on just one incident. My heart really wants to give them benefit of doubt. But gaining lost trust is really hard. I have mixed feelings right now. Looks like I am going to sit on this for few days before I feel comfortable dealing with them. I mean, if this happens again with me with some other institution who knows what that experience might me. As I said, I want to give them the benefit of doubt. Still couple of questions still linger my mind:

1. Did my case escalate up to the top level only because I challenged them publicly using this blog and over social media like twitter and facebook ?

2. I see that their PR/Marketing team has still blocked me on twitter and facebook. I don't think this was the right way they handled this. I am a reasonable person. They could have just communicated their thoughts to me. Without any notice they just blocked me. Kevin said that they should unblock me soon so that I still have a way to communicate with them.

I hope they take a note of this and improve their transparency and processes. I like their app, user interface and ease of banking and that is why I had zeroed in on them after my research.

Update: July6, 11:14 pm

Well, it seems their twitter account has blocked me. This is just ridiculous.

At least they have now fully convinced me that I must leave them. I'm stopping all my deposit routes and closing my account right now.

Update: July6, 10:40 pm
This evening I received the "detailed" letter in mail about the investigation. The letter just lists down all the communication I had with them over the call and in the comments section I see this:

GD has reason to believe that the cardholder (CH) authorized the disputed transactions based on IVR report, ph# <MY GOOGLE VOICE NUMBER> and <My Actual Number> are both associated with CH.

It also states:

Claiming to be unaware of the account balance or disputed charges but IVR/IP activity indicates frequent account logins which would have made the card holder aware of their balance.

So basically they are trying to state that
1) I have multiple phone numbers is a suspicious thing. To clarify, I have a google voice number and 2 other numbers and for security purposes I changed the number on file as soon as I learned about the fraudulent transactions

2) They say I have frequent logins. Well, that's the reason I found out about the fraud transactions. I don't understand how this is against me.

I have also submitted my photo ID. There is no evidence in the letter stating that the ATM cameras were accessed to compare against my ID. They haven't conducted the investigation to the fullest. Very very disappointing.  I think it is time to leave them, where they don't trust their own customers.

Update: July1, morning 9:15 am
GoBank Twitter account DM'd me asking for my phone number so that their corporate "manager" can contact me. Just got over from the call with the "manager". It was no different call from any other previous calls. She refused to give any additional information. All she said that I'll have to ask for a detailed response on the investigation process.

Again, how can the investigation end without considering the photo id I submitted. I'm sure they did not get any footage or photos from the ATMs where the transactions happened. Disappointing.

Original Post on June 30th evening.

Dear GoBank,

I was a very happy customer up until recently. On June 7th morning, right after my guitar class in Sunnyvale I checked my account and noticed there have been 3 money withdrawal transactions two on the evening of June 6th 2015 and one just that morning on 7th - all of these from the city of San Francisco.

I immediately called the customer care number and notified them. They asked me to file a dispute if in case the transactions got posted to my account. They also cancelled my card and said I’ll get a new one in mail. For the record, I had the card all the time with me.

Unfortunately for me, the transactions were posted to my account on Monday. So I called the customer care again and filed a dispute. I got a dispute number and then sent in the required form. I was very positive and knew that the investigation would yield in my favor.

The last I had been up in the city was a week before and came back to the south bay on May 29th. I had used my card while I was in the city. I had the card with me all the time and also when I came back. In fact I still have it with me to date. I have never ever given any authorization and never disclosed my pin number to anyone.

Claim 1:
Within one week of filing the claim, I got an email saying the claim was denied. No information was provided. I was shocked. So I called again. The customer care representative also did not give me a reason. I asked if I can refile the claim. So they did. This time I told that I had the card with me all the time and no one knew the pin number. They said they have added it on file.

Claim 2:
Again just after a week I got an email saying my claim was again denied. I was very disappointed. I knew that someone had somehow gotten access to my pin and the last time I had used the card probably had spoofed it when I swiped it. I just wanted you guys to trust me and believe me. I spoke to the representative and asked if they can get a video footage of the  ATMs where these transactions were made. They instead asked me to acquire this footage!! This is totally weird. I don’t even know which ATMs these transactions were made and in order to prove why should I be the one to do this investigation.

Claim 3:
I told them to escalate this and said that I’ll submit documentation to prove that I was not in SF when these transactions happened. Along with the dispute form I sent the following information to prove that I was in south bay the weekend of 6th and 7th June:
- My location history form google maps
- Links to my tweets during these times which have location information
- Screenshots of my other credit card transactions that I had made during these days which had location information in it indicating I was in the south bay and not in SF.

With this information I was at least confident that the investigation will proceed further.
On June 29th I got a call from Green Dot and they asked me to submit my ID (state ID or DL or Passport) to greendot.com/verify
The lady who called me (Edna I think), said that they will be using the photo on my ID to check the footage from the ATMs.
I was very happy that this was happening. Now I knew, this would work for me. I submitted my DL image. The site said it will take couple of days to process it.
This brings me to today - June 30th 2015. It has not even been 2 days since I submitted my ID proof, I already get an email from GoBank team saying that my 3rd claim has also been denied.

Now, I highly doubt the “investigation”. I don’t even think any investigation was/is being made. I had requested for additional information after my claim #2. Today (30th June 2015), I also received the “detail” report which is totally inconclusive and in any ways shows no evidence of any investigation. There are just 3-4 pages from salesforce which make no sense.

This is the paragraph where I talk a lot about how disappointed I am or how you have failed me. But I don’t believe any of that would change a thing because I don’t think there is anyone really caring for these things. 

All I have to say is this: GoBank : No Overdraft Fees, No Worries, No trust ?

I still want you guys to make this right and gain my trust back. I hope someone is listening before I close my account feeling helpless.

I just hope no other GoBank customer gets into such situation.



Saturday, November 8, 2014

Not cool ATT. not cool. [UPDATE] - Well, its actually cool now :)


I was happy to see a reply from ATT Customer care on Twitter this morning (Monday, November 10th) They looked into it and reverted the charges. Here is how the conversation went on twitter:

Earlier post:

Today I'm writing this (totally non-technical stuff) because I feel cheated, because I don't like the attitude towards the customer, to ask for your (readers) support and test the power of social media.

I recently traveled to Toronto for a conference. I wanted to have my phone and data service while I was there. Since I had never been on roaming, I wanted to be sure about any data/service charges that might incur. So well before the trip, I chatted with an ATT rep about it.
Here is how it went :

Chat start time Oct 16, 2014 1:14:37 AM EST
info: You are now chatting with Victoria R., an AT&T sales representative.
Victoria R.: Welcome to AT&T online Sales support.  How may I help you with placing your order today?
Tejas: Hi, i have a question about traveling
Victoria R.: Good evening Tejas, How can I assist you?
Tejas: i'll be in Toronto for about 5 days, I need to know if I'll have service (phone + data) and if so, will there be any charges ?
Victoria R.: You will certainly have coverage for no extra charge.
Tejas: cool, sounds good
Tejas: and I assume there are no catches here...
Tejas: :)
Victoria R.: There are not. :D
Tejas: ah, well you made my evening!
Tejas: thanks

I was happy (and a little surprised) to know this.

As soon as I landed in toronto, I got a text message saying that I'll be charged a pay-per-usage for data (approx. $15 per MB wow). I got a bit worried about this misinformation

So, as soon as I reached my hotel, I turned off data on my phone as well as my tablet that I was carrying. Then I got onto the hotel wifi and chatted with another rep. to get it cleared. Well it turned out that the information I had got earlier was incorrect. I needed to buy a international roaming data plan.

Chat time approx : Wed. Oct 29 8:04pm (Toronto time)

Tejas: so basically you are saying that the person I chatted with earlier gave me incorrect information ?
Mary Ann Eggers: Seems like that and we really do apologize for any inconvenience this may have caused you.
Mary Ann Eggers: But don't worry we can add the AT&T Passport for  a price of $30 that includes the Unlimited Messages sent (text, picture, video), unlimited Wifi for iOS/Android devices, $1.00/min talk and 120MB data (Overage:$0.25/MB).

I figured, I have to buy their plan in order to avoid any super high costs.


Tejas: i dont' think I have a lot of time for this. I tried to be proactive earlier, but that din't work. I need to get back to work now. I have gone ahead and added the passport pro plan.
Mary Ann Eggers: Oh okay, let me check on that to confirm to you the added plan.

So, I went ahead and bought the roaming plan on my phone and decided to turn off data on my tablet. There was a small window (from airport to hotel) in which I might have used some data (either on my phone or tablet). Since I had the incorrect information from the first agent, I asked this second representative to make sure I'm not charged for any data usage because it was their mistake and I was provided with incorrect information.

Tejas: Just to make sure for the last time: 1) My roaming data plan starts working right now which is $120 for 800 mb 2) I can use it only on my phone - ***-***-**** and 3) I won't be charged any pay-per-use amount for any accidental data that i might have used prior to discovering the misinformation given to me by your agent
Tejas: can you please make sure of these 3 things. I don't want any loose ends
Mary Ann Eggers: Rest assured that all of that will be taken care of today. :-)
Tejas: I'm taking your word for that (and a copy of this chat :D)
Mary Ann Eggers: As I am adding to my note on your account about all of these.
Mary Ann Eggers: Sure thing.

However, today, when I saw my bill, I saw that I had been charged a pay-per-usage for the data used in that window of time on my tablet device. I chatted with them few minutes ago and explained everything that had happened. They argued that I added the roaming plan only to my phone and hence I have to pay for the tablet.
They tried to offer me a 50% off on the extra charges as a one time "courtsey". 

Chat time : Fri. Nov 7 11:26pm (California time)

Brian Chamberlain: You added the plan yourself to the device and asked if you were covered. You never stated that you were bringing any other device with you so we could not know.
Brian Chamberlain: The rep did not provide you with any misinformation.
Tejas Lagvankar: yes, that is when i figured out that the information given to me was wrong
Tejas Lagvankar: so I added the plan mysself on the phone and turned off the data on my tablet
Tejas Lagvankar: the second rep. told me that i won't be charged for any accidental usage
Brian Chamberlain: That is incorrect. You are responsible for any usage that you use when traveling outside the country and accept responsibility for charges.
Brian Chamberlain: We provided you with the correct information when you contacted us regarding the plan that you put on your phone.
Tejas Lagvankar: omg. then why did the first rep tell me that I'll be covered for no extra charge ?
Tejas Lagvankar: Tejas: i'll be in Toronto for about 5 days, I need to know if I'll have service (phone + data) and if so, will there be any charges ? Victoria R.: You will certainly have coverage for no extra charge., Tejas: cool, sounds good Tejas: and I assume there are no catches here... Tejas: :) Victoria R.: There are not. :D
Tejas Lagvankar: please explain this
Brian Chamberlain: That chat states nothing about your use of a device other than your phone in which you added the plan onto.
Brian Chamberlain: When you added the plan yourself you had choose which line it gets added to.
Brian Chamberlain: You also had to accept the terms and conditions.
Tejas Lagvankar: i dont feel like we are getting anywhere. I'll go ahead and pay the bill. I decline any of your "courtesy" offer. I think i have learnt my lesson

I feel cheated here. I wanted to be proactive and went ahead and chatted with them well in advance (like 10-12 days before my trip).
I don't think this is cool at all. I was ready to pay any charges upfront if the information was correct. And in fact I did buy the roaming package too. Rather than the charges incurred to me, I'm more upset about the attitude presented towards the customer. I think it was their mistake and they should accept it.

Thank you, if you are still reading this. All I ask for is your support. Please share this post on any/all social networks that you are on. I think social media has the power to get the voice heard. 

Use #notcoolatt in your posts.

Wednesday, April 23, 2014

Gradle Android : Multiple project setup

For a Multi-project setup, the Android documentation for gradle states :
"A multi-project setup usually works by having all the projects as sub folders of a given root project."

 + app/
 + libraries/
    + lib1/

But I have a different situation where my library project and the actual project is not under the same root.

So, my library project is inside its own directory. Then I have my main project in some other directory wanting to refer to this library project. I had a hard time to figure this out with gradle. So, hopefully this helps someone.

So basically, the structure is as follows:

    |---- foolib-root
                |---- foolib
                           |---- build.gradle
                           |---- src
                           |---- libs
                |---- build.gradle
                |---- settings.gradle

    |---- project1-root
                |---- project1
                           |---- build.gradle
                           |---- src
                           |---- libs
                |---- build.gradle
                |---- settings.gradle

Just, FYI, the build.gradle inside foolib-root/foolib contains:

apply plugin: 'android-library'

indicating that it is a library module.

Now, the task is to refer to library project foolib from project1.

I have found there are 2 things you need to do to achieve this:

1. The settings.gradle in project1-root must define the library project in its scope and provide a path for it. You can do this by having the following line in it:

 project(':foolib').projectDir = new File(settingsDir, '../Libraries/foolib-root/foolib')

2. Add this library project into the dependencies of project1 by adding the following to its build.gradle:

dependencies {
    compile project(':foolib')

This did the trick for me. Not sure if this is a right way to do it. But serves my purpose.

Friday, April 11, 2014

Debugging Cursor Values

Many times, you will have to query content providers. For that you'll either use a content resolver or use the CursorLoader class. In both cases you get back a Cursor object back.

For quick debugging, you'd want to examine the contents of the cursor. For quick debugging purpose, it is painful to extract all the columns coz you need to know the column data types and names etc...

Cursor cursor = getContentResolver().query(<uri and other params>);
if (cursor != null) {
    while (cursor.moveToNext()){
          intValue = cursor.getInt(cursor.getColumnIndex(<Column name from provider contract>));
          stringValue = cursor.getString(cursor.getColumnIndex(<Column name from provider contract>));
          longValue = cursor.getLong(cursor.getColumnIndex(<Column name from provider contract>));
          //..... and so on for all the columns you need to debug

I came across this simple method in the DatabaseUtils class which, for some reason, I never noticed :) It has there been since Api level 1 :O

Super useful for quick and dirty debugging.

public static String dumpCurrentRowToString (Cursor cursor)

So now the code becomes:

while (cursor.moveToNext())
       Log.d(TAG,  DatabaseUtils.dumpCurrentRowToString(cursor));

Makes debugging life so easy!

Wednesday, May 1, 2013

Google Glass : My answers to FAQs

Random person: Is that...
Me: Yes. it is Google Glass
Random person: Is it...
Me: Yes. It is awesome!

I have been getting a lot of (stares) and questions about the Google glass. There are a lot of people writing about it too. Here, I try to answer the most common questions/remarks I have gotten so far.
I'll keep updating it as I get more questions. (Let me know if I'm missing any info).

The way I did is, I put on my glass and standing in front of the “Mirror”, did a self interview re-asking myself all those questions. Here it is:

Note: I have not been paid by Google or anyone to do this. All the opinions expressed in this article are my own.

Level: extreme newbie / curious

What is Google Glass ?
It is a wearable computer - a computer that you can wear! :)
Other examples of wearable computers: smart watch(pebble, sony smartwatch, calculator watches), health sensors (jawbone up), you get the idea...
So basically, it is a seems-to-be-futuristic-but-its-already-here-and-the-world-is-moving-too-fast-and-i’m-getting-old device.

How to use it ? What are the ways to interact ?
- It has a small screen (in the a small glasslike looking plastic piece) on which content is projected.
- There is a camera for photo/video capture.
- There is a trackpad on the side which understands swipes.
- There is a microphone and a small speaker.

Update : Google just released this short video of how to use glass:

How does data work ? Do I need to put a SIM in it ?
- It connects to your phone via bluetooth and uses data from your phone plan.
- It can also connect to wifi.

- What is really the use of it ? (posting pictures/videos on social networks don't count)
- Is it really useful ? Or just another gimmick ?
Here is Google's marketing page that tells you what it can do : http://www.google.com/glass/start/what-it-does/
In my words, you can do the following things:
- Use it as a camera (pictures, videos)
- Send messages via email or text (google voice)
- Get turn by turn directions (navigation) - when connected to your phone
- Hangout (video conferencing) with friends on Google+
- Get notified of new important emails, calendar invites
- Access to quick information when needed information (via Google Now) : nearby restaurants, weather, flight info, birthdays - most of the things Google Now does on your android device.
- Moreover, it is a platform not just a device. That means, developers (like me) can come up with (and should come up with) more ‘relevant’ ideas to extend its usability.

Is it perfect ?
Not yet, being a 1st generation device, there is room for improvement. Infact, its not even a first gen device. Google has been very nice to have outsiders to help them build this new product by asking them to try out early version (called explorer edition), test it in the wild, write apps and provide feedback. So, it is not perfect, but the “vision” is great and in the right direction :)

- Isn't it distracting while using ? or even more when you get notified of something, I mean notifications are right into your face.
- Better watch out for the truck coming your way when you are walking on the road
- So, if you get hit by a bus, does Google pay for your medical expenses or insurance payout?

It is surprisingly not distracting. Even I was concerned about this.

Firstly, the display sits above your right eye plus it is not on all the time. So, you can actually see through it. Even when the display is active, you can see through it on the other side. To look at the display, you have to look up slightly.

Secondly, the glass doesn’t start doing things by itself. Most of the notifications you get, just make a small sound (the screen is not activated). Then you can choose voluntarily (just as you choose to look at your phone) to look up to activate it and consume the notification.

It involves the same amount of risk (rather less) that would be when you are walking down the road looking at your phone or wearing your headphones/earphones while walking/biking. Rather I’d argue that the risk is less, since you are looking up and you have better peripheral vision as well as being able to see through the glass.

One of the goals of the product is to set you free from your phone whenever it is not needed.

It is so close to your eyes, doesn't it put strain ?
Nopes, they have designed it in such a way that, when you look at the screen it appears to be 1.5 to 2 feet in front (and above) of your line of sight.

I’m concerned about privacy. Anyone can take photos/videos in public without noticing.
Well, for taking videos/pictures, you need to either 1) press a button or 2) talk to it loudly to feed voice command. That solves the problem for not knowing when someone is taking a picture/video.
Also, do you know there are n number of cameras(and sensors) out there already capturing you that you don’t even know of. And they are increasing, glass is just one of them and it is not even hidden. Its there right on top of someone’s head, may be your own.

Update: Here is more detailed info on privacy by Robert Scoblehttps://plus.google.com/111091089527727420853/posts/SHZJ2giR7pE

What is the price ?
This is the explorer edition and it is priced at $1500

Wow, thats a lot :O
Yes it is. I don’t feel obligated to justify the price. BTW, I got mine free - I won the Glass hackathon at an event :) Be (more) jealous. I have earned those!

What will be its actual price?
Don’t know, however Google has indicated that when the consumer version comes out it will be less than $1500.

When will the consumer version come out ?
I don’t know. Google has indicated it may take another year

Do you work with Google ?
No. I have been a fan of their technologies, I use them, I build apps with them (heard of Android?), I live with their technologies. [Google, I need a life long pass for IO and other Google events :) ]
I do work with an awesome company called Tomfoolery (www.tomfoolery.com) with some crazy awesome people. Check us out and follow us www.twitter.com/tomfooleryhq

Is the Google glass awesome ?
Of course it is :)

Are you biased ?
Of course, I am. (However, I’ll mention the drawbacks later)

You look stupid wearing those.
Yes, I do.

You look awesome wearing those.
Yes I do.

What are the issues you have faced ? What are its drawbacks ?
Just to reiterate, this is the explorer edition. I expect it only to improve from here. Here are some of the issues I have found.
- Without any data connectivity, you can just capture video/photos. You can go through your previous timeline items, however any actions you perform won’t happen.
- Also, with a slow data connection, it can get frustrating.
- The bone conduction speaker is a bit funny. It tickles when it makes sound.
- Also the sound level is not very good. In crowded places its hard to hear. Especially when you are taking calls through bluetooth, it doesn’t help at all.
- If you already wear glasses, then you have to be patient and wait for the consumer edition later. Currently, you have to either wear both glasses (your prescription and google glass) or wear contact lenses.
- Quality of hangout is blurry most times (again depends on data connection)
- Battery life can improve.
- Sometimes I have bluetooth data connection issues. Esp. when I get out of a connected wifi.

Will it be a success ?
I believe it will. But really, I don’t know. There are various factors involved. Price, monetization, acceptance. But, if you ask me about usability, coolness - I’m sold

But I don’t like it. It is invading privacy, it looks stupid, it doesn’t make sense, its too futuristic?
You like it or not, it makes sense to YOU or not, it doesn’t matter. Accept it. It is still coming. If not Google glass then something else will or something else... Be open. Adapt.

Level: Technical / More curious

Does it run Android ?
Yes it does.

Can you run Android apps on it ?
Technically yes. I ran one this morning. (See this : https://plus.google.com/113624528637645978412/posts/Hze7DzPe6MM), but doesn't make sense to do that. It is a different form factor. Even if it runs Android, from app development/usage point of view, it is better to think of it as a different platform.

Do I need to know Android to write apps for glass ?
No. You need to know how to do HTTP calls from any language of your choice (this is the minimum requirement) and you need to know html. Here is their developer website : https://developers.google.com/glass

Thursday, June 9, 2011

Enterprise mobility and Android

Its quite some time after the GoogleIO. Have been busy digesting some info and thinking a lot. Just a day before IO, I wrote some of my thoughts on Enterprise mobility. Today, I'll try and visit certain aspects in detail as well as try to list what Android has to offer as of now.

Now, from current trends in market and from my understanding till date, I see the current enterprise mobility having 3 components as follows :

1. Device Management
2. Security
3. Application management

Enterprises looking for a complete mobility solution are mostly looking at these three areas. I'll try to briefly touch on each of these and discuss what Android has to offer (and not offer) to enterprise mobility. [For clear separation, I have marked Android Specific details in BLUE : I know Green (#A4C639) would have been appropriate, but I didn't think it was good for reading :)]

1. Device Management :  Device management (DM) mainly deals with being able to remotely alter certain aspects of the devices. Again, I see DM being split into the following.

i. Provisioning deals with mass deployment of various settings on large number of handsets.  For instance, provisioning the devices with corporate WiFi information, VPN access parameters and configuration of email settings etc... For the IT department, being able to provision these settings is beneficial since it helps them carry out the tedious task as well as reduces chances of human error and avoid complex email instructions.

Blackberry and iOS have most of the DM functions baked into the platform. This means, one can configure a DM server (may require manual steps). Once configured, the DM server can send commands to the device which will be understood by the device platform and reacted accordingly.

Android, however, requires an on-device management agent (aka Device administrator) which should implement the Device Admin APIs (Android 2.2 onwards) in order to perform any of the DM functions. Furthermore,  Android doesn't support provisioning out of the box. Rather of all the top IT demands (WiFi, VPN, Exchange etc...), only WiFi can be configured programmatically by the on-device agent.

ii. Device Control deals with being able to remotely take certain actions on the device that may affect the end user. E.g. device lock, unlock, wipe, set/reset password.

With the device admin software installed, Android can do these basic device control functions like device wipe, lock/unlock and set/reset password.
There is however one way to achieve device control functions without having to install any device admin. The trick here is that most Android devices ship with a Email application which can be configured with Exchange information. By default Exchange uses the ActiveSync protocol for syncing mails. Of lately (I guess Android 2.2 onwards), I have seen that while configuring Exchange, the platform shows the standard Device Management screen asking for adding the Exchange as a device admin. If you do this, then by configuring the Email, you can execute device control commands like lock/unlock, set/reset password, wipe etc... To check this go to Settings -> Location and Security -> Select Device administrators. You should be able to see Email application being listed if you have configured Exchange (ActiveSync ).

iii. Device Policies : Policies allow enterprises to control certain settings of the device. This is different from provisioning in that policies can be considered as 'enforced' settings. While someone may change the provisioned settings, device policies are not "meant" to be changed. On Blackberry and to some extent the iOS, the platform restricts the user from changing any policies set by the IT administrator. These policies may include restrictions on the browser to disable javascript, avoid using the phone as USB storage device, disabling camera, etc...

Again, in the case of Android, you will need the on-device admin app to control (only) a subset of what the IT demands traditionally. Basic policies like enforcing a device password, password quality etc.. are supported out of the box with the Device admin APIs.

2. Security : By far, this is THE feature enterprises cannot live without. When enterprises allow data to be accessed remotely, its security is of prime importance. There are 3 components related to security that I visualize as follows:

i. Encryption : Any data that is stored by any application as well as any data that is communicated to and from the device, needs to be encrypted.

Android apps can use SSL tunnels through with data can be transported. However, the data stored on the device (phone memory and SD) is up to the applications. Prior to honeycomb (Android 3.0) there is no support for turning on encryption on the device. Even with Honeycomb, a device administrator application can request for the encryption process to begin, and it will start the encryption ONLY IF it is supported by the device on which the agent is running. Things are still pretty unclear about the way encryption is supported (hardware vs software etc...). One of my previous posts raises these issues. I'll update both the blog posts once enough information is available.

ii. Device Policies : I have purposefully included policies again under Security. I think this link is important to note. This is just to remind that policies are restrictive settings enforced in order to avoid security compromise.

iii. Compliance : Now, we have policies in place. And as I said these need to be enforced on the device. However, it may happen that the user knowingly or unknowingly changes some setting that violates certain policy (that cannot be technically enforced on the device - technology limitation). This may put corporate data at risk. It is important for the IT to determine such instances. This leads to constantly monitoring the device and making sure that it is "in compliance" with the policies.
Usually, compliance checking may be done on the server that monitors the device. This can be achieved by querying the device for certain parameters periodically and then running the compliance rules against the values received. These rules usually test whether the device adheres to all the policies, if not then the resulting actions could be anything from blocking corporate access for that device to wiping the device. This totally depends on the IT policies for the enterprise.

The device admin app can play the role of reporting parameter values to the DM server. To monitor Android for certain metrics, the server can implement the Google C2DM (cloud to device messaging discussed in this blog post) to send query messages to a device admin app which can reply back. 

3. Application Management : One of the basic goals for enterprises is to mobilize the business. As a result, enterprises have started mobilizing many internal applications. So, as a part of enterprise mobility, the IT also has to manage the mobile apps. Application management (AM) can be again viewed as having the two main functions :

i. Monitor/Debug apps : Since most of the applications may be internal apps, the development and testing phase becomes critical. Also, since these apps may directly affect employee productivity, debugging these apps during development and after deployment is crucial too. One of the tasks of AM is to help the development and debugging process easier. Once the app is in production, AM can help monitor the status of apps and surface any problems earlier. Monitoring of apps may also refer to getting an apps inventory and determining "blacklisted" apps from security point of view. This may tie back to compliance.

ii. Deploy / Remove apps : With many such applications there is a demand for Enterprise application catalog on which apps would be listed and shown/accessed depending on the role of the employee. Since these apps may contain critical corporate information, it is important for the IT to be able to control these apps remotely. Being able to install, remove these apps is one of the most popular demands from IT.

With Android, anyone can "sideload" an application. This means all the application (apk) files can be accessed via a webpage. However, there are few points to note. In order to install any application that is not listed in the Android Market (consumer app), one has to enable a setting called applications from an "Unknown Source". While doing so, the user gets a dreaded message that may scare him off. Also, it is worth noting that there is currently no official way to push the application on the device and install/uninstall it without the user intervention. If you already have your device admin agent on the device, then it can download the app binary and trigger the install process or trigger the uninstall process of an existing app which will redirect the user to the install/uninstall approval screen. There are some app markets (like AppBrian) which have (with limited capabilities) "managed" to remotely push and install applications on Android phones. However, there is no official way to do so.

So, here is a complete picture of how I see Enterprise mobility as of now:

To summarize, Android really doesn't have much to offer at this moment apart from few Device Admin APIs and Encryption (hardware dependent - 3.0 onwards). With the growing demand for Android and the changing trend of Employee liable devices, it certainly is a challenge for IT. The Google enterprise team unfortunately didn't seem to address most of these issues and didn't seem open to a lot of questions posed at the GoogleIO. The talk at GoogleIO can be found here : (http://www.google.com/events/io/2011/sessions/taking-android-to-work.html) I hope they have some plan for the Enterprise mobility because the wave has just begun.

Monday, May 9, 2011

Understanding Enterprise Mobility

[I'm sitting at a Starbucks waiting for the GoogleIO registration to open up. There is an interesting session 'Taking Android to work' which I'll be attending. Google's approach to enterprise mobility seems to be different than Blackberry or Apple : they don't have anything baked into the platform. The GoogleIO session will hopefully provide more insights into the future path. If you are an attendee and interested in this topic, I would definitely love to have a chat with you. You can follow me on Twitter : @advantej ]

For the past few months, I'm trying to understand the enterprise mobility space. It had kind of existed in the past but emerging again with a new face altogether. Its definitely a larger wave than the earlier one.

A look into the past: 
Laptops introduced mobility into enterprise. There were cell phones before, but those weren't 'smart' enough. Their primary purpose was just to carry out conversations. Laptops made it possible to take the work with you. There was also a short period that showcased Personal Digital Assistants (PDAs) which were rather bulky to carry around and capabilities mostly limited to managing your schedule, taking notes and some basic messaging. But the truly workable mobile devices were laptops.

The Enterprise Viewpoints: Two sides of a coin
The Good:
For enterprises, mobility means a lot. It is a means of growing business, capturing opportunities and bringing back information, knowledge, keeping the organization going on, no matter where the people in the organization are. Be it the CEO, CTO, marketing or sales people or any other management folks or your awesome engineers: mobility builds the necessary bridges whenever it matters to achieve the required goals.

The Worrisome:
However, practically this means accessing company resources from devices and environments on which enterprises may not have any control. While mobility helps enterprises grow the concern about information security in uncontrolled environments makes enterprises take a step back.

In the laptop/PDA wave, managing devices was pretty much conventional. There was nothing new to do at least for the laptops because they had to deal with the same operating systems on laptops for which IT management was already being used for a long time.

For pretty much long time, RIM provided enterprises with a solution to control the Blackberry mobile devices, enabling them to configure, manage and enforce policies on the devices.

With Apple and Android powered devices entering the consumer market with different form factors, mobility has a new face. Not just that there are a lot of devices from different vendors and operating systems, its the fact that employees are consumers first. They are pretty much demanding the use of devices of their choice for accessing enterprise resources. Moreover, people don't like to carry multiple devices : a personal device and a company owned device. They want it there - all in one.

The challenge for the IT is to support multiple mobile devices ensuring safety and security of enterprise resources. Apart from security which is central to enterprise mobility, IT demands being able to configure devices no matter what OS its running.

Being a newbie to this space, I think of a lot of questions that I'm trying to answer. With many enterprise applications emerging, is enterprise mobility management limited to managing just the devices ? What about the applications ? Do we need to control and analyse those too ? With employee owned devices is it acceptable to enforce enterprise policies all the time ? Some policies require control over the hardware as well. In my masters thesis, I explored context awareness frameworks for mobile devices and prototyped one. I was wondering if it makes sense to exploit user context for enterprise policies. This may help in selectively applying policies depending on user context. This may help develop a win-win situation where employees don't feel controlled all the time but would be able to access the required resources. (For curious reader : here is an interesting academic research project trying to identify high level contextual aspects for a mobile user.)

Have got these questions and many more.... but one thing for sure - this wave is very large, unavoidable, with a lot of challenges and comes with competitive problems for the architects and engineers to solve.

[Thank you Starbucks for the internet !]