Game Changing Mobility

knowledge engineering blog

How to Start Your Android Development Journey

The mobile industry is one of the fast-growing industries. Among them, 75% are Android users.

People using smart-phones demand application with better performance and regular updates for apps they are using, which in turn is a huge scope for android mobile application development.

How to Start Your Android Development Journey

Beginners who have some basic programming knowledge can start developing android application even if they don’t have any application development experience. It is not necessary to join any Android application development course. Start by finding and following some good online tutorials on the internet.

There are many reasons to choose Android as a platform for application development. Such as;

  • Android is open source
  • It is easy to Learn
  • Fastest growing technology
  • Size of the market
  • Job prospects

Open-source

Android is an open-source platform. Developers can leverage it to develop applications with different look and feel. Manufacturers can change it according to their needs and add functionalities to their phones to make them different from other phones in the market. Since it is open source, even you can download the source code and make your own android application.

Easy to Learn

It is easy to code on Android. Someone who is having basic programming knowledge can easily develop an android application. There are lots of online websites available from where you can study android app development for free.

Fast growing technology

Nowadays, mobile technology has almost all the features and capabilities to cut down the number of desktops and laptops usage. Modern smartphones and tablets are able to offer real means of computing-on-the-go for almost all types of business and personal requirements.

Size of the market

The number of available apps in the Google Play Store was most recently placed at 2.6 million apps and it is increasing day by day. Google Play is a huge and powerful market for Android apps. one who makes an app can be easy to sell their product through Google Play at free of cost.

Job prospects

As a result of an increase in android mobile users, Android developers are being hired in all sectors. An average person spends 3 hours a day in his/her smartphone making payments, online shopping, playing games, and on mobile applications. Nowadays Android apps are available for almost everything. Every business is developing its own mobile apps to improves sales and customer satisfaction and as a part of their marketing strategy. Websites are being vanished as a result of mobile apps.

How to Start Your Android Development Journey

  • Android Core Concepts
  • Official Android Training Guides
  • Download Android Studio IDE
  • Try some coding Official Android Training Guides
  • Stay up to date

Android Core Concepts

As someone who is going to develop an Android mobile application for the first time, you must have some basic idea about bellow concepts.

  • Activities
  • Fragments
  • Layout XML Files
  • Intents
  • Services
  • Sensors

Activity

Activity is the screen that the user interacts with. In an application, there will be one more activity. For example, we can consider login screen as an activity and when login gets success the user goes to another activity.

Fragments

A fragment is a part of an activity. We can think fragment is like an independent part of a modular UI component attached to an activity. Since a single fragment can be used in many activities, Fragments are reusable.

Fragments

Layout XML file

Activities, fragments, and some ViewGroups can use XML files to define their layout and contents. we can create our UI using XML code. Android studio provides an XML editor along with preview functionality.

XML Android development

Intents

Intents are the messaging system by which one activity is able to launch another activity.

Intent Android development

Services

Android services are used to perform background tasks. We can create apps that work on the foreground as well as in the background. Services are used to create apps that work on the background. An alarm is a good example of service, as it always runs in the background when we set an alarm.

Sensors

Android devices contain different types of sensors like Accelerometer, Gyroscope, Magnetometer, GPS, etc. We can access all these sensors programmatically and we can link with our application. For instance, we can access GPS for getting a position in our app.

Official Android Training Guides

The official training (https://developer.android.com) guide for Android developers from Google is extremely useful for any beginner developer. It has plenty of code examples and covers almost everything. They provide everything you needed to become an excellent android application developer. They also properly update their documentation if they replace any functions or elements with newer ones.

Official Android Training Guides

Download Android Studio IDE

Android Studio is an integrated development environment (IDE) that is used for building apps on every type of Android device. We can refer to the official website for download and installation of an android studio. It is also important that you need a high-end PC for the proper working of android studio.

Android Studio IDE

Try some coding

After the successful installation of your android studio, you can try some basic coding. Every new project on android studio is by default a sample app (Hello world). There are many websites out there having many numbers of sample tutorials. Just start with simple projects.

Stay up to date

Technologies are changing day-by-day. So, staying up to date with the latest trends is important. Google updates everything with the Android and they publish on their official site. We can update it from there. Staying up to date with the latest developing trends would be very helpful in starting a new project or refactoring an old one.

Conclusion

Android applications can be developed by anyone who is having a basic knowledge of programming. The Android development industry today offers an outstanding career for anyone who is enthusiastic in coding and help them to contribute to the field of technology innovation and application development.

- Dyenal Dinesh

Solutions: most dangerous mobile security threats of 2019

Prevention of mobile security threats helps organizations and individuals to protect their devices, apps, users and content from malicious attacks. Security teams can prevent these threats by using an app that scans devices and configurations within the network, or by setting up security protocols in case malware is present on the network.

Solutions: most dangerous mobile security threats of 2019

Cryptojacking attacks

Check these steps to minimize the risk of your organization falling into a trap

  1.     Install an ad-blocking or anti-crypto mining extension on web browsers.

Since crypto jacking scripts are often delivered through web ads, installing an ad blocker can be an effective means of stopping them. Using ad blockers like the Ad Blocker Plus can easily detect crypto mining scripts. Experts recommend extensions like No Coin and MinerBlock, which are designed to detect and block crypto mining scripts.

  1.      Keep your web filtering tools up to date.

If you identify a web page that is delivering crypto jacking scripts, make sure your users are blocked from accessing it again.

  1.      Maintain browser extensions.

Browser extensions are meant to make our tasks simpler. But, some of them could be a trap set by an attacker to execute crypto mining scripts.

  1.    Use mobile device management (MDM) solution to better control users’ devices.

Bring-your-own-device (BYOD) policies for preventing illicit crypto mining. An MDM solution can help to manage apps and extensions on users’ devices. MDM solutions tend to be geared toward larger enterprises, and smaller companies that often can’t afford them. However, experts note that mobile devices are not as at risk as desktop computers and servers. Because they tend to have less processing power, they do not produce a great deal or profit for hackers.

Insecure Communications

Here is a list of few best practices to be used for Android phones which may bring down risks related to insecure communication.

Understand that the network layer is highly capable of eavesdropping, thus making it insecure.

  • It is important to apply SSL/TLS to transport channels used by the mobile app to transmit sensitive pieces of information, session tokens, or other sensitive data to a backend API or web service.
  • When an application runs a routine via the browser/WebKit, using outside entities for third-party analytics companies and social networks could be more secure. Mixed SSL sessions should be avoided as they could expose the user’s session ID.
  • Always use a strong, standard cipher suites with suitable key lengths.
  • Use certificates signed by a trusted CA provider.
  • Do not pin certificate for security conscious applications and never allow using self-signed certificates.
  • Always require SSL(Secure Socket Layer) chain verification.
  • Always establish a secure connection with trusted certificates from keychain after verifying the identity of the endpoint server.
  • Build a UI that alerts users when a mobile app detects an invalid certificate.
  • Avoid sending sensitive data over alternate channels (e.g, SMS, MMS, or notifications).
  • Apply a separate layer of encryption to any sensitive data before it is given to the SSL channel. In the event of a possible vulnerability in the SSL implementation, the encrypted data will provide a secondary defence against confidentiality violation.

Mobile Ransomware

  • Only install applications from authorized stores like Google Play or AppStore. To be sure that no application makes its way onto your device from an untrusted source, go to Android settings, choose Security, and make sure that the “Unknown Sources” box is not checked.
  • Regularly check updates for your installed applications and your device OS. You can choose to update all installed apps automatically. It’s better to do update the system to the latest version as soon as an over-the-air (OTA) update arrives.
  • Install a strong security solution. Downloading apps from only the official stores and updating them regularly alone will not promise maximum security. Malware can lurk into even Google Play and, can also spread by means of exploit kits using yet-unknown vulnerabilities.

Phishing attacks

  • Think Before You Click!
  • Keep Your Browser Up to Date
  • Keep Informed About Phishing Techniques
  • Check Your Online Accounts Regularly
  • Use Firewalls

SMS –based Attacks

  • Think before you click a link from SMS
  • Do not open spam messages
  • Keep informed about phishing techniques

Botnets attack

To avoid system compromises, it is advised to use only licensed and genuine software. Keep your mobile updated with latest security patches. Install anti-malware solution and update it regularly. Disable Autoplay /Autorun for removable drives.

Always protect your device from Trojans and other threats by using effective anti-malware software.

User & Device Authentication

  • Think before allowing store passwords, and your data in mailing apps and browsers

Remember there is no single fool-proof way to avoid mobile security threats.

Habeeb Rahman

References

1 . Wikipedia (https://www.wikipedia.org)

2 . Medium (http://medium.com)

3 . Quora (https://quora.com)

Most dangerous mobile security threats of 2019

Smartphones are widely used across the world today, hence the security threats are also widely spread.

Our phones have become the most connected devices, at the same time the least secure. The security threats we face are those which we fail to notice and will be more hazardous in the near future.

Let us look at some of the major security threats that every mobile user must be aware of.

Most dangerous mobile security threats you should avoid at any cost in 2019

Cryptojacking

Cryptojacking is defined as the secret use of your smartphone device by the attacker to mine cryptocurrency.
Cryptojacking used to be confined to the victim unknowingly installing a program that secretly mines cryptocurrency.

When using browser there is no need of a separate program to do the In-browser crypto jacking.

How cryptojacking works

  1. The threat actor compromises a website
  2. The crypto mining script executes when the user connects to the compromised website.
  3. Users unknowingly start mining cryptocurrency on behalf of the threat actor
  4. When successfully adding a new block to the blockchain, the threat actor receives a reward in cryptocurrency coins.

Insecure Communications

The networks that you use to communicate are never fully foolproof, making your device vulnerable to attacks from malware. There are chances that hackers tend to set-up fake access points when you access WiFi in public places such as coffee shops, airports, etc. The access points are named using nonexclusive names, which can fool even the most brilliant people.

It is always good to be cautious when connecting to public WiFi. Use public WiFi only if extremely required and never use it to access personal information like bank account access etc.

Mobile Ransomware

A form of ransomware which affects only mobile devices is called mobile ransomware.

A cybercriminal uses mobile malware to steal sensitive data from smartphones or attempts to lock a device, before demanding payment to return the data to the user or to unlock the blocked device. Sometimes people may find some innocent content or some software through social networks, which they download accidentally and get tricked into downloading some malicious ransomware.

After the malware is downloaded onto a device, it will ask the user to pay an amount before encrypting files and locking the phone. After the payment is processed online, often via Bitcoin, the ransomware will send a code to unlock the phone or data.

While installing any app, make sure the app is downloaded from Google Play or App Store than from any third-party app stores.

Phishing attacks

A social engineering attack often used to steal user data, including login credentials and credit card numbers is called Phishing.

It occurs when an attacker fools the victim into opening an email, instant message, or text message by acting as a trusted entity.

User can play smart by not clicking any unfamiliar email links. Always enter URLs manually as much as possible.

SMS –based Attacks

From the email world, the phishing has evolved into the SMS world. You get SMS texts and links that you are asked to open to authenticate certain information. To any novice user, the links and the sender would seem genuine. However, clicking on these links can make your device vulnerable to the attacks, and in turn, give away your confidential information. This is a developing security threat for your mobile device.

Botnets attack

A botnet is just a short form for the terms “robot” and “network”.

A botnet is a number of web-connected devices, each of which is running one or more bots. Botnets can be used to perform distributed refusing of service attack (DDoS attack), send spam, steal data, and allows the attacker to access the device and its connection.

A botnet attack firstly requires creating numerous botnets or a botnet army. Once the attack is initiated, these botnets are used to send network/Internet-based requests to the target system in a large quantity. These requests can be in the form of bulk email messages to simple ping messages. The attack can slow down the network/server, making it busy or unable for others to access it or temporarily freeze the server.

Distributed denial of service (DDOS) is a common example of a botnet attack that utilizes a number of botnet devices to send a large number of simultaneous requests/packets to the targeted system.

Installing effective antivirus/anti-malware software can protect your device from such attacks.

User & Device Authentication

Most mailing apps have provided the user & device authentication, which has allowed the user to store passwords, and their data on the devices. If the device is stolen, your authentication and the data will be at risk. This is one of the major threats to mobile devices, as they contain our valuable personal pieces of information.

The smartphone is a device that blurs the boundaries between professional and personal life and the users are up to three times more likely to be the victims of mobile threats. Safe browsing, identifying suspicious files or phishing emails, ensuring safe data access at public Wi-Fi networks, safe downloads are some of the important tips that a user must be careful about. Other than these security measures, several mobile security software is available to download from Google Play and App Store to ensure safety in your mobile devices.

Understanding these common security threats and implementing recommended solutions can help you protect data in your smartphone.

Habeeb Rahman

Performance Testing using JMeter

If you’ve ever done performance testing on a website, you know that there is not really an effective way to manually create enough load on that website.

Getting actual users to execute web application operations over and again is nearly impossible. For that, we need virtual users that can open multiple connections in parallel.

When bulk users attempt to access a website (say commercial websites) at the same time, there are high chances that the website suffers slowness and poor usability. Speed is one of the most important attributes of an application. A slow running application will lose many of its potential users.

Performance testing is done to ensure that the web application performs well under their expected workload.

Performance Testing using JMeter

In today’s competitive world, support for features and functionalities are not the only priority, the speed with which the website responds is also of great concern. The goal of performance testing is not to find bugs, but to eliminate the performance bottlenecks. A web application attributes like its response time, reliability, source usage and scalability do matter a lot. So, in order to test different aspects of a web application, we must test it in different ways. Different performance testing types are as follows:

Different Types of Performance Testing

Load

Load testing is performed to determine how a system behaves when multiple users access it simultaneously.

Stress

Stress Testing is done to ensure that the system would not crash in difficult situations.

Endurance

Endurance testing is done to evaluate how the system behaves when a significant load is applied over a long period of time.

Spike

In Spike testing, the web application is tested with extreme increments and decrements in the load.

Volume and scalability

Volume testing describes the ability of an application to handle additional user loads without affecting the performance. Scalability test is done to find the minimum and maximum loads at software, hardware and database levels. This gives the idea that the system is scalable after a load.

There are many robust testing tools available in the market that are capable to handle the various types of performance testing. Few of them have become the industry standard. The recent trend shows that most of the big players in the industry have taken tools like JMeter for all their performance testing needs.

jmeter

JMeter

Apache JMeter is a load testing tool that is based on Java. This open source software is used for testing the performance of most of the web-based applications. Performance is an inevitable factor for both mobile and web application as the user strength is very huge.

Advantages of JMeter

  • Open source and built in Java platform. It is highly extensible and platform independent.
  • User friendly- JMeter has got comprehensive GUI and it can easily create a test plan and configure the elements.
  • Support- Basically JMeter is designed for performance testing. But it can also be used for non-functional testing such as stress, distributed and web service testing by creating a test plan.

JMeter provides support for protocols such as FTP, SOAP, JDBC, HTTP

  • Documentation- Because of its robust documentation, user can have a clear idea on every step starting from the installation and configuration of test settings and generating the final report.
  • Recording- JMeter allows the user to record HTTP or HTTPS to create test plan using the recording facility. It uses a proxy server that allows JMeter to watch and record user actions while the user browses the web application with any normal browser. Once the recording is complete, we enter the number of threads, time and Start test. It is advisable to use the Non-GUI mode of JMeter if the user count is large.
  • Reporting- JMeter supports dashboard report generation. These reports help the user to understand test execution results.

Installation of JMeter

 Before installing JMeter, it is essential to check that Java is installed in the system. JMeter is a pure Java desktop application. It needs fully compliant JVM 6 or higher to perform its tasks. User can download and install the latest version of the Java SE Development Kit.

The latest version of JMeter available is JMeter 5.1

JMeter can be downloaded from the official website Apache.

From this website, user can download JMeter PGP or zip file under the Binaries section and then unzip the zip file into the directory where JMeter is to be installed. JMeter directory structure includes the following directories and files.

  • Bin: holds JMeter script file to start JMeter
  • Docs: holds JMeter documentation files
  • Extras: related extra files
  • Lib: holds the required Java library for JMeter
  • Lib/ext: includes core jar files for JMeter and its protocols

A test plan is stored in XML format.

Elements of JMeter

Thread Group

Thread group is the collection of threads. Each thread represents 1 user using the application under test. Basically, each thread simulates 1 real user request to the server.

elements of Jmeter

Samplers

Samplers indicate which type of request is sent to the server. It can be HTTP, FTP, JDBC requests.

Listeners

Listeners display the result of test execution. It can show the result in different formats such as tree, table, summary report, log files and graphs.

Configuration Elements

Config elements in JMeter are used to configure the sampler requests sent to the server. Commonly used config elements are CSV data set config, HTTP Cookie Manager, Login Config Element HTTP Request Defaults and FTP Request Defaults.

Assertions

It is used to validate the response of the request that the user sent to the server. Here user can verify the expected result with the actual result. If a user wants to check assertion of a sampler, then assertion must be added as child of that sampler. User can view Assertion result by adding Assertion Listener to the thread group.

Testing in non-GUI method

In non-GUI mode, JMeter can handle more requests per second. Increasing threads after a certain limit will result in JMeter crash in GUI mode. The following command is used to run the test plan in non-GUI mode.

jmeter -n -t <test JMX file> -l <test log file> -e -o <path to output folder>

Report Generation

A result log file can be generated in CSV or JTL format after running the load test.

Hope this article gave a real insight into the importance of performance testing in today’s web world and how modern testing tools like JMeter helps you to execute performance testing efficiently.

Happy Performance testing!

- Sneha Mohan

5 Trending React Native UI Components in 2019

Every software companies always tend to have an increasing interest in cross-platform applications since they have dramatically reduced the amount of resources required to build mobile apps.

React Native applications stands at the top when comes to cross-platform apps.

React native UI components

React Native has tremendous possibilities in designing the user interface of an application.

The main time-consuming process for building an app is its user interface. Many third-party libraries and UI toolkits are now available to help you build next level react native application.

Let’s see some possibilities of React Native UI designs.

1.NativeBase

NativeBase is the most popular and widely used library. It provides a wide range of cross-platform UI components for react native.

Nativebase is 100% open source.

One of our main goal with NativeBase 2.0 is to make it easy to theme the components with very little changes to the components themselves.

Nativebase are built with blocks called components. The Components are constructed in pure React Native platform along with some JavaScript functionality with a rich set of customizable properties. They are constructed in pure React Native platform along with some JavaScript functionality with a rich set of customizable properties. These components allow you to quickly build the perfect user interface.

Native base UI components

Building a button using normal react native code on left and with NativeBase on right

NativeBase includes components such as anatomy of your app screens, header, input, buttons, badges, icon, form, checkbox, radio-button, list, card, actionsheet, picker, segment, swipe-able list, tabs, toast, drawer, thumbnail, spinner, layout, search bar etc.

Each of these components in NativeBase is made with a better version of the same component in its native part.

After finding out about NativeBase we found ourselves using it in every app we develop.

For example, we used it in various screens in Referr app, a mobile application that helps users to win points and gift cards by recommending local businesses to their friends and family. Titles of every screen were made with NativeBase  { Header, Title }. This helped us in saving a lot of time and effort.

React native UI Referr app

We use NativeBase Header component in Referr to make a better feel in UI and to reduce time and effort.

 2. React Native Elements

 React Native Elements is another cross-platform react native UI toolkit. It is completely built in Javascript and is very much easy to use. React Native Elements also supports Expo. Every component in react native elements is customizable. You can change the basic colour, size, fonts etc. for each component.

React native elements component

With React Native Elements, coding becomes much simpler. If you want to create a button component, it is as easy as the below code.

 import { Button } from’react-native-elements’;

 <Button

     title=”Solid Button”

/>

React Native Elements also gives a wide collection of icons. It has all the social icons that a developer needs in the current scenario.

 3. React Native Material UI

 React Native Material UI provides highly customizable material design components for React Native. To make more customized components, React Native Material UI is using a single JS object the uiTheme. By default, it is a light theme that can be changed easily.

React native material UI

Installing React-native-vector-icons helps to unveil the full potential of React Native Material UI.  React-native-vector-icons has wide support for icons. It helps to easily change the primary colour of the application.

 4. UI Kitten

UI kitten react native UI component

React Native UI Kitten is a mobile framework with a set of easily customizable elements. Despite there are a lot of standalone react-native components nowadays, there are not so many frameworks that offer you a wide set of commonly used components as a single dependency with similar UI design.

For instance, in Web Development there are CSS frameworks like Bootstrap that allows you to add dozens of nice-looking elements. You can also style them according to your corporate guidelines by just changing variables.

UI Kitten framework attempts to fill this gap.

All components are flexible and can be customized. It aims at boosting your mobile application development and allows you to focus on business logic instead of view composition. It helps you to bring your MVP to life in a shorter period of time.

Using React Native UI Kitten you will be able to create style configurations of components that you use the most (buttons, inputs etc.). These styles can be reused then in the process of development. Configure them once and use anywhere!

For example, below code showcases how to build a button using UI kitten.

import{RkButton }from’react-native-ui-kitten’;

 render( ) {

  return(

    <View>

       <RkButton> Click me! </RkButton>

    </View>

  )

}

 5. Nachos UI

Nachos UI kit

 Nachos UI is a React Native component library. It has almost 30 customizable UI components. Nachos UI Kit is coded with Avocode which is a fully featured tool to share, hand-off and inspect Photoshop and Sketch designs.

Nachos UI also works on web with the help of React Native Web. It also has Prettier which is an opinionated JavaScript formatter. It also uses Jest Snapshot Testing. Nachos UI is so easy to use. For example, let’s look into an example of building a simple slider.

 import { Slider } from ‘nachos-ui’

 const Example = ({ value, handleOnChange })  =>  {

  return (

   <Slider

       value = { value }

       onValueChange = { handleOnChange }

   />

   )

 }

Conclusion

For every developer, his main aim is to build his application with impressive UI in a limited time frame. When I stepped into React Native, a most difficult milestone for me to pass was to build the user interface for an application. Because this took me a lot of time and effort to offer my client an effective solution with a mind-blowing interface. But now, with these predefined and customizable UI components, the styling of the user interface is made a lot easier. I suggest you should try at least one of these UI components in your next project.

Sharoon Shaji

 

What are the advantages of Kotlin over Java?

Kotlin vs java has been one of the hot topics of debate for the last few years.

Ever since Kotlin was released in February 2016 programmers have been having doubts about which language to use for Android development.

Kotlin vs Java

Java has been around for a very long time. It is being used by millions of programmers worldwide but had some minor drawbacks. Then Google introduces a new language specifically for android which is said to be better than Java.

Last year, Kotlin has been made a ‘first class’ language for Android development by Google in addition to existing support for Java and C++. The impact of Google’s decisions for adopting Kotlin can be seen from GitHub’s findings.

The number of GitHub notes and contributors using Kotlin for projects has more than doubled over the last couple of years.

I’ve been making android apps using Java for about 4 years now and, I learned Kotlin just three months ago. While making an app in Kotlin, I quickly understood that there are many advantages of using Kotlin over Java.

Advantages of Kotlin over Java

Readability

Comparing to Java, Kotlin has more readable and precise code which makes it easier to understand the program. After a small learning curve, a Java developer can easily understand how to write Kotlin very quickly.

After learning Kotlin I observed that it needed much less code than Java as shown below

Java

Java readability

Kotlin

Kotlin Readability

As we can see, Kotlin reduces boilerplate as compared to java. Now, boilerplate refers to those codes which must repeat lots and lots of times and which do not serve any purpose to the functionality of the application. Kotlin has been designed in a way that it eliminates the need for boilerplate code.

Kotlin requires fewer lines of code as compared to java.

In Java, we must create references for views using findViewById. In Kotlin, that is taken care of automatically, therefore, reducing the lines of code drastically. That makes it easier for a beginner to learn Kotlin.

Null-Safe

Null pointer exceptions also referred to as “The billion-dollar mistake”, is one of the most common errors that cause apps to crash if you are using Java.

Kotlin is null-safe by default. It does not allow variables to be assigned with a null value. But in Java, we can assign null values to variables and, it may lead to null pointer exception that may crash the application.

Using Getters and Setters

In Java, we have to use getter and setter functions for receiving data from variables in the modal classes. Model classes are just used for holding data. We can use the getters and setters for accessing the data from model classes.

Using getters and setters

In Kotlin we don’t need all those getter and setter functions. We can access all the data’s using the variable name itself. See the example below.

Kotlin getters and setters

This modal class in Kotlin only has to define the variables instead of also defining the getter and setter methods. While comparing the above two images, we can clearly see that Kotlin uses less code as compared to java.

Interoperability

Kotlin language is interoperable. This means that both Java and Kotlin are somewhat similar and we can use java commands and Java libraries in a Kotlin project.

Since Java is still being used by most programmers, Kotlin has been made to be interoperable. It can be used with existing Java classes and won’t cause any errors. The compiler will allow the code containing the Java and Kotlin classes to work flawlessly.

Because of this feature, developers can transition from Java to Android with ease.

Immutability

An immutable object is an object whose state cannot be changed once it is created.

In Kotlin variables are defined using val or var to help developers easily understand which values can be reassigned.

Using val in our code makes it super clean and will be able to safely assume that the properties will never be changed and that they will not be null. The benefit is that it allows you to just get on with the project at hand.

Conclusion

I can confidently say, Kotlin language is far better than Java for Android development as it takes care of the drawbacks Java has. Moreover, the transition from Java to Kotlin is easy and anyone who is interested in programming can make good progress within a short span of time.

- Benedict Thomas

Top 7 UI Trends in 2019

In today’s digital world, it is essential to create websites and mobile apps that enhance your brand identity, boost customer engagement and drives more traffic for your business. The customers expect a lot many things from brands and one of them is great user experience. We need to understand the customer’s preferences before we start designing our product.

The product should be user-friendly, easy-to-use and efficient. It should be neat and interactive. Your page design, logo design, navigation, and colour selection should be well researched and user engaging.

It’s important to leverage the UI designing trends that keep changing at frequent intervals. The competition bar has raised and mere updating your apps and websites bi-annually will not take you to a favourable position.

So, here are some latest trends for designing the UI that you can follow to remain ahead in the race.

Top 7 UI Trends in 2019

1: Gradients

We can see them everywhere; in illustrations, UI elements, and text. We love gradients because they add realism and depth to the platform, the way we see everything in real life. That probably explains why elements with gradients feel more natural.

Top 7 UI trends in 2019

The gradient designs also provide scope for performing creative colour experiments on the layout of the mobile apps, in an attempt to make them vibrant and eye-catching. Next year will probably bring us many more apps and websites with bold colours and gradients mixed with transparency.

2: Typography

Typography is one important factor that helps us to make the best UI. There is a trend of using big “headings” with gigantic fonts in combination with a little bit of smooth animation. Even if there is only a little content, it will catch the attention of eyes.

Today, UI designs for mobile apps seem to be incomplete without adding some bold typography as it is a key factor that contributes to holding the users’ attention. The typography trend works great with creative experiments that require a mix of elegant fonts with catchy taglines. Here are some examples of the same:

•       Text content that is visually integrated into creative images.

•       Addition of animated typographic elements.

•       Using interfaces based on typography as the core visual elements of a UI design.

3: Illustration and animated graphics

Illustrations are one of the most powerful tools in a designer’s toolbox. Well-crafted illustrations allow designers to convey pretty complex ideas without using too many words. So, when users see illustration, they can understand the concept in a glance.

An enjoyable illustration can give websites or mobile apps their own personality, thus making them more memorable.

Micro-animations help customers distinguish elements on the screens they are going to interact with. After an event takes place, feedback performs an important task in assuring the user that the intended action has actually happened.

This, in turn, brings users a better experience. Additionally, to make these pages stand out, these illustrations often come to life with complex motions.

4: AR

In 2019, web design trends will all involve thinking outside the box, or rather, the grid. We need to forget UI fixed to screens. Instead, we should emphasise interactions which feel like they take place within the real-world environment. Google and Apple have already introduced their own AR development platforms, ARCore and AEKit, that blend the physical and digital worlds.

Designers will need to go beyond screen-only interfaces to include physical interactions. Augmented Reality has ushered a new era in user interface design, a new way of thinking.

AR one of the top UI trends in 2019

5. Voice User Interface

The popularity of Alexa and Google Home can’t be undermined. They are the new norm, as they become users’ go-to medium to seek nifty information, get entertained and even control their routine tasks. The navigation-less, button-less and menu-less experience seems so intuitive to a user that 40% of adults now use voice search once per day!

This makes it clear — voice search is not the future. It’s already here and will only become more prevalent in 2019. Voice interactions are slowly but fundamentally changing the way we interact with interfaces.  Instead of relying on touchscreens, mice and keyboards, users are steadily accepting the hands-free way of doing their everyday tasks.

Smart home speakers have already found their place in the hospitality industry, automobiles and large enterprises. The convenience of having an always-on machine that helps you do your digital tasks will not only aid the visually impaired but also introduce a unique way for illiterate users to access the web, in years ahead.

6: Parallax Scrolling & Fixed Navigation Bar

Parallax scrolling is a website trend where the background content is moved at a different speed than the foreground content while scrolling. Parallax Design is a newer element which is being used by several designers in their designs. It involves creating a visual setting in which the object appears moving, or it appears different when viewed from different angles. This type of design is even possible with video and multi-layered parallax.

Fixed Navigation is helpful for users. When they scroll down a website, the navigation bar will be still visible to users and, it will help them to move to another webpage if they like to.

7: 3D graphics

The mass market currently has little demand for this technology and 3D graphics seems a bit unusual for websites. Nonetheless, 3D elements rendered specifically for a platform get a place in this year’s UI trend list.

It is added at the end of the list because, the production cost of 3D elements is not only higher, they take a longer time to load on a screen.

Nobody loves waiting. Users expect platforms to load in an instant. Any element that adds more time to the user journey meets with frustration.

The good news is, we don’t have to give up entirely on 3D elements. Faux-3D lets objects look three-dimensional. The downside is, they are not completely convincing regarding light and shadow.

The change in the design-first approach

The design-first approach for digital products became a primary attribute this year.

Why?

These designs should improve people’s lives and help businesses to meet their goals.

Most phones have lost their borders and have rounded edges, bezel-less displays or notch displays. That changes their interface quite a bit. It will pose challenges for designers to use sharp-edged elements in their mobile UI and app design.

In 2019, the trends prioritise speed, simple page designs with asymmetrical layouts, and most importantly, a mobile-first approach.

It is more likely that these trends will also change in the coming years as the main platform(mobiles) will be having major changes in layout and sizes.

- Vishnu Anilkumar

Top 10 vulnerabilities in web applications and how to tackle them

Before we begin with the vulnerabilities in web applications, it is good to know there are several open communities like OWASP that are always looking out for vulnerabilities and are dedicated to resolving these vulnerabilities. Open Web Application Security Project (OWASP) is an open community dedicated to enabling organizations to develop, purchase, and maintain web applications and APIs that can be trusted.

Vulnerabilities in Web applications and solution

Now let us check the top 10 vulnerabilities in web applications and how to tackle these vulnerabilities.

1) Cross-Site Scripting (XSS)

It is a very common application-layer web attack. XSS targets scripts embedded in webpages that are executed on the client side (i.e., the scripts run on the user’s web browser). XSS is a threat for client-side scripting languages like HTML & JavaScript. It works by controlling the client side to work as desired by the attacker. Such an attack may, for example, use a script to run every time page reloads or on any other events.

XSS is mainly used for tampering and stealing user sensitive data. XSS usually targets the user and not the application.

We can prevent XSS by separating untrusted data from active browser content. We can also use frameworks like React JS or Ruby on Rails that automatically escape XSS by design.

2) SQL Injection

It’s an application security weakness that allows the attackers to alter the data in the database or just read confidential data such as a password. The vulnerability occurs when we enter untrusted data to the database from web forms or when it is part of a SQL query.

Web applications use SQL query to communicate with the database. SQL injections occur when the application fails to validate the data in a SQL query (from web forms) and hence, an attacker can trick the database to execute unexpected commands.

Using LIMIT and other SQL controls within queries are a way of tackling injections.

3) LDAP Injection

This is similar to SQL injection. Here also, the attacker place codes in user input fields to gain unlimited access. It may lead to information theft, browser or session hijacking, defacement of the website or even other problems.

LDAP (Lightweight Directory Access Protocol) injections work by inserting harmful codes to client provided data in LDAP statements. If a web application does not properly validate the input fields, attackers can construct LDAP statements which execute with user permission. Such queries can modify or delete anything in the LDAP tree and cause disastrous results.

To handle these injections, it is advised to use safe API, that avoids interpreter entirely and provides a parameterized interface, migrates to use Object Relational Mapping Tools (ORMs).

4) Cross-Site Request Forgery (CSRF)

Usually, a website sends an application a request that a user is authenticated from another website. An attacker can use this to access data and functionalities of the web application as the browser is already authenticated using the user’s credentials. Attackers may use XSS to defeat CSRF defence the application might employ. So, avoiding XSS will prevent these types of attack to some extent.

5) Insecure cryptographic storage

It occurs when sensitive data is not stored securely. Make sure all sensitive data are encrypted while storing & secured key management must be adopted.

Use a good encryption algorithm.

Make sure you do not use cryptography of your own since you can never predict whether it is secure or not. Do not ship or deploy with any default credentials, particularly for admin users.

6) Broken Authentication

Broken authentication happens when application functions related to authentication and session management are often implemented incorrectly, allowing attackers to compromise passwords, keys, or session tokens, or to exploit other implementation flaws to assume other users’ identities temporarily or permanently.

Practice implementing multi-factor authentication for web applications to prevent automated, credential stuffing, brute force, and stolen credential re-use attacks.

7) Sensitive Data Exposure

Many web applications and APIs do not properly protect sensitive data such as financial, healthcare, and PII (Personally Identifiable Information). Attackers may steal or modify such weakly protected data to conduct credit card fraud, identity theft, or other crimes. Sensitive data may be compromised without extra protection such as encryption at rest or in transit and requires special precautions when exchanged between browser and server.

We can prevent such situations by applying controls as per classification. Classify data stored processed and transmitted by an application.

Don’t store sensitive data unnecessarily. Discard it as soon as possible or use PCI DSS compliant tokenization or even truncation. Remember, data that is not retained cannot be stolen.

8) XML External Entities (XXE)

Many older or poorly configured XML processors evaluate external entity references within XML documents. External entities can be used to disclose internal files using the file URI handler, internal file shares, internal port scanning, remote code execution, and denial of service attacks.

Points to keep in mind are, whenever possible, use less complex data formats such as JSON and avoid serialization of sensitive data.

Also, patch or upgrade all XML processors and libraries in use by web applications or on the underlying operating system. Use dependency checkers. Update SOAP to SOAP 1.2 or higher.

9) Broken Access Control

Restrictions on the privileges of authenticated users are often not properly enforced. Attackers can exploit these flaws to access unauthorized functionality and/or data, access other users’ accounts, view sensitive files, modify other users’ data, change access rights, etc.

The possible solution to overcome this problem is to implement access control mechanisms once and reuse them throughout the application. Also, Minimize the use of CORS.

10) Security Misconfiguration

Security misconfiguration is the most commonly seen issue. This is commonly a result of insecure default configurations, incomplete or ad hoc configurations, open cloud storage, misconfigured HTTP headers, and verbose error messages containing sensitive information. Not only all operating systems, frameworks, libraries, and applications should be securely configured but also, they must be patched and upgraded in a timely fashion.

We can avoid this by checking none of the default accounts credentials is the same.

The aim of this article is to give a good insight into common flaws that can lead to modern data breaches and could make web applications vulnerable to various attacks.

As the saying goes “Prevention is better than cure”, proactive and defensive security steps must be adopted beforehand than making it a practice only after a security breach.

- Bharath Varma

AlignMinds Technologies Recognized in Clutch’s Research of Indian App Developers

AlignMinds rating on ClutchMost of the successful mobile applications have a lot in common. They are popular, profitable, sustainable and provide greater satisfaction and usability to the end user. This is why the best developing firms in the industry are treating application development as a comprehensive solution rather than writing a few sets of code.

Our years of experience working as an enterprising technological partner for various industry leaders has helped us to recognise this fact a long time ago.

We chose to have an integrated approach to every problem in hand. It has enabled us to offer solutions to all type of projects suitable for businesses from small startups to the largest enterprise corporations. We use the latest technologies to create a ​tailored user experience​ for all the application development needs.

It is nothing but our confidence in our ability that helped us to reach where we are now.

Our main focus is on creating the best apps out there. We pride ourselves on our best-in-class mobile app development team. They always come up with innovative solutions that are disruptive to the industry.

EMS2GO

EMS2GO is  a pickup and delivery app developed by our team for the Postal Corporation of Kenya

With that said, we are very excited to announce that Clutch, a top B2B ratings and reviews platform, highlighted our firm in their in-depth analysis of industry leaders! Clutch evaluates companies using different parameters like client satisfaction rates, overall ability to deliver service, and brand strength.

We are also featured among the top ​IT outsourcing companies in India based on these strict criteria.

Clutch has done excellent work for us in gathering and documenting in-depth customer reviews.  They helped us to receive a perfect 5 out of 5 stars review recently on Clutch!

AlignMinds on Clutch

More than the ratings it is the result of such collaboration that led to the success of the business for our clients that is making us feel fulfilled.

A part of the reasons for our success is that we always dive headfirst into every project, establishing goals and timelines in real-time with hands-on experiences that allow us to solve issues quicker. The above review is proof that our unique way of offering solutions to a problem is really helping our clients by turning their business into a success. It has also helped us to be one of the best outsourcing companies in India.

We also try to stay ahead of the competition by being dedicated to each project, providing front-end, back-end, and in-house developers on sight, ready to create the user experience best suited for our clients. It is our goal to showcase our entire repertoire of skills so that our clients know that we have their best interest at heart.

In addition to our feature with Clutch, we have also been profiled on their sister site The Manifest, as one of the ​top cloud consulting companies in India in 2019. The Manifest is a business news and how-to-website that compiles and analyzes practical business wisdom for innovators, entrepreneurs, and small and mid-market businesses.

We have also been featured as one of the top​ web developers on Visual Objects, which is an online portfolio website that helps firms expand their reach.

We like how Clutch is helping us by accelerating the pace of our growth. Through their continual acknowledgement and recognition of our services, they are helping us to solidify our spot as a top mobile app developer in India.

We cannot express enough how proud we are to be named as one of the top Indian development companies for the year 2019.

This is truly inspiring for a firm whose goal is to continue to grow and expand as the year continues.

What makes Kotlin the fastest Growing Language?

Kotlin is an open-source, statically-typed language primarily developed by JetBrains programmers based in Saint Petersburg, Russia. Statically typed programming language means Kotlin performs type checking at compile-time as opposed to run-time.

kotlin

Java was once among the most popular, most favourite programming language, however, looking at the limitations and errors caused by Java, developers required a desperate rescue. That’s when the JetBrains developers created Kotlin which proved to be much more efficient than Java. Kotlin has advanced benefits in terms of reliability, efficiency, runtime performance and maintenance when compared to Java, yet fully interoperable with Java, provides seamless integration with Java frameworks and libraries, and support backward compatibility. Kotlin also boasts about the fact that fewer lines of code are required to solve a problem resulting in clean, concise, easy to write and understand the code. Kotlin is developed just recently and is already gaining popularity among developers. Kotlin is becoming a strong competition to Java. The common issues that are a cause of frustration to Java developers are well covered in this young rival.

In May 2017, Kotlin was named as the official language of Android by Google. The team just decided to name it after an island and that’s why the name Kotlin (from Kotlin Island, near St. Petersburg).

Stack Overflow says that Kotlin is becoming developer’s favourite programming language and is outranking languages like Python and JavaScript. According to some survey reports, around 80% of Kotlin developers are using Kotlin as a programming language, around 30% use it for Backend/server-side applications and another 30% use it for SDK/libraries.

Coursera, Atlassian, Basecamp, Pinterest, Keepsafe are already using Kotlin in their mobile applications.

 

What makes Kotlin the fast growing language?

  1. Concise – This is the biggest advantage of Kotlin over other programming languages that you can solve the same kind of problem using fewer lines of code with a reduced number of bugs and crashes. Also, it makes the code more readable, easy to make changes and to maintain.
  2. Safe – Kotlin helps developers write robust and stable code. Kotlin’s smarter and safer compiler detect errors at compile itself and perform lots of compile-time checks reducing runtime errors.
  3. Interoperable – Kotlin is fully interoperable with Java. The existing codebase can interact with Kotlin and all existing libraries in Android can be used in Kotlin as well.
  4. Better Productivity – As it requires lesser lines of code, results in better productivity.

There are other lots of features in Kotlin that will speed up the daily development tasks.

kotlin2
Kotlin has undoubtedly won the heart of developers and has become a highly competing programming language. As it is open source and bring all advantages of a modern programming language into the Android platform, it is a great fit for Android developers. Migrating to Kotlin will really be a piece of cake for them. With all the cool features of functional programming, Kotlin is only getting brighter and better in Android community, however, only time can tell whether the popularity achieved by Kotlin in Android community can be achieved in other communities.

- Susan B John

 

« Older posts