Overview
Ports are an integral part of international trade representing 90% of the entire world supply chain. A major problem in marine logistics is port congestion which occurs when ships arrive at a port and have to wait to load or unload because the port capacity is full.
As the NCBFAA, the National Brokers and Forwarders Association of America, explains:
“The result is chronic gridlock at many ports. Ships are stranded offshore for days, even weeks, waiting to unload. Containers are buried in enormous stacks in clogged terminal yards. Trucks wait in line for hours (up to eight or nine hours in some cases) to pick up a single container. And customers throughout the country experience shipment delays lasting weeks.”
There are no quick-fix solutions, but there is an opportunity to develop innovative technology solutions to remove friction at every point of intermodal equipment interchange and ease the congestion.
Challenge
Blood & Treasure was commissioned to build a mobile software solution for eModal, the world’s largest port community system, that would provide greater visibility for pre-arrival transactions at marine terminals, including the ability for app users to contribute details to the trip transaction prior to executing their terminal visit.
The brief called for both iOS and Android applications to include the following functionality:
- Login/Register new account
- Users can only access app features if they accept the Terms and Conditions (available via an API endpoint)
- Include support for all Android phones released in the U.S. market in the previous 2 years
- Functionality and UI to look and work similarly across iOS and Android
- Integrate with eModal’s backend portal via RESTful web API
- Integrate push notifications
- Implement eModal advanced analytics as specified by the client
Development & Implementation
The client provided design mocks with task analysis and developer sprints managed in Pivotal Tracker.
Any timestamps sent or received from the server as part of the API calls had to be in UTC. But before displaying them to the user in the app UI, the app needed to locally convert them to whatever timezone the user had specified in their device setting.
The biggest challenge was working with a RESTful web API that did not depend on OAuth authentication, yet was still secure and easy for people to use.
Briefly, we saw how plain-text or weakly-hashed anything left data open to being sniffed in transit. We looked at how Amazon Web Services arranges things without depending on OAuth by basically implementing a unique HMAC (hash) for requests to the server.
The HMAC method creates a unique hash out of the arguments using a private key that only the client and server know - when the hashes match, the requests can be processed with reasonable assurance of trust.
Results
Our team completed the project under a very tight deadline of 120 hours, fully tested and approved on the Google Play and Apple App stores in plenty of time for the public launch.