How to Build a High Performing and Reliable Mobile API Ecosystem
September 11, 2017

Shlomi Gian
PacketZoom

Application Program Interfaces (API’s) represent an effective way to build and manage mobile services. By using APIs — a set of routines, protocols and tools for building software applications — application developers no longer have to buy technology software or hardware. Instead, they can simply plug into a growing open ecosystem of API-driven services. It is simple to integrate, and saves time and money for new developers.

There are countless mobile API-based services. From authentication, ads and payment APIs to price comparison and reporting API based services. The availability of these APIs made mobile app development much simpler, but this simplicity comes with a price.

Unlike images, game assets, videos and other type of static content, APIs are dynamic in nature and their content cannot be cached at the edge of the internet to increase download speed. Often times the result of an API call is customized per user profile, its location and the activity he/she is trying to accomplish. A user searching for a Mexican restaurant in downtown San Francisco will get a unique (non cacheable) search result.

There are three main challenges with existing API configurations that directly impact any mobile app performance:

Response Time
Since API responses are usually personalized, its content cannot be cached by the CDN. Some of the responses could be sizeable and include dozens of images that will have to be downloaded on a slow mobile connection. This impacts the API response time and eventually the mobile app.

Reliability
Mobile networks are less reliable than wired networks with Packet Loss and error rates that are 10-20 times higher. This affects not only the app API response time but most importantly its failure rates. Mobile developers have to factor into their code fail conditions and a proper way to handle each one of them, which can complicate things.

Server Load
There are two sources for high server load: (A) Failed transactions due to network error will usually follow by API call retry, keeping the server busier than it should be; and (B) API calls over slow connections means that the server has to keep connections open longer, consuming more resources than needed.

How could mobile developers mitigate the risk when using APIs?

While caching is not possible, one could accelerate an API call using a few techniques:

■ Protocol Optimization: By avoiding slow starts, backoffs and other TCP hiccups, downloading a sizeable API response could become faster. Traditional CDNs offer such an optimization in the middle mile for a premium price.

■ Routing Optimization: Speeding up access to the origin server API can be achieved through better routing of the request/response in the first and middle miles. Traditional CDNs can offer this for a premium price.

■ Persistent Connections: To avoid the “TCP handshake” overhead one could keep the connection open/warm and save a few round trips for each new request. This technique should be used carefully since overusing it will once again increase server load.

Unfortunately, since all the above techniques take place in a wired network (as opposed to the wireless link) the performance impact is marginally low while the cost (to various vendors) is not.

Most importantly, none of these techniques can be technically integrated with 3rd party APIs, unless the vendor operating the service is cooperating.

Shlomi Gian is CEO of PacketZoom
Share this

Industry News

October 06, 2022

Platform.sh announced it has partnered with MongoDB.

October 06, 2022

Veracode announced the enhancement of its Continuous Software Security Platform to include container security.

This early access program for Veracode Container Security is now underway for existing customers.

The new Veracode Container Security offering, designed to meet the needs of cloud-native software engineering teams, addresses vulnerability scanning, secure configuration, and secrets management requirements for container images.

October 06, 2022

Mirantis announced that Mirantis Container Runtime – latest generation of the Docker Enterprise Engine, the secure container runtime that forms the foundation of Mirantis Container Cloud and Mirantis Kubernetes Engine and is used at the heart of many other Kubernetes deployments – is now available in the Microsoft Azure Marketplace.

October 05, 2022

Perforce Software announced enhanced support for automated testing with the release of Helix ALM 2022.2.

October 05, 2022

Parasoft announced the latest releases of its API and microservices testing tools, including SOAtest, Virtualize, CTP, and Selenic.

October 05, 2022

Vaadin announced the release of four Acceleration Kits designed to make it faster and easier to build and modernize Java applications for enterprise use.

October 04, 2022

Pegasystems announced the latest release of Robot Studio, the robotic process automation (RPA) low-code authoring environment for Pega's intelligent automation platform.

October 04, 2022

EvolveWare announced the Agile Business Rules Extraction (Agile BRE) solution on its Intellisys platform.

October 04, 2022

Mabl announced new features that empower quality professionals to easily validate APIs as part of their integrated end-to-end tests.

October 03, 2022

Spectro Cloud announced a major new release of its Palette Edge platform.

October 03, 2022

Arcion announced agentless change data capture (CDC) for all of its supported databases and applications.

September 29, 2022

CloudBees announced the acquisition of ReleaseIQ to expand the company’s DevSecOps capabilities, empowering customers with a low-code, end-to-end release orchestration and visibility solution.

September 29, 2022

SmartBear continues expanding its commitment to the Atlassian Marketplace, adding Bugsnag for Jira and SwaggerHub Integration for Confluence.

Bugsnag developers monitoring application stability and documenting in Jira no longer need to interrupt their workflow to access the app. Developers working in SwaggerHub can use the macro to push API definitions and changes directly to other teams and business stakeholders that work within Confluence. By increasing the presence of SmartBear tools on the Atlassian Marketplace, the company continues meeting developers where they are.

September 29, 2022

Ox Security exited stealth today with $34M in funding led by Evolution Equity Partners, Team8, and M12, Microsoft's venture fund, with participation from Rain Capital.

September 29, 2022

cnvrg.io announced that the new Intel Developer Cloud is now available via the cnvrg.io Metacloud platform, providing a fully integrated software and hardware solution.