Category Archives: Thoughts

The Impact of AR on Retail

The Impact of Augmented Reality on Retail

Augmented Reality (AR) is a technology that allows overlaying digital content like images, videos and 3D objects onto the real world, thereby give the illusion of being a part of it. One of the most famous examples of AR is Pokémon Go, which overlays a virtual Pokémon (a 3D cartoon character) onto the real world. AR also offers tremendous possibilities outside of the Gaming Industry, especially in Retail.

The adage “Customer Is God” is a golden rule. It isn’t surprising, therefore, that any business that solves its customer’s problems effectively, gets rewarded with the customer’s loyalty, money, and trust. AR is fast becoming an invaluable tool in the hands of Retail businesses that aim to constantly impress their customer base and stay ahead of the competition.

……………………………………………………………………………………………………

Let’s look at some of the issues that concern the customers of this industry.

Customer Problems

With Online Retail:

  • High Time Consumption – Let’s say you order cloth from an e-commerce website. Typically it will take a few days for the product to reach you. You then gauge it on all the parameters that matter – size, color, texture, etc. If the product does not meet your expectations, you are likely to exchange the item, triggering the cycle to repeat.
  • Return Costs – If the business doesn’t bear the shipment cost of returns, customers are likely to pay for it.
  • Problems with large items – It requires a very vivid imagination to see how a new couch would look in a room. Will it look good with the rest of the furniture? Or will it even fit in the first place?

With Offline Retail:

  • Too much work – It takes a lot of time and energy going around dozens of stores and looking for the right items and then trying various permutations and combinations to check if they look well together.

With both Online and Offline Retail:

  • Un-try-able Products – Some products can’t be tried on. For example, It’s hard to imagine how a particular hair color would look on you, or if that dragon tattoo would be too much for you to carry.
  • Un-personalized Shopping Experience – Currently the preferences of a customer are unknown to the business. Consequently, the suggestions given to the customers are un-personalized and work on a hit-and-trial basis.
  • Hygiene Issues – Whether you have germophobia or otherwise, there is always a risk of contracting a disease owing to the dress being tried on earlier by an infected person.
  • It ain’t fun – Going from store to store, from one website and mobile app to another and trying on or imagining how every product would look like on you is an exhausting experience and is not fun for most. And in online retail, even after so much effort, one can never know if the product will turn out to be expected.

……………………………………………………………………………………………………

Let’s look at some of the issues that concern the businesses of this industry.

Business Problems

With Online Retail:

  • Shipment Costs – The trade-off between bearing the shipment costs of product-returns vis-a-vis making the customers pay for it is a tough choice for any business.

Doing Offline Retail:

  • Compensation for salespeople – Since the whole process is very manual, from the salesperson showing the items to the customer to making the sale, a constant involvement is needed.

Problems common to Online and Offline Retail:

  • Conversion Rates – Due to a lack of personalized suggestions and ads, and a tiring shopping experience, conversion rates of businesses are lower than they can be.
  • Brand Awareness – Extensive marketing is needed for businesses to create awareness of their brands, and it is invariably a very expensive matter.
  • Customer Acquisition – Customer Acquisition costs eat up a big portion of a business’s profits. These are mainly un-targeted advertisements having low conversion rates.

……………………………………………………………………………………………………

How AR helps solve these problems

Try And Buy Functionality:  AR can overlay any item onto the real world to make it seem like it is a part of it. Powerful Machine Learning (ML) algorithms can detect the face and body of a person in an image or even in real-time. An application using a combination of AR and ML can allow its users to try on a virtual version of any item they would like to buy, from the comfort of their houses. Another possible feature is the placement of virtual 3D models of furniture inside a user’s house. Such features will reduce the number of returns the buyer makes which helps save time and reduce the return.

Saves User’s Time and Energy:  as now they have the whole inventory of products available to them and they can try anything on with a click rather than manually trying every item on.

Eliminate Hygiene-related Problems: Trying items in this new way is much efficient and can be made as aesthetically appealing as needed, making the whole process a joyous experience for the user.

Increase Brand Awareness: Users can click a picture of them trying on an item and can share it on social media. This will lead to free marketing and increased brand awareness.

Automated Processes: For offline retail, the need for a salesperson is heavily reduced. A user will enter a fitting room with a screen instead of a mirror and a camera attached to the screen. Users can touch and select their choice of clothing from the screen and can try a virtual version of it instantly. If they like the item they can ask to try the real item on. Hence the need for a salesperson is reduced considerably.

Attracting Customers and Increasing Conversion Rates: A screen mounted with a camera-enabled with AR can show how someone standing in front of the mirror would look like wearing a certain item. Such a setup outside a retail store will attract flocks of customers who after seeing them trying on a virtual item would want to buy it if it looked good.

……………………………………………………………………………………………………

Things To Know Before Introducing AR Into A Business

Accuracy: An AR experience that isn’t accurate will not be useful for the customers or the business. For example, a user won’t like if the sunglasses they’re trying on, fits on their forehead instead of eyes, or if the virtual couch they are trying to place doesn’t rest on the ground properly.

Speed: An AR experience must be fast and lag-free. Long loading time and high latency always drive the user away.

……………………………………………………………………………………………………

If you have any queries in this field, talk to Mindfire Solutions. For over 20+ years now, we have been the preferred Software Development Partner of over 1000+ Small and Medium-sized enterprises across the globe.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
DevOps

The Impact of DevOps Adoption on Teams

Companies operating in the field of software development have ushered into an era of stiff challenges and expectations, unprecedented till now. Possessing the qualities of agility, accuracy and speed simultaneously are becoming imperative for survival rather than a means of maintaining a competitive edge. Under the circumstances, a DevOps culture provides a flexible, efficient approach of standing up to the demands. It does so by following a model that delivers results leveraging the dependencies that exist between the software development and operations aspects of software delivery. It balances responsibilities more evenly than in a traditional waterfall model, where developers simply turn completed code over to those in charge of operations. DevOps also establishes procedures to ensure that all team members have insights into application performance, which provides benefits such as greater collaboration and engagement between team members.

……………………………………………………………………………………………………

Improved Collaboration

Traditional software development happens in phases. There are teams mapped to each phase and each team is entrusted with the responsibility of playing its part in the successful completion of the phase it is involved in or responsible for.  The result of this approach is that the ownership of a team gets too confined only to the successful execution of the part it deals with. Thus, each team tends to be most concerned with achieving its own objectives instead of meeting the organization’s ultimate business goals. As long as projects get executed successfully, the fissures that exist beneath do not come to the forefront. It is only in the moments of crisis that the lack of synergy becomes apparent and sometimes takes gigantic proportions resulting in the partial or complete derailment of projects.

DevOps neutralizes this possibility completely. The approach requires all team members to be equally dedicated in meeting the broad goals while also focussing on their individual ones. This leads to improving collaboration between people across the development and operations teams. This model eliminates the possibility of working in silos. Members across teams remain fully committed to the software throughout its development life cycle to ensure that their project’s overall goals are met. Accountability for successful delivery lies with all. This compels employees to get more involved in working together.

More Engagement

One of the primary goals of DevOps is to shorten the development life cycle while still delivering software that meets business objectives. The shorter development cycle essentially means a higher frequency of code releases followed by exposing these releases to scrutiny for the detection of bugs within the code, infrastructure and configuration. The pace at which things get done is brisk. There are no slack periods for teams anymore waiting for their phases to begin. All this brings about a high degree of engagement for all the members involved in a project. And it can be intense at times. The results are equally impressive. Industry reports have indicated that the failure rate of organizations with a DevOps culture is 60 times lower than those that don’t.

Higher Efficiency

DevOps uses a workflow that emphasizes on continuous delivery (CD) and continuous integration (CI). The efficiency that gets infused results in software getting delivered faster and with a higher frequency. Automated testing and integration tools are also key elements in DevOps practices. It makes the IT staff more efficient by eliminating the need for them to perform repetitive tasks. Developers no longer need to wait for code integration processes to complete, which can otherwise get quite time-consuming.

DevOps platforms offer opportunities for improving efficiency and increasing the predictability of cloud-based solutions like Azure and Amazon Web Services (AWS). These platforms use a scalable infrastructure to reduce testing and deployment times by increasing available hardware resources during this period. They also provide DevOps as a service, such as Azure DevOps. AWS also provides a set of services specifically intended to help organizations implement DevOps practices.

Exposure & Learning

Employees are generally happier and more productive under the DevOps model, largely because it focuses more on performance than anything else. There are fewer administrative obstacles and greater sharing of risk, which allows individuals to blossom. Members in both development and operations teams prefer DevOps because they get exposed to multiple roles, resulting in their getting a better understanding of project execution and the business as a whole. This experience is more rounded, fulfilling and increases job satisfaction considerably.

Better Results

The improved collaboration between teams and the ensuing efficiency has a direct impact on reducing the time needed to build software. Collaboration encourages a proactive approach amongst team members in putting their act together. All this eventually reduces the time needed to bring a product to market. This benefit is particularly important in competitive markets where the ability to deliver software on time has a direct impact on the revenue and market share. With the DevOps approach not only is the speed looked after but also the quality of the outcome. It also increases customer satisfaction when they receive a comprehensive product sooner than expected, with all the promised benefits delivered quality-wise. To achieve this end goal can be a highly fulfilling experience for all the members involved in giving shape to the software.

……………………………………………………………………………………………………

A DevOps culture improves the collaboration between groups with historically distinct roles, especially people in software development and operations. This practice provides many other benefits that generally result in the faster delivery of software. DevOps practices also improve the engagement of team members by making them responsible for projects throughout their entire life cycle, rather than a specific phase of the project. The increasing availability of tools is making it easier for organizations to implement DevOps practices, allowing team members to automate many of the tasks needed to develop, test and maintain code.

……………………………………………………………………………………………………

If you have any queries in this field, talk to Mindfire Solutions. For over 20+ years now, we have been the preferred Software Development Partner of over 1000+ Small and Medium-sized enterprises across the globe.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
NLP Image

Impact of NLP on Healthcare Industry

Natural language processing (NLP), along with machine learning, deep learning, computer vision, and image recognition, are all branches of artificial intelligence (AI). The goal of NLP software is to build computer systems that will accept input in the form of spoken or written language and will provide spoken or written output i.e. communicate as if the computer system were a human.

Thanks to devices and applications like Alexa, Siri, Google Assistant and Cortana, much of the world’s population has at least a passing familiarity with NLP. It is being used today to perform a wide range of tasks across many industries. Until recently though, healthcare organizations have lagged behind others in capturing the benefits NLP delivers. However, it’s beginning to catch up.

Here are several use cases for NLP in healthcare that are already enhancing the field. Each of these will contribute to the larger digital transformation of healthcare as technology continues to advance.

……………………………………………………………………………………………………

Medical Coding and Billing

NLP streamlines the way medical coders extract diagnostic, procedural and other clinical information. Rather than a coder reading documents and converting them to alphanumeric codes, NLP reads them and submits the codes to the coder for verification. This allows the human coder to work on documents that NLP cannot process accurately, and reduces the overall expense of coding medical information. In the end, more accurate and thorough coding results in more accurate and timely billing.

Virtual Nursing Assistants

The rise of virtual nursing assistants capable of communicating with patients using NLP is underway. Regular communication between patients and the nursing bot extends care beyond the walls of the clinic room without burdening existing resources. Adherence to the patient’s care plan can be monitored, and triggers can notify providers of issues that need human attention. Patients can receive round-the-clock access to support and answers, including help with medication. Researchers in this field estimate virtual nursing assistants will reduce U.S. healthcare costs $20 billion by 2026.

Robot-Assisted Surgery

Some surgical robots use AI to apply information obtained from prior surgeries to the current case, leading to progressively better outcomes. Beyond the many well-known advantages, robotic surgery delivers, adding an NLP component allows surgeons to query the system and to direct its actions verbally.

Reducing “EHR Burnout”

Recent studies have indicated that healthcare providers spend nearly half of each day updating electronic health records and doing other administrative work, which is a matter of concern. It leaves them with very less time to perform their core functions of examining and discussing clinical, diagnostic and treatment information with patients in a face-to-face environment.

Entering and managing patient information is a major contributor to physician burnout. More than half of physicians surveyed in a Physician’s Foundation 2018 study, reported entering data into the EHR reduces their efficiency and detracts them from their interaction with patients. Systems that use NLP allow physicians to enter notes into the EHR by speaking to it. This saves time versus having to type. Besides, it also allows patients to amend or correct what the doctor is entering into the EHR.

Other Important Use Cases

While improving the clinical value of EHRs and reducing physician burnout is one of the most pressing challenges among healthcare organizations, NLP is contributing to the digital transformation of healthcare in several other ways. For example, NLP is helpful in

While improving the clinical value of EHRs and reducing physician burnout is one of the most pressing challenges among healthcare organizations, NLP is contributing to the digital transformation of healthcare in several other ways. For example, NLP is helpful in

  • Comforting patients who become confused and anxious because they do not understand the data being presented to them through a portal website. For instance, NLP can explain the meaning of abbreviations and medical terminology. Rather than leaving the patient to worry or call the physician to explain the report, NLP can educate and possibly also calm the patient.
  • Offering summarized updates of key ideas, concepts, and conclusions contained in large volumes of clinical notes, journal articles and other narrative texts gives practitioners quick access to volumes of information that would otherwise require a lot of time to read through.
  • Easy extraction of data from free-form text and insertion into fixed-field data files, such as the structured fields in an EHR.
  • Handling a physician’s free-form spoken or text query, which is especially useful for queries that require gathering and organizing data from multiple sources.
  • NLP and other AI components can also accelerate the movement away from fee-for-service models and toward value-based healthcare by organizing unstructured health data derived from EHRs and other sources. Much of that “hidden” big data can shed light on health outcomes for entire populations of patients, which has been impractical until recently.

 

……………………………………………………………………………………………………

If you have any queries in this field, talk to Mindfire Solutions. For over 20+ years now, we have been the preferred Software Development Partner of over 1000+ Small and Medium-sized enterprises across the globe.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
Image for Habit

What is a HABIT?

The easy definition would be something that you do daily without being forced or pushed. For e.g. as simple as brushing your teeth. But do you remember how tough it was when you were a small kid and learning to develop this habit, am sure that is not even a matter of thinking today.

Another good and simple example of a HABIT is cycling. Remember when you started cycling/biking the first day! That feeling of imbalance, falling off or getting hit with no hand-eye coordination and then slowly and steadily you become the cyclist in your neighborhood doing all kinds of stunts.

There are many such examples that happen in our daily lives where the beginning looked as difficult as climbing the Everest may be, but as you start taking those steps forward, it becomes simpler and later a maybe even a “cake-walk” to perform those.

……………………………………………………………………………………………………

Why I am talking about HABIT? Because as we grow older and get into our daily chores, we forget to adapt to new habits or develop new changes or even attempt to do something new, simply because we feel that we do not have the time, there’s always too much work in the plate, professional or personal. Whenever you think of doing something new, you always push it to a later date convincing ourselves that we will do it when we have the time for it.

My friend where is that time?…the fact of the matter is NOW is the time.

Remember, everyone has 24hrs in a day and utilizing the same, some became people like the Tendulkars, the Steve Jobs and the Bill Gates to name a few, and many are still searching for that time to begin.

Here I present the new definition of H.A.B.I.T – “[H]aving [A]bility [B]uild [I]ntense [T]ricks” – obviously this is not mine, taken up from the internet, but it very well fits our bill here.

What does it take to build a habit? Answer is “decision” and then taking “action” in the form of small steps daily at the same time every day for the next 21 days (an idea introduced by Dr. Maxwell Maltz ), but I will suggest, if you can do that for 1-Day and then repeat the same for the next 30 days, trust me you will be rolling. But the trick is it has to be continuous, if you break for 1-Day then the cycle has to begin again from Day 1 🙂 that is why its Intense Tricks ;).

So, go out and pick up that Guitar which is hanging in your bedroom and staring at you or start reading that new Tech Area or Buzz Word on which you always wanted to get your hands on and just do it for 1-Day and then repeat the same cycle for next 30-Days.

The exception is, there are still no guarantees of success. It all depends from person to person and on his or her burning desire to make something work. But it is much better than not having tried at all, isn’t it? Roger Bannister was the first man to run a mile in less than 4 minutes. It was his persistence and practice that enabled him to cross what had otherwise seemed like a barrier meant to stay forever until then.

Do put your comments, if you really got into a habit 🙂

……………………………………………………………………………………………………

The views and opinions expressed in this article are those of the author. To know more about our company, please click on Mindfire Solutions. 

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

How Bitcoin Solves the Double-Spending Problem?

Many of us probably already have heard of Bitcoin. We know what innovation it has brought into this world – the blockchain technology. As of this writing, it has been almost a decade since its inception and it has long thrived without any central control over the network.

Bitcoin, a peer-to-peer electronic cash system, has inspired many other projects and can be seen as a pioneer of the underpinning blockchain technology. That said, it would be worth exploring how Bitcoin solves the double-spending problem. Instead of delving into theoretical exposition we will experience a transaction process in this pioneering innovation. We will be making a transaction on a real network and analyzing what a Bitcoin transaction looks like. A transaction in the Bitcoin network is a bit complex than a conventional digital transaction.

……………………………………………………………………………………………………

Comparison with Fiat Currency Transaction

In a transaction that involves currency notes, we can easily envisage two parties exchanging some goods or services in exchange for the money. One party receives the goods/services and the party pays in currency notes. Let us say the transaction was costing $50 and the payer has $100 currency note. The payer would pay $100 and would receive in change $50 (as shown below). Both the currency notes are legal tender that is supplied by a central bank. A Bitcoin transaction also involves paying and may too involve receiving back change and in this respect is quite similar to our day-to-day transaction.


Comparison with Conventional Digital Transaction

A conventional digital transaction, say the online transfer of money, involves two parties and a mediator (the bank). So, there is a “From address” (A/C No.), a “To address” (A/C No.) and the amount (value transfer). There is no concept of change in a conventional digital transaction. If you want to transfer $1050 then you can transfer the exact amount and this is a mere process of debiting from sender’s account and crediting to the receiver’s account with the help of the mediator who validates the transaction. However, a Bitcoin transaction may involve multiple From addresses and multiple To addresses without any mediator. We will explore how this is possible.

As it is with any traditional transaction, ours will have the following attributes: a “From entity”, a “To entity” and the value to transfer. Let us send an amount of 0.1 BTC to a Bitcoin user as follows:

From: n2FSwa6DsMsbJgNknB64ThR3pHPUQ79bxL
To: msqdPeF7KeEqcWUNAFMm8JQijVB3cnLi4N

Amount: 0.1 BTC

The transaction has been done and the transaction details can be seen here

Bitcoin Transaction

Now, what looks legitimate is the From address (left) and the one of the To addresses with 0.1 BTC sent. However, two things look contradictory. Firstly, we sent 0.1 BTC but it says 1.0 BTC being transferred. Secondly, there is one more To address to which some amount has been sent.

Is something wrong with this transaction? Not really! You can check the above transaction in block explorer and verify yourself that it is indeed the same transaction. But this is the way Bitcoin works. Let us explore.

What is a Bitcoin Transaction made up of?

A transaction in Bitcoin consists of inputs and outputs. The input is like a “From address” which is in Bitcoin terms an unspent transaction output. When you want to make a transaction you will always spend an unspent transaction output as a whole. That said, you end up paying the entire amount. However, you receive the remaining amount in a different address called change address. This change address is your own address where you collect the change, which in turn is an unspent transaction output. This is quite common in Bitcoin transactions. For instance, someone sent you 1.0 BTC. Now you want to send 0.5 BTC to your friend. You cannot break the 1.0 BTC but you will spend the entire 1.0 BTC in a transaction and get the change in your change address.

Transaction Fee

Back to our transaction. Now, let us verify that the amount in input and outputs are balanced. So, 1 BTC – (0.1 BTC + 0.89432145 BTC) should be 0. But it turns out to be 0.00567855. So, where did this amount go?

Well, this is the transaction fee that is paid to the miner who helped you in validating the transaction, adding it into a block, mining the block, and broadcasting to the network. The miner is given this amount as a mining fee for the work he has done.

The mining fee is charged in satoshi per byte. Our transaction has a size of 225 bytes and we were charged 2523.8 satoshi per byte. So, 2523.8 x 225 = 0.00567855 BTC.

The Concept of UTXO

Note that the two outputs here are mentioned as “unspent”. This is how bitcoin keeps track of balances. The sum of all unspent transaction outputs is what constitutes your balance. Bitcoin network does not have any database or global state of balance amount rather it uses the concept of UTXO.

So, how is a UTXO represented in the bitcoin protocol? Perhaps in the bitcoin protocol, there is no concept of “From address”. Yes, there is no concept of From address in Bitcoin. The Bitcoin addresses are used to receive payments. A transaction in Bitcoin never encodes a From address but only has a reference to a previous unspent transaction output. That said, the input of a Bitcoin address is actually a previous unspent output. Bitcoin refers to a previous unspent transaction output using a combination of transaction ID (or transaction hash) and an index. Once an unspent transaction is spent you cannot spend it again and thus prevent the double spending.

A Transaction with Multiple Inputs

So, how will a Bitcoin user transact an amount for which he has no unspent transaction output equal to or above that value? Say, a user wants to transfer 5 bitcoins but none of his unspent transaction output has that much amount although the user has multiple unspent transactions that add up to a value greater than 5.  Bitcoin allows you to combine unspent transaction outputs. A transaction with multiple inputs would sound new to a person doing a conventional digital transaction. This is because a conventional digital transaction always has only one sender (or From address). Let us analyze a bitcoin transaction with multiple inputs. In this case, the Bitcoin user wants to send 1.02 bitcoins but he has no unspent transaction outputs of that value. So, the user combines two inputs and then transacts (see below).

Bitcoin Transaction

The above transaction (ac194c19201a20cdd26bbb8d696588370c06261148fd20a96b3330b0bcb03207 ) has two inputs and two outputs and it is absolutely a valid transaction in Bitcoin. The total amount of BTC of these two inputs, which is 1.04997424 BTC, is sufficient to send a transaction of 1.02 BTC. And the remaining value has been collected in a change address with 0.02997013 BTC.

……………………………………………………………………………………………………

How are transactions validated in Bitcoin?

Let us take an example of a transaction that involves one input and one output (as below). Here,  the input is a reference to a previous unspent transaction at index 0. The previous transaction is referred by a transaction hash: f5d8ee39a430901c91a5917b9f2dc19d6d1a0e9cea205b009ca73dd04470b9a6
The output sends 50 bitcoins to a bitcoin address. When the recipient wants to spend this 50 bitcoin he will reference output 0 of this transaction as an input of his own transaction.

Input:

Previous tx: f5d8ee39a430901c91a5917b9f2dc19d6d1a0e9cea205b009ca73dd04470b9a6
Index: 0
scriptSig: 304502206e21798a42fae0e854281abd38bacd1aeed3ee3738d9e1446618c4571d10

90db022100e2ac980643b0b82c0e88ffdfec6b64e3e6ba35e7ba5fdd7d5d6cc8d25c6b241501

Output:

Value: 5000000000

scriptPubKey: OP_DUP OP_HASH160 404371705fa9bd789a2fcd52d2c580b65d35549d

OP_EQUALVERIFY OP_CHECKSIG

Bitcoin uses a scripting system to verify a transaction. There are two script components that can be seen in the above transaction: scriptPubKey and scriptSig. So, the scriptSig refers to the sender’s signature and the public key. The scriptPubKey is the script that will be evaluated using bitcoin protocol and if the execution of the script returns true then the transaction is valid.

scriptSig: <sig> <pubKey>
scriptPubKey: OP_DUP OP_HASH160 <pubKeyHash> OP_EQUALVERIFY OP_CHECKSIG

Let us see how this script is executed on the stack:

Step 1: Combine scriptSig and scriptPubKey in that order
Step 2: Push <sig> and <pubKey> to stack
Step 3: Execute the operation OP_DUP which will duplicate top item, which is <pubKey>
Step 4: Execute the operation OP_HASH160 which will create hash of the <pubKey> and this hash will be pushed to the stack.
Step 5: Execute the operation OP_EQUALVERIFY to ensure the hash generated matches with the <pubKeyHash>
Step 6: Execute the operation OP_CHECKSIG for the two hashes on the stack.

In summary, a Bitcoin transaction involves one or more inputs and one or more outputs, has no concept of From addresses in its protocol, uses a concept of unspent transaction output, and verifies the transaction using a scripting architecture.

……………………………………………………………………………………………………

The views and opinions expressed in this article are those of the author. To know more about our company, please click on Mindfire Solutions. 

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
WordPress Malware Infection

What is WordPress Malware Infection? How do you deal with it?

WordPress is the most popular content management system on the web. Besides the popularity, it has many advantages. But unfortunately, it comes with certain downsides as well. if you go by statistics, more than 70% of WordPress installations are vulnerable to hacker attacks.

In WordPress websites, we generally install third-party plugins/themes for integrating additional features. But most of the time, we are not aware of the inherent security vulnerabilities of these plugins/themes which act as critical loopholes that are targeted by hackers/malware botnets, etc. Some plugins provide regular updates for patching those issues. But if we fail to do them, it leads to the exploitation of the vulnerabilities and severe malware infection.

……………………………………………………………………………………………………
Why secure WordPress websites before enabling SEO?

We know that bots crawl websites. But nowadays, bots make more visits to websites than human traffic. Malware Bots attack by trying a set of tentative URLs on websites. If a website has a vulnerability, and it gets figured out by the malware through this approach,  the website becomes a candidate for exploitation. So, before enabling SEO on a website, we need to make sure that the website is secure; otherwise, you are at the mercy of bad bots which will take advantage of it. In some cases, malware can damage a site’s relationship with leading search engines by injecting malicious contents.

Effects of Malware Infection:
  • WP-admin will not be accessible due to unwanted 302 redirects to third-party malicious websites.
  • .htaccess file content will be changed even though it has proper file permission.
  • Files with extension .php.suspected will be created along with many duplicates of stylewpp.php.
  • Random posts will be created in WP DB.
  • Unknown admin users may have been created.
Steps to prevent Malware Infection :
  1. Take a regular backup of codebase and database.
  2. Restore content of .htaccess file and set proper file permission.
  3. Check crontab for any suspicious entries.
  4. Kill suspicious processes on the server.
  5. Check the access log and find suspicious HTTP calls.
  6. Block suspicious IPs which are making malicious attacks.
  7. Most core WordPress files should never be modified. You need to check for file integrity issues in the wp-admin, wp-includes, and root folders. Remove unknown files & folder with cascade delete [Suspected from access log]
  8. Analyze malicious PHP code which is injected into WP folders. It would be great if you can analyze malicious PHP script and decode their intention which will help you to remove infection easily.
  9. Prevent random article creation. We found “content-main.php” file to be executed by malware botnet from access log. It was injected in path “/wp-content/content-main.php”.
  10. Remove suspicious admin users
  11. Update WordPress to the latest version
  12. Change all credentials of cpanel , FTP and DB.
  13. Stop the brute force attack. Even if you will remove all files, folders, kill all malware processes & change passwords, malware will never sit idle. Because it has already entered your site domain name, IP & malware file locations in its database. So it will try to make continuous HTTP calls to malicious PHP script locations which will return 404 error which is fine. You also cannot block all IPs of malware botnet because it keeps on changing IPs.
    It tries the bruteforce login page with breached admin user names against a global database of pawned passwords.
  14. Block xmlrpc
  15. Prevent bad bots
    Modify the robots.txt file to prevent crawling core directories along with themes/plugin directories. Also, identify bad bots and prevent them from crawling website pages.
  16. Use SFTP instead of FTP
  17. Change default wp-login, wp-admin, wp-content urls. Below are some of the WP plugins which you can use for changing url of wp-login, wp-admin, wp-content, plugin urls.
    WPS Hide Login
    Protect Admin
  18. Install any of blow WP security plugins.
    Securi
    Quttera Web Malware Scanner
    Wordfence
  19. Add proper file & folder permissions.
  20. Check for known vulnerabilities in existing installed plugins.
    https://wpvulndb.com/
……………………………………………………………………………………………………
Conclusion

Nowadays, malwares are getting injected by botnets instead of humans. They crawl for vulnerable urls and exploit them one by one.

……………………………………………………………………………………………………

The views and opinions expressed in this article are those of the author. Lakin enjoys sharing his thoughts on computing and technology in his personal blog.
To know more about our company, please click on Mindfire Solutions. 

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
ISO 8583

Why does ISO-8583 Score Over Other Standards

Of course, it is one of the many financial transaction standards describing how to pack certain data fields such that it could reliably be unpacked as well. However, the distinguishing factors that the standard possesses are :

  • It uses web sockets for communication which is very efficient.
  • This standard helps the electronic system which reads the card number, the transaction amount and other relevant data fields to pack it all up so that it could be transmitted electronically to a transaction processing system where it could then be unpacked back into individual data components and then processed.
……………………………………………………………………………………………………

Where do the Others Lack?

There exist numerous methods for packing and unpacking data. It could be as simple as comma separated fields. Eg: I could choose to send the transaction information as simple comma separated values as:

“1234123412341234,1000, INR,987” (Card Number, Amount, Currency, Merchant ID).

The issue with such a simplistic model of data packing is that it lacks meta information i.e. the message itself does not contain any information on what exactly is being packed in it. Not that it could not have been overcome even with a comma-separated version- just that it could get cumbersome

……………………………………………………………………………………………………

Principles that drive this Standard

The ISO 8583 message is based on the principles that:

– In a transaction message, you only get to pick the number of fields from a predefined set of fields. So, if you need a field called ‘My girlfriend’s phone number’, sorry, ain’t possible.

– The meta information of which fields are present in the message is also a part of the message payload in a data structure called the ‘bitmap’.

Structure

– Most implementations contain a few bytes dedicated to a fixed header (eg: ^A^TISO016000010) after which the actual ISO 8583 message starts.

– In one of our projects, the header we used was of 14 bytes

MTI – The Message Type Indicator.

The first 4 bytes describe the message type.

Eg: 02 00, which tells that the message is actually a financial transaction request. (The response to this request would also be in ISO 8583 and would carry an MTI: 02 10). Various MTIs exist and can be found on the web.

Bitmap

It is almost a visual representation of which fields are actually present in this message and which fields are not.

Eg: F2 38 80 01 08 E0 80 0F

11110010 00111000 10000000 00000001 00001000 11100000 10000000 00001111
(all the bit positions that are 1 implies the corresponding fields are present)

Hex Binary (Positions that have 1)
F2= 11110010 -> (1,2,3,4,7)
38= 00111000 -> (11,12,13)
80= 10000000 -> (17)
01= 00000001 -> (32)
08= 00001000 -> (37)
E0= 11100000 -> (41,42,43)
80= 10000000 -> (49)
0F= 00001111 -> (61,62,63,64)

We’ve just read the map! Therefore the fields that will be present in this message are field numbers: (1,2,3,4,7,11,12,13,17,32,37,41,42,43,49,61,62,63,64)

Note the first bit. Field 1 is a special field which indicates the presence of an extended bitmap. Since this sample message contains 1 on the 1st position, it means that this message contains another bitmap with another 64 bits.

Extended bitmap, Binary 64 bits

80 00 00 00 00 00 00 00
(=hex .extended bitmap field)
(80)10000000 -> (position 64+1=65)
This extended bitmap shows that field number 65 is also present in this message.

Data Elements

Immediately after the bitmap, the data elements start serially. From the bitmap, we know that fields 2,3,4,7 are present one after the other. All that we need to do is to read them one by one. Each field number has a predefined type in the ISO 8583 definition and has a predefined length. Some fields have a variable length in which case the first N bytes provide the length of the field.

Example:

Data Element 2. Length 16. Value : 0000011319353459 = Primary account number
Data Element 3. Length 6. Value : 011000 =Processing code. 011000 = cash withdrawal
Data Element 4. Length 12. Value : 000000020000 =Amount 200.00
Data Element 7. Length 10. Value : 0804030013 =DateTime DDMMhhmmss
Data Element 11. Length 6. Value : 051028 =Systems Trace number
Data Element 12. Length 6. Value : 083013 =Time, hhmmss
Data Element 13. Length 4. Value : 0804 =Date, MMDD
Data Element 17. Length 4. Value : 0804 =CaptureDate, MMDD
Data Element 32. Length 6. Value : 123456 =Acquiring institution ID code 123456
Data Element 37. Length 12. Value : 192165102801 =Retrieval Ref. No.

……………………………………………………………………………………………………

Isn’t ISO 20022 the new standard?

ISO 8583 will be a difficult one to get rid of anytime soon and hence one way or the other, in the financial industry ISO-8583 is here to stay.

……………………………………………………………………………………………………

The views and opinions expressed in this article are those of the author.
To know more about our company, please click on Mindfire Solutions. 

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
Overcoming pain points in offshoring software development

Overcoming the Critical Offshoring Pain Points in Software Development

It is imperative for businesses today to leverage the effectiveness of software in order to get ahead in the market. This is not limited to the enterprise software pieces they use as part of their day to day operations, but it also relates to the proprietary pieces they offer to their users, clients, and partners.

But developing proprietary software is a serious undertaking, and one which might be beyond the reach of the average small or medium-sized business – in terms of cost effectiveness and also the general skill and expertise needed to truly deliver. So what is the answer for SMEs in the market?

Offshoring software development represents a viable solution. This concept in software design refers to hiring a third party team in a different country to handle the development process. This approach to development brings with it immense benefits, as well as significant challenges. So what are the key pain points, and how can businesses navigate through them. Let us look at the critical ones :

……………………………………………………………………………………………………

Difficulties Commonly Associated with Offshoring Software Development?

Breakdown in communication between teams

Offshoring means a team operating in a different country or territory – which in turn means potential time zone clashes and a heavy reliance on digital communication tools. There is also the very critical factor of cultural differences existing between the in-house and outsourced teams, leading to communication breakdowns.

Quality not guaranteed

This is a familiar source of anxiety for any businesses working with an outsourced team – How to ascertain the quality of the outcome? There is no guarantee here, but, if the services of a company are hired purely on the basis of low rates, there is a strong likelihood of low quality turning out to be the byproduct. No good service comes cheap.

Sensitive data risk

We are in the beginning of the digital era. Data has already started making the business world go round. This makes outsourcing something of a minefield. On one hand, the team needs the requisite data to do the job and to do it well, while on the other, the companies outsourcing are always going to be nervous about how much access to sensitive data would they be giving away. The risk of data breach, either accidental or malicious, is always high and the ensuing penalty could be significantly detrimental.

……………………………………………………………………………………………………

Overcoming the Pain Points

Deployment of digital communication tools

Outsourced teams – both on and offshore – are introducing businesses to a whole new world of flexibility and agility. This is being supported by a wealth of different communication tools which allow collaboration and communication between teams across the globe in real time. With so many high-quality software tools and platforms available, communication breakdowns can be completely eliminated.

Progress reports and regular project appraisals

When a contract is drawn up with an offshore team, regular appraisals and reports have to be included in it to keep a tap on work progress. The result will be a process which is far more streamlined, one unlikely to get hung up or face too many unexpected pitfalls. It enables both the teams to stay on course and make required modifications whenever it is deemed necessary.

Temper cost reduction with a quality-oriented focus

Reducing costs and achieving better resource management are certainly two important and obvious factors for a company when it comes to outsourcing their software development work. What should also be given equal importance is the quality of work. Everything fails otherwise. Clarity is required on two fronts here. Firstly, knowing the impact the quality of the outsourced work will have on the end result. Secondly, having established evaluation criteria to identify the right partner to engage with.

Develop an in-house data security plan, Extend it to outsourced teams

A business should first understand that it is not immune to data breaches from within, and thus, should begin by drafting a high-level data security plan that covers all potential vulnerabilities.With the required processes in place the approach can then be extended to include the offshore partner. Providing them with a copy of one’s data security policy, and ensuring that the same is ratified and agreed upon before the final contract is signed would clearly underline the importance the company puts on the matter.

……………………………………………………………………………………………………

If you have any queries in this field, talk to Mindfire Solutions. For over 19+ years now, we have been the preferred Software Development Partner of over 1000+ Small and Medium-sized enterprises across the globe.

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
Distributed IT Team

Overcoming the Obstacles of Running Geographically Distributed IT Teams

What it means to operate an IT team has evolved in recent years. Today’s teams are more efficient, flexible, and streamlined than the ones of the past, and much of this is because of a constant desire amongst people in business to enhance their capabilities and to harness the power of the latest technologies. Earlier, it was a given that the key players in a team would have to operate together in one building, or in close proximity. But this way of doing business had its drawbacks, which became evident over the years. There wasn’t room for personal flexibility for one. Also, sticking to this approach had a financial bearing as well.

Over time, technology opened up possibilities to revolutionize the way teams could function, and IT industry was amongst the frontrunners to seize the opportunity. From using video conferencing and Skype to deploying apps like Slack or GoToMeeting/GoToWebinar, teams can leverage technology to have virtual meetings anywhere – which essentially means that the members can work from anywhere too! However, there are challenges of operating a geographically dispersed team. Let’s examine what they are, the impact, and how seasoned business leaders overcome them and manage to get the most out of their teams.

……………………………………………………………………………………………………

Perceived power imbalance

According to an article in HBR if more team members are consolidated in one location or they are in the locations that are geographically close to that of the team leader, then there’s a perception that these people have more power or access to power. This can lead to a feeling of isolation for the other team members or for that matter a feeling of complacency amongst the ones closer. Either way, it negatively affects the overall team morale. Since it is not possible to change the geographic locations of members, team leaders can implement creative strategies to diffuse false perceptions. For e.g., a team leader may need to give particular “power” assignments to those who are farther away from the headquarters or who are working in smaller groups.

Cultural insensitivity

Global teams will naturally contain people from diverse cultural backgrounds. Most people will not know everything there is to know about every other team member’s culture. This can lead to some awkward situations, to say the least. It could even lead to some people responding in culturally insensitive ways. One of the ways to nip in the bud is to raise the topic up in common meetings and suggesting that more often than not these problems are due to errors of judgment, ignorance and not malice. That they can be addressed by increasing one’s awareness of other’s cultures.

Language barriers

Usually, the prominent language in IT global teams is English. However, this is unlikely to be the native tongue for many of the team members. Those whose native language is English are likely to have an advantage in meetings with their peers. The less fluent speakers may feel shy about speaking up even if their ideas are good. Leaders can help overcome this impediment by setting forth guiding principles for discussions. An e.g. could be to suggest that the more fluent speakers slow down their speech and refrain from using difficult phrases. In addition, they might limit the amount of time they are given to talk and urge the less fluent speakers to speak more.

Lack of proper technology

The technology for high-level collaboration and remote communication is out there in the market. It is just that many businesses do not use them correctly. For any organization, there has to be some research done to correctly identify the optimal technological solutions they need to operate efficiently. There are multiple products options available in the market for each type of functions that facilitate collaboration for geographically dispersed teams. Getting the right ones is the key and can make the difference between building synergy and causing disruption.

Lack of good leadership

Diversified teams must have exemplary leadership at the helm. Without it, the teams will quickly fall apart. Besides having the required technical expertise the person in charge of leading such teams must have a global mindset, possess high emotional intelligence, and know the art of mending fissures when they appear.

……………………………………………………………………………………………………

Conclusion

In a connected world, as businesses look to the future, geographically dispersed IT teams is a reality that has to be dealt with. For companies with a global outlook, not only is this approach a practical step forward but also one which can be harnessed to their advantage. The key is to recognize that the obstacles that exist are perpetual in nature and have to be dealt with on an ongoing basis.

……………………………………………………………………………………………………

If you have any queries in this field, talk to Mindfire Solutions. For over 19+ years now, we have been the preferred Software Development Partner of over 1000+ Small and Medium-sized enterprises across the globe.

 

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
Confused Face

Musings : Relevance of Asking Questions & Sharing Ideas

Few incidents in the recent past brought back memories of my days in school. Although the narration is a personal one, I am sure many readers would identify themselves
or their friends with it. I was, as a matter of fact, quite a naughty kid and reasonable in studies :).

I would, in particular, be quite terrified on the days we had a question-and-answer session with the teachers. I would put in my best efforts by finding a seat in advance and do my best in concealing myself behind a friend with a more generous built. It would thus reduce the chances of my getting noticed and being at the receiving end of questions.

I would do the same thing if I had doubts on certain topics or sections in a passage..I was always shy and afraid of asking questions. I would be concerned about what my teachers, my classmates, and my friends would think if I asked a worthless one. I stuck to this habit through my days at high school, thus risking to perpetuate my stupidity.

However, as years went by, I felt my outlook beginning to change, not sure how and why; could well be due to the maturity and experience that age brings along, generally so to say.

 ……………………………………………………………………………………………………

The turning point was in a class on Data Structures, taken by one of the better-known professors in our institute. He was explaining Binary Trees that day. Having explained, he said in an emphatic voice “Am I Clear?

And guess what, the school kid who was always shy to ask questions in early days.. stood up and said. “I didn’t get it”… The lecturer asked

” Is there anybody else?”. And to my surprise, the most intelligent person in our batch stood up as well!

So the professor went ahead and explained the concepts again. I did not hold back this time either and got up and said, “I still didn’t get it, sir”. I could not help it. The act seemed out of nature to me, but I was finding a strange degree of comfort doing it. On the third instance though, the professor remarked, “If you understood it’s good, and if not then it’s “excellent” ;).” Perhaps he got irritated.

Later in the day, the professor called me to his cabin and explained the concept again. To my surprise, he claimed that he was on purpose not explaining things the way he should have in order to check how attentive we were in the class. And that he was not surprised that I failed to understand him every time; indicating that I was the one paying attention.

The incident was a special one for me.  I had managed to overcome my fears and also realized the importance of asking questions. The fact that one should not hesitate to ask. If done with the right intention, one need not get bogged down thinking whether the question will be looked upon as silly or irrelevant. Questions can in fact sometimes lead to throwing up of bright ideas, which might bring about significant happenings, including recognition to the seeker.

 ……………………………………………………………………………………………………

In my professional career so far, I have seen many instances where people hold themselves back from asking questions, only to repent later. Or for that matter hesitate to share their thoughts/ideas. The fear of embarrassment of being judged unfavorably by peers or seniors tends to act as a deterrent. But what they don’t realize is that by not asking questions and letting their doubts persist, they rely on assumptions to act. And in the event of these assumptions going wrong, they set themselves up for disaster. Besides, they also lose out on opportunities to address matters better. Smart questions can lead to better solutions and recognition. Sitting back and allowing questions to die in one’s mind or waiting for others every time to ask is asking too less of oneself.

To all of those who are shy, hesitant or worried about what others may think of their questions, I hope my learnings help you get over your inhibitions. If you happen to work in the field of technology, you are at an advantage already. For the frantic pace of change almost entitles you to ask/share. So every time you feel an itch,approach your peers first, reach out to others in your organization, and if you sense a need to go beyond, connect to the world at large. We have enough tools and channels at our disposal today to facilitate that. Be fearless and ask as many questions as you can think off or share your thoughts/ideas. Just remember if you will not ask/share, then someone else will and you will be left wondering later ” Oh Shoot!  I thought of the same as well“.

 ……………………………………………………………………………………………………

The views and opinions expressed in this article are those of the author. To know more about our company, please click on Mindfire Solutions. 

Spread the love
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •