Now, you can post economic tweets with the iPhone Economy app. Version-2 of the app (can be downloaded from here and it) can auto-generate Twitter post-text about the latest economic news and it lets you post these tweets with the tap of a button.
The iPhone Economy app provides a snapshot of the US economy. It was launched on July 4 and went on to become the #1 paid app in the “Finance” category of the app store. The app was featured in Apple’s (itunes) STAFF FAVORITES section and also in the media.
The iPhone Economy is probably the first iPhone app to use Twitter OAuth to post tweets. From a development-resource perspective, the Twitter functionality was easily the most expensive component of the V2 upgrade. Most of these costs came from implementing login with Twitter’s new OAuth authentication protocol. Later in the post, I’ll write more about costs and about OAuth benefits of security and privacy. Adding Twitter functionality to the Economy app was first suggested to me by @hivebrain, but at the time, both of us had assumed that this would be a fairly inexpensive feature.
The app creates a community of Twitter users of the iPhone Economy app with the #cEconomy hashtag. It auto-generates economic tweets on the latest economic indicators (e.g. GDP, Unemployment, Housing starts, inflation etc.). The default tweet text includes latest numbers and how it compares with the past (as an example, today, my twitter post with default text showed the November unemployment rate (published today by the Federal Government) and compared it with last month’s rate and last year’s rate.
Users may choose to edit the default text and these tweets are suffixed with #CEconomy. Standard/unedited tweets are suffixed with #cEconomy. Tweets from the iPhone Economy app can be identified by the source of the app (which will say iPhone Economy app). All tweets from the app will have the cEconomy (or CEconomy) hashtag and a search on #cEconomy will return all tweets from the app.
An explicit user action (tap of the “Post” button) is always required for posting tweets.
OAuth, Security and Privacy
As mentioned earlier, implementing Twitter login with OAuth turned out to be fairly expensive (in terms of dev resources). The Twitter.com website recommends that all applications use the OAuth login approach “to prevent security issues” and says that the basic login approach will be deprecated in the future. However, at the moment, it looks like the iPhone Economy app is the only iPhone Twitter app that uses OAuth for login and posting tweets.
Apps that use basic login ask users for their password and typically save the password on the device. With basic auth and with oauth, a malicious app can compromise security, but with basic-auth, a non-malicious app may also compromise security. It is possible to write secure code with basic auth, but several developers don’t do that and OAuth mitigates these risks. At least one popular iPhone app used to save an unencrypted password on the device. Presumably, some PC/Mac/iPhone apps send raw passwords over HTTP. Regardless of whether they save the password on the device or not, all apps that use basic login, directly ask the user for their passwords before handing it over to Twitter.
In contrast, the iPhone Economy app uses OAuth and so it doesn’t get or use or save your twitter password anywhere. You log into a twitter web-page, provide your password to Twitter (not to the app), and inform Twitter that you’re authorizing the iPhone Economy app to update your twitter data. Twitter then provides the iPhone Economy app with a token that permits it to make twitter posts on your behalf.
The iPhone Economy app saves this token securely on your device. The token cannot be read by anyone else. You can remove the token by tapping the ‘Logout’ button on the ‘Post to Twitter’ page. You also have the option of revoking authorization through the Twitter.com site (without using this app).
The authorization token is not a password and it cannot be used by anyone other than the iPhone Economy app. The Economy app uses the token when you explictly tap the ‘Post’ button on the ‘Post to Twitter’ page.
To encourage OAuth adoption in new apps, Twitter will only show the source of tweets (status updates), if the new app uses OAuth. However, tweets from old apps that use basic auth continue to show the source of tweets. The source of the tweet typically shows below the the tweet (as …From AppName)
Twitter OAuth has been available since March 2009. However, the biggest disadvantage of using OAuth login (as of now, December 2009) is that Twitter’s OAuth login page is not mobile-friendly and users see a login page that is formatted for a laptop/PC, not an iPhone. We have been working with Twitter (the company) on this and they’ve assured us that they will work to “improve the mobile oauth” experience. Until then, unfortunately, users may find the login UI a bit difficult to use. Of course, another disadvantage (from a developer perspective) is that implementing login with OAuth is expensive (from a development time perspective). However, overall, I hope that users appreciate the usage of OAuth login.
I also hope it is fun to tweet the latest economic news (even though the news itself may not always be good)