October 13, 2013 Jonny Steiner

Mobile Testing for Banking Applications

Mobile Testing for Banking Applications

Share this knowledge!

A bank cannot afford to fail, not once, not ever. As mobile banking extends the scale and scope of everyday banking transactions, it’s critical that the mobile applications financial institutions offer their employees, partners, clients, and customers are flawless in protecting the accuracy and safety of the assets entrusted to them. This report addresses the challenges banks have in issuing and maintaining their mobile applications, including a case study involving how an Experitest client enhanced its mobile testing process using Experitest’s SeeTest mobile testing tool.

Introduction:

The Next Step in Mobile Banking Industry

By 2017 more than 1 billion mobile users will be banking with their mobile devices. Of the 2.5 billion people on earth without access to banking services, 1 billion of them have a mobile phone. In a short time, mobile banking has gone from nonexistent to the primary way a customer accesses, manages, and dispenses his assets.

Mobile banking gives a customer the opportunity to bank at anyplace, anytime. Mobile testing is critical to this advancement. It guarantees a user’s experience will be both smooth and flawless.

More than any other retail industry, banking has a strict standard for the privacy of information, and integrity of data. Any mobile banking application must be perfect in its execution. The mobile testing tools they use must have the highest levels of precision and monitoring in guaranteeing that a mobile banking application is working perfectly to provide banking services to its customers anywhere, and anytime.

Mobile banking industry: trends

This transformation didn’t happen overnight. Over the past 50 years we went from banking inside the bank to ATMs, to the internet, to mobile, smartphones, and now wearables such as watches.

Evolved Mobility in Banking

Now, smaller phones would be able to answer account queries, receive SMS alerts to make payments, or when money was received or transferred. Using today’s Smartphone you can add money, move money, and spend money. You can use your smartphone as an ATM card, debit card, or even a credit card. As wearables and the IoT become the next generation of mobile, you will be able to do all of these things on a smartwatch as well.

The trend has moved at lightning speed. According to Forrester, 115 million Europeans will be banking with tablets by 2018, up from 19 million in 2013.

Mobile banking industry: trends

Productivity and Convenience

The addition to productivity and convenience is also clear. You can purchase things like plane tickets, movie tickets, with your phone. You can make reservations and buy a hotel room with your watch. Once you make a reservation, there are hotels that will send information to your smartphone or watch, and enable that device to be used as the room key. How long before we will be able to rent a car with a device where the device can start the ignition?

According to the U.S. Federal Reserve, 51% of smartphone owners have used mobile banking in the past 12 months. 39% of people who made point-of-sale mobile payments did so by scanning a barcode or QR code displayed on their phone’s screen at the cash register. 69% of mobile banking users have checked their account balance before making a large purchase, and 69% of the unbanked have access to a mobile phone, approximately half of which are smartphones.

Banks are scurrying to provide the services they can access with a mobile application. Mobile banking has a billion players waiting to join the game. That’s a game-changer. Mobile banks need to develop applications to accommodate new users, and mobile testers need to provide cutting edge tools that enable them to guarantee these applications are flawless.

Mobile banking industry: application type

There are three main types of mobile banking applications: customer, banker, and web.

Customer applications

These are the mobile apps customers use to receive money, transfer funds, make purchases, trade stock, check account balances, and so on. Unlike on desktop the execution environment cannot be controlled. For every user, there is a different operating system, a different version of the operating system. Each device has its own screen size and capabilities, and each location has its own local network.

This doesn’t change the demand for the users. A recent survey warns that up to 40% of retail customers would move their accounts from one bank to the next if that bank offered superior mobile banking services.

Whether on a 3G network in Laos, or a 4G network in Singapore, the modern-day retail customer prefers to do banking on a mobile device. Today’s banker puts his year-end bonus on the line based on the rating his application receives by the app store.

Bank representative applications

Bank Representative applications enable bank employees to perform customer service and back end work on their mobile devices. They are able to set up accounts, process loans, even check their status on these mobile devices. They differ from the customer applications in that they are rich in data, and require longer training time.

These applications enable a banking rep to perform standard banking services right away. Already in many banks representatives stand in line with the customers holding mobile devices to see if there isn’t anything they can do for the customer right on the spot.

Web applications

All the major banks have Web sites that are adjusted to mobile devices. Web applications should be tested on both Chrome and Safari with the newest browser versions.

For the banking industry, mobile testing can be especially challenging. There are unique factors that exist in this industry making the quality of their mobile application and even bigger task to guarantee.

Strict security regulation

Challenge: Regulators have a policy of Zero tolerance for security breaches. Banks must protect the private information of customer data, as well as the assets in their accounts. The mobile testing process must back this up with a secure testing environment.

Solution: Every mobile application must be tested inside the bank’s virtual private network (VPN), thus providing the same top security level as the bank’s other IT systems. A bank’s testing tool cannot require jailbreaking or rooting of the devices under test.

SeeTest Tools: The SeeTestCloud solution allows the bank to create an on-premise Mobile device lab, allowing the testing process to have the same security standards as the rest of the IT in the organization.

Strict security regulation

Challenge Big banks service many users and need to support all Operating systems, all versions of each operating system, all devices, and all versions of each device, including their unique screen size. Along with Android and iOS, all versions need to be tested include Blackberry and WP8-because also a small portion is a big number of users. To support such mobile applications, mobile testing tools must have an object repository that supports both native and web properties.

In developing something that will work for all customers, a hybrid app can be an amazing shortcut. The bank can release an application that will be supported on the majority of the OS, OS versions and devices. But as the user experience is extremely important, the hybrid approach is only been used by small and medium-sized banks.

Solution: There are two options. A bank can employ multiple mobile testing tools, each able to test over a specific operating system or version. It can also get a testing tool that is able to adapt to all operating systems automatically, enabling a testing team to simultaneously test their mobile application on a device with Andriod, iOS, Windowsphone, and Blackberry. Obviously, the second option will save time in not having to train as much, or hire as many people, and money in only needing to purchase one mobile testing tool.

SeeTest Tools: Using SeeTestAutomation to test on devices plugged into your computer or through SeeTestCloud allows you to test mobile applications over iOS, Android, WindowsPhone, and Blackberry operating systems, on any mobile devices including wearables, and any OS version. You can also test using both Native and Web recognition in either native applications or hybrid apps. As a backup, image and text recognition are also available.

Complex Data

Challenge How does the bank know that the information presented by the mobile application reflects the bank backend databases? Is the balance shown to the user the actual balance? Mobile testers need to have a pool of accounts always available that can be used by their testing solutions. There needs to be a mechanism to lock a user for specific test writing.

Solution: A bank needs an automation tool to constantly check database connectivity, as well as valid logical functions. It needs to do this over its virtual private network (VPN) to guarantee the safety of its private data. If constant tests are being conducted in banking offices worldwide, then there must be a cloud-based testing tool that enables secure data transfer at all times.

SeeTest Tools: SeeTestCloud allows users from all over the world to test devices located in a specific location with connectivity to the backhand information of the bank. You can access the company’s backend databases and other digital assets for testing purposes anywhere you are.

Early Adoption:

Challenge From the first ATM machines used in England in the mid-1960s, to the latest banking applications being used over smartwatches, banking applications are quick to respond to new technology.

Solution: Mobile testing tools must allow for banks to test their applications to remain one step ahead of the next major innovation. A testing tool must allow for the development team to engage in Continuous Integration by being compatible with CI software solutions like Jenkins and others. The bank’s main testing tool must be something that at the current moment supports testing devices along with wearables.

SeeTest Tools: We fully support integration with all commonly-used Continuous Integration platforms such as Jenkins/TFS, and MTM/HP ALM. Updates can be moved along the development process efficiently and automatically.

Privacy is essential

Challenge Countries have secrecy laws demanding that banks protect customer information. If a banking application is compromised, not only can that bank be liable for civil damages to the customer, it is in violation of the law and can face heavy fines and censure.

Solution: Automated testing must be done for every new update of all the banking apps to guarantee private information remains private. A bank needs an automated tool with an object repository that can run the same tests over and again without the need for a tester to manually test each individual function.

SeeTest Tools: SeeTestAutomation is optimal for regression testing. Confirm new updates don’t breach security with efficiency and thoroughness. Continuous integration allows regression with no manual testing so security is not breached by physical testers.

Need to Scale

Challenge For every change, even the most minor ones, a bank must run a battery of regression tests to make sure older batches of code weren’t impacted by the changes – even if the new code was not designed to touch it. The number of tests and the execution time of a single execution suite can take 10 hours or more. The number of engineers required for automation and manual testing can scale to the hundreds. A testing tool must enable parallel/serial execution on numerous devices to establish high scalability and high portability of tests.

Solution: A cloud-based testing tool that enables a company to create an onsite device lab allows as many testers in offices throughout the world to connect to any device or series of devices the tester needs to perform testing. The cloud solution must integrate fully with all other testing tools so a mobile tester can access any device through the company cloud, and perform manual or automatic testing on the application. Since any cloud solution means the information will be traveling over long distances, the cloud solution must include a security feature to make sure all data is protected.

SeeTest Tools: SeeTestCloud operates within a company’s virtual private network (VPN) so testers in offices worldwide can access remote devices without impacting the security of the banks’ digital infrastructure.

Lots of legacies

Challenge Banks were among the first to introduce computers to their industry, so they have applications with programming code dating back 50 years. When some of your infrastructure contains computing instructions dating back to the Beatles you must test to make sure that new functions don’t affect that code badly. Banks spend up to 80% of their testing efforts on regression testing.

Solution: Any mobile tool they use must have test automation. They also must have hands free testing, where you test with a keyboard and mouse rather than manipulating the actual device. A cloud setup must enable a tester to perform the heavier test loads on multiple devices all at once, as well as to enable 24-hour nonstop mobile testing.

SeeTest Tools: SeeTestCloud lets you set up a mobile testing lab, where testers in offices over any time zone can access the devices. A manager can reserve specific devices to certain teams at certain times to maintain a 24-hour continuous testing operation which will test the latest version of the application constantly until it is ready for market deployment.

Multiple External Applications

Challenge Banks receive and send data from multiple sources in equities, fixed income, commodities, derivatives, and more. Most data does not originate from the application it was used, making a mobile tester’s job all the more difficult. A change in interest rates can change the value of a million savings accounts. Changes in stock prices change the value of customer portfolio accounts. Maneuvering from external databases to internal ones, and handling all of the updates is a big challenge for banks quality assurance departments.

Solution: An automated testing strategy enables you to test functions working in tandem with other applications updating data. For example, if a database containing stock prices suddenly reports that the price of one of the holdings of a client increased 10%, it needs to be reflected in the account balance for the assets of the holder. A test needs to be run to simulate checking an account before and after the change in values. A testing tool would need to include screenshots of the elements being tested so the tester can see the changes.

SeeTest Tools: Using an automated testing tool enables you to accomplish a lot more in the same time. When an application receives and sends data from so many places, its functions need to be constantly verified – especially in banking where the bank cannot make a mistake at all! SeeTestAutomation was designed for this purpose.

The top 10 banks have offices on multiple continents

Challenge Aside from B2B or B2C mobile applications, B2E applications need to run smoothly everywhere on the planet. A bank can have hundreds of offices on every continent. Along with having to access central databases, the path from the point the banker is into the central hub of the bank must be a secure one. The information has to travel safely within a bank’s private VPN. Along with security testing, you need to make sure the app is working smoothly everywhere for every employee.

Solution: The bank must have in place a network virtualization tool that can simulate any local network condition on earth. Ideally, this solution will also account for user position that can challenge the performance of the mobile application like being in an elevator, or riding on a train going through a tunnel.

SeeTest Tools: SeeTestNetworkVirtualization lets you simulate any type of local network on earth. You can modulate levels of latency and jitter while testing your mobile application over any type of 3G or 4G network. Testing with Network Virtualization lets you verify that your mobile application can work as smoothly in Mumbai as it will in Manhattan.

A large international bank with R&D centers in Europe, India, and the US develops 15 applications for its retail users. Another 5 applications are developed for bank representatives for internal use. These applications were developed on iOS, Android, Blackberry, and WindowsPhone handsets.

Their total mobility group size is around 500 people.

Originally their development resources consisted of ‘Boxes’. For every application they were developing, there was a ‘Box’ with around 70 devices. When a developer or tester needed a device, he found the ‘Box’s’ manager, took out the device, and when he was done he returned the device to the box.

The Old Solution Created the Following Challenges:

  1. For 20 applications, each with a ‘box’ of 70 devices, the company needed to buy 1,400 devices.
  2. It was impossible to identify quickly a specific device with a specific OS and Version. A developer or tester had to turn on every device to see what it was running on until he found the right one.
  3. Devices didn’t get charged so after finding a device additional time was wasted to charge it.
  4. Devices had a habit of disappearing. All company data still on those devices wen unaccounted for. Security teams could not access the devices, or erase whatever data remained on them.
  5. People forgot to wipe the application and its data. This information was accessible for anyone using the device. Developers working on different applications had open access to everything.
  6. It was hard to track which bug occurred on which device. If a small error was made, the developer or tester had to remember which device it was made on. He could spend hours sifting through ‘boxes’ and scores of devices inside them to remember which one had the minor issue.
  7. Constant physical handling meant lots of wear and tear on the devices themselves.

Their Solution: A Mobile Lab

As costs went over budget and deadlines were constantly missed, the bank decided to build a mobile lab. Three dedicated locations were selected: one in Europe, one in India and one in US.

One set of 200 devices were selected. The device matrix was build based on current market demands.

120 devices represented the most used devices, 80 devices targeted non-common devices. Many of the devices were among the most popular in emerging markets. Since the existing organization infrastructure for developing mobile applications was working well setting up a mobile lab did not create any need to change it. In each of the three locations, only one person had physical access to the devices.

As the bank’s business expanded, so did its mobile applications. As more devices became available on the general market, their device matrix expanded as well. Their mobile lab grew to more than 300 devices in the cloud, all available to every developer, tester, and quality assurance engineer.

Everyone was happy:

  1. The developers no longer need to chase a specific device module when they want to reproduce bugs. They can reserve a specific timeslot in advance and access “their” device during that time.
  2. QA managers can plan in advance the devices they are going to use. They can control the application that will be tested and they can see the progress.
  3. The device lab manager administers all the devices, users, and reservation times in less than one hour each day. He assigns the same project to team members at offices in the US, Europe, and India creating a continuous testing environment. The mobile applications are tested 24 hours a day.
  4. Manual testers, instead of having to manually press in a set of commands, now use the keyboard. A reflection of the mobile device, or devices he reserved appears on his computer screen and he can run whatever commands he wants remotely. In some situations, he can run short automated scripts making the manual process easier.
  5. The automation engineers can run automated tests at their desktops. They can automate when the devices will be available, which devices they want, and how each script will run for each device. Reports tell them what is working and what isn’t. For a bank, with a large amount of legacy software, and the demand that their applications run perfectly has a great need for regression testing. Automation engineers can run regression tests at certain devices, reserving them at the same time each day to make sure all new enhancements to banking applications run perfectly for every level of code, and every device that code is executing on.
  6. The security team ensures that every project is conducted safely within the company firewall. Nothing goes beyond the network without their knowledge, approval, and supervision. Applications tested on specific devices stay with the application teams, they are not available for groups working on other applications. The highest level of security is maintained at every step.
  7. Purchasing over a thousand fewer devices saves real money. Reduced wear and tear on each device means they are replaced less often. A continuous testing environment brings each application to market faster, empowering customers to always have the most cutting edge version available. They do more business with the company. As people are attracted to the app itself, new business pours in. More business means more revenue.

There are fewer problems with the application. Customers are satisfied. They continue to do business with the bank, relying on them as having the best mobile application on the market.

Conclusion

The rapidly expanding number of devices on the market demand more testing. More functionality available for every mobile application also demands more testing. A quicker development to deployment cycle means this added testing must be done in less time. A mobile lab is the best solution. It saves money. It enables more thorough testing. It does all this while keeping your testing ops efficient.

To download the full whitepaper click here.

Guy Arieli, CTO, Experitest

 

Share this knowledge!