Presentation on theme: "Mobile Banking – Common Pitfalls and How to avoid them Sanjeeb Singh Yogita Sachdeva Infosys Limited (NASDAQ: INFY)"— Presentation transcript:
Mobile Banking – Common Pitfalls and How to avoid them Sanjeeb Singh Yogita Sachdeva Infosys Limited (NASDAQ: INFY)
Abstract With the advent of technology, there is an exponential growth in the technologies concerning Mobile Devices. Mobile banking space is seeing more traction here and with all the payments and security involved the testing of mobile banking application has become even more critical. Mobile banking QA not only relies upon functionality but usability, security, network and performance are also paramount and need to be tested properly. Majority of our clients are over the Globe and validating a banking transaction across Global carriers bring a challenge of positioning QA professionals globally. This challenge gets multi folded when the roll out happens on varied devices. Cost is ever green component to be optimized. In such a scenario, demand arises for looking at certain mechanisms which can ensure the completeness and coverage of mobile banking QA on each handset globally with optimized cost. This paper will talk about these challenges in details from all the dimensions related to mobile banking which make it so complicated. Critical transactional scenarios in banking specifically in treasury and payments Types of Mobile banking QA which can be and can’t done by remote testing technique How important it is to understand end user dynamics Network and Security challenges for mobile banking app Performance Challenges for mobile banking 2
Abstract (Contd..) Also, this paper will cover certain proven practices and techniques which help to overcome the challenges Proven device sampling techniques which will ensure the complete coverage for mobile banking QA team Cost optimization techniques Remote testing techniques What NOT to Automate and Why Network parametric testing techniques This research paper is completely based on the experiences and learning’s across various reputed banks and as an outcome of this, participants will be benefitted in getting to know a good picture of challenges in Mobile Banking QA and the relevant solutions. 3
Outline of the Paper 1.Mobile Banking Evolution 2.Mobile Banking Services 3.Mobile Banking Domain 4.Mobility Transaction Flow 5.Mobile Banking Testing Method 6.Complexities involved in Mobile Banking QA 7.Challenges involved in Mobile Banking QA 8.Common Mistakes in Mobile Banking QA- Our Experience 1.Scenario 1 : Our experience in Remote Based Testing 2.Scenario 2 : Our experience in Security Testing 3.Scenario 3 : Our experience in Network Testing 4.Scenario 4 : Our experience in Localization Testing 5.Scenario 5 : Our experience in Desktop and Real Device Testing 6.Scenario 6 : Our experience in Emulator Testing 9.Recommendations 4
Mobile Banking Evolution Radical change in end user’s technology exposure are forcing organizations to embrace new technologies and transform their businesses into tech-savvy platforms Banking and Financial services are also embracing Mobility big time Gradual Evolution of Banking from branch banking to SMS banking to Mobile Banking with emerging technologies. Mobile Banking with browser-based and native applications gaining momentum Intuitive Mobile Banking apps for IPhone, Ipad and Prominent Android Devices are launched by global banks. 5 Branch Banking Automated Teller Machine (ATM) Internet Banking SMS-Based Banking IVR-Based Banking Mobile Banking
Mobile Banking Services 6 Stock Trading Global Payment for business transaction Remote Deposit Check Advertising and Brand Building Social Networking News and Update Bill Payment Third Party Payment Account Transfer Balance Information Monthly Statement Transaction History Alerts and Updates Information Based Services Transaction Based Services mCommerce Multimedia Apps Services in Mobile Banking SMS Banking Mobile Web Banking Native App Banking A2P Messaging Location Based Services Near Field Communication Remote Deposit Check Augmented Reality
Mobile Banking Domain 7 DomainServices Mobile enabledExample Cards & Payment Monthly Statement Viewing and downloading the card statement on mobile device. Checking the account history. PaymentsMaking card payment through widget app or lately through NFC Reporting & account activity Setting up the alert for threshold on account activity and receiving them through SMS. Capital Market Trade placementPlace order for new trades through iPhone app Real time Stock quoteGetting the real time stock quote from the market through mobile app Personalized alerts for security prices and notifications Trading app notifying the users through push notification on pre-set prices for making trade decision. Such trade app is provided for Android, iPhone, and Windows phone and easy to download and use. Consumer Banking Deposits and WithdrawalMaking deposit through SMS based services or WAP applications. Account Info and Reporting Directly checking account history on iPhone bank app, download the account statement on your device. Also checking the account balance through app or SMS based services. Payment and TransferMaking mobile payment through SMS based services or WAP app. NFC is also becoming popular.
Mobility Transaction Flow 8 Internet Carrier Network Mobile Device Native Apps Web Apps Network Web Apps Native Apps Internet Network Server Side Carrier Network Base Transceiver
Mobile Banking Testing Method 9 Testing MethodAdvantageDisadvantage Real Device Provides exposure to device limitations (memory, performance, usability). The performance of the network elements / nodes with the newly implemented application is validated for any bottle necks. Expensive and not cost effective always Cannot record the protocols Device diversity Remote Method Elegant solution that can be connected either to the live networks or simulated network Ability to record a test for subsequent replay Expensive Device diversity Emulator Quick for initial functional validation after app development Cost effective, fast and extensive way of validating the application Capture and replay scenarios availabilities. Easier for diagnostic tool to analyze issues. Exact behavior in real time scenario will not be known Features limitations Since it runs on desktop OS, Emulators are faster than the normal processing
Complexities involved in Mobile Banking QA 10 Complexities in Mobile Banking QA DomainTechnical Operational Complexities in Mobile Banking QA Technical SOA Architecture SMS Based, WAP, LBS, NFC, RDC Domain 3rd party payment systems Rate systems Payment & reporting engines Operational Development and Testing environment setup Procurement of devices with different network carriers
Challenges involved in Mobile Banking QA 11 Challenges in Mobile Banking QA Screen Size – Smallest Size(128 * 128) Largest Size(1024 * 768) Operating Systems – Android, IoS, Windows Mobile, RIM BB User Interface – Touch/Keypad, Track pad/Trackball Browsers – Android, Safari, RIM BB, IE Geography- Different carriers Network Access and Performance – Wi-Fi, 2G, 3G Frequent upgrades- OS versions, App versions Skills- Immature mobile Skill Market Alliance Change – Nokia alliance with Windows. Mobile Banking QA Screen Size Operating Systems User Interface Browsers Geography & Carriers Network Access and Performance Security Risk Upgrades Skills Alliance Change
Scenario 1 : Our experience in Remote Based Testing 12 Remote Based Testing- a) Security Challenge while doing validation for banking application through remote based devices. Many a times QA tester acquire the device, login with the requisite credentials into the app and release the device without logout. In such cases, the other user can acquire the device and use the same session. b) Also using remote based testing method for network and precise usability validation.
Scenario 2 : Our experience in Security Testing 13 One-time password (OTP) is the latest tool by the financial and banking service providers to fight against the mobile fraud. OTP is send to the customer through SMS whenever they want to perform critical transactions and the password is expired once used or after a designated life-cycle Sometimes QA team can fail to capture some of the critical real time scenarios associated with OTP during the test case preparation activity
Scenario 3 : Our experience in Network Testing 14 Mobile QA validated the impact of network hop on critical transaction with only one type of network switch (say GPRS to Wi-Fi). The impact of network variability may be different for network hop between different networks. Also doing the validation only with a single network carrier.
Scenario 4 : Our experience in Localization Testing 15 Localization Failure- Spanish banking user receives English SMS with transaction related info rendering it useless for him. The application supposed to be launched in multiple geography with the local languages get extensive validation for selected few languages only(assuming it will work for other local languages as well).
Scenario 5 : Our experience in Desktop and Real Device Testing 16 Validating the application features of the desktop instead on the actual device. User got an upgraded version of android app on his device but found some broken link and image distortion.
Scenario 6 : Our experience in Emulator Testing 17 Assuming that using the emulator, one can validate functional, security, usability, performance aspects of the application is a myth. Though one can cover lot of functional aspect through emulators, the test strategy can’t be built completely on emulator. It cannot validate the usability and performance of the application. Also one cannot rely on emulator for validating the transfers and payment features of m- banking solution due to security concerns.
Recommendations 18 Technical Early Life Cycle Validation Good Device Sampling techniques Limited Testing with Emulator Mobile Automation Network Testing Tools and landscape Risk Based Testing Approach End-to-End functional Flow Identification of complex functionalities of app before validation Process Test strategy for different testing methods Usability Test Strategy for real device Training specific to mobile OS and Browsers Training specific to network, security and usability testing Engage the Client/Business team Reviews for Test plan, Test suite creation and Test execution