Mobile Banking Common Pitfalls and How to avoid them

gatecircleMobile - Wireless

Dec 10, 2013 (3 years and 8 months ago)

85 views

Mobile Banking


Common Pitfalls and
How to avoid them

Sanjeeb Singh

Yogita Sachdeva




Infosys Limited (NASDAQ: INFY)

Abstract

With

the

advent

of

technology,

there

is

an

exponential

growth

in

the

technologies

concerning

Mobile

Devices
.

Mobile

banking

space

is

seeing

more

traction

here

and

with

all

the

payments

and

security

involved

the

testing

of

mobile

banking

application

has

become

even

more

critical
.

Mobile

banking

QA

not

only

relies

upon

functionality

but

usability,

security,

network

and

performance

are

also

paramount

and

need

to

be

tested

properly
.

Majority

of

our

clients

are

over

the

Globe

and

validating

a

banking

transaction

across

Global

carriers

bring

a

challenge

of

positioning

QA

professionals

globally
.

This

challenge

gets

multi

folded

when

the

roll

out

happens

on

varied

devices
.

Cost

is

ever

green

component

to

be

optimized
.

In

such

a

scenario,

demand

arises

for

looking

at

certain

mechanisms

which

can

ensure

the

completeness

and

coverage

of

mobile

banking

QA

on

each

handset

globally

with

optimized

cost
.



This

paper

will

talk

about

these

challenges

in

details

from

all

the

dimensions

related

to

mobile

banking

which

make

it

so

complicated
.



Critical

transactional

scenarios

in

banking

specifically

in

treasury

and

payments



Types

of

Mobile

banking

QA

which

can

be

and

can’t

done

by

remote

testing

technique



How

important

it

is

to

understand

end

user

dynamics




Network

and

Security

challenges

for

mobile

banking

app



Performance

Challenges

for

mobile

banking

2

Abstract (Contd..)

Also,

this

paper

will

cover

certain

proven

practices

and

techniques

which

help

to

overcome

the

challenges



Proven

device

sampling

techniques

which

will

ensure

the

complete

coverage

for

mobile

banking

QA

team



Cost

optimization

techniques


Remote

testing

techniques



What

NOT

to

Automate

and

Why


Network

parametric

testing

techniques


This

research

paper

is

completely

based

on

the

experiences

and

learning’s

across

various

reputed

banks

and

as

an

outcome

of

this,

participants

will

be

benefitted

in

getting

to

know

a

good

picture

of

challenges

in

Mobile

Banking

QA

and

the

relevant

solutions
.


3

Outline of the Paper

1.
Mobile Banking Evolution

2.
Mobile
Banking Services

3.
Mobile
Banking
Domain

4.
Mobility Transaction Flow

5.
Mobile
Banking Testing Method

6.
Complexities
involved in Mobile Banking QA

7.
Challenges
involved in Mobile Banking
QA

8.
Common Mistakes in Mobile Banking QA
-

Our Experience

1.
Scenario 1 : Our experience in Remote Based Testing

2.
Scenario 2 : Our experience in Security Testing

3.
Scenario 3 : Our experience in Network Testing

4.
Scenario 4 : Our experience in Localization Testing

5.
Scenario 5 : Our experience in Desktop and Real Device Testing

6.
Scenario 6 : Our experience in Emulator Testing

9.
Recommendations

4

Mobile Banking Evolution


Radical change in end user’s technology exposure are forcing organizations to
embrace new technologies and transform their businesses into tech
-
savvy platforms


Banking and Financial services are also embracing Mobility big time


Gradual Evolution of Banking from branch banking to SMS banking to Mobile Banking
with emerging technologies.









Mobile

Banking

with

browser
-
based

and

native

applications

gaining

momentum


Intuitive

Mobile

Banking

apps

for

IPhone,

Ipad

and

Prominent

Android

Devices

are

launched

by

global

banks
.

5

Branch Banking

Automated Teller
Machine (ATM)

Internet Banking

SMS
-
Based Banking

IVR
-
Based Banking

Mobile Banking

Mobile Banking Services

6



Stock Trading


Global Payment for
business transaction


Remote Deposit
Check


Advertising and
Brand Building


Social Networking


News and Update


Bill Payment


Third Party
Payment


Account Transfer


Balance
Information


Monthly Statement


Transaction History



Alerts and
Updates

Information
Based Services

Transaction
Based Services

mCommerce

Multimedia
Apps

Services in Mobile Banking



SMS Banking


Mobile Web Banking


Native App Banking


A2P Messaging


Location Based
Services


Near Field
Communication


Remote Deposit
Check


Augmented Reality

Mobile Banking Domain

7

Domain

Services Mobile enabled

Example

Cards &
Payment

Monthly Statement

Viewing and downloading the card statement on mobile device.
Checking the account history.

Payments

Making card payment through widget app or lately through NFC

Reporting & account activity

Setting up the alert for threshold on account activity and receiving them
through SMS.

Capital
Market

Trade placement

Place order for new trades through iPhone app

Real time Stock quote

Getting the real time stock quote from the market through mobile app

Personalized alerts for security prices
and notifications

Trading app notifying the users through push notification on pre
-
set
prices for making trade decision. Such trade app is provided for Android,
iPhone, and Windows phone and easy to download and use.

Consumer
Banking

Deposits and Withdrawal

Making deposit through SMS based services or WAP applications.

Account Info and Reporting

Directly checking account history on iPhone bank app, download the
account statement on your device. Also checking the account balance
through app or SMS based services.

Payment and Transfer

Making mobile payment through SMS based services or WAP app. NFC is
also becoming popular.

Mobility Transaction Flow

8

Internet

Carrier Network

Mobile Device

Native Apps

Web Apps

Network

Web Apps

Native Apps

Internet

Network

Server Side

Carrier Network

Base Transceiver

Mobile Banking Testing Method

9

Testing Method

Advantage

Disadvantage

Real Device


Pro癩摥猠s硰o獵re 瑯 摥癩捥 汩浩瑡瑩t湳
⡭(浯特, 灥牦o牭a湣攬n畳a扩汩t礩y


周e 灥牦o牭a湣攠o映瑨e 湥瑷n牫 e汥浥湴m ⼠
nodes with the newly implemented
application is validated for any bottle necks.


E硰e湳楶e a湤n湯琠捯獴s
effe捴楶e a汷a祳


䍡湮o琠re捯r搠瑨e 灲o瑯捯汳


Device diversity

Remote Method


E汥条g琠獯s畴楯渠瑨a琠捡渠ne 捯湮e捴c搠e楴桥爠
瑯 瑨e 汩ve 湥瑷n牫猠o爠獩浵污瑥l 湥瑷n牫


Ability to record a test for subsequent replay


Expensive


䑥癩捥 摩ve牳楴礠

Emulator


兵楣欠fo爠楮楴楡氠fun捴楯湡氠va汩la瑩tn a晴e爠
app development


䍯獴Ceffe捴楶e, fa獴⁡s搠數瑥湳楶e wa礠o映
va汩摡瑩湧d瑨e a灰汩捡瑩tn


䍡灴畲e a湤nre灬a礠獣y湡物r猠ava楬a扩汩瑩t献
Easier for diagnostic tool to analyze issues.


䕸慣E 扥hav楯爠楮irea氠瑩te
scenario will not be known


Fea瑵re猠汩浩瑡瑩t湳


卩湣攠楴i牵湳 o渠摥獫瑯瀠体,
E浵污瑯牳lare fa獴敲s瑨a渠
the normal processing

Complexities involved in Mobile Banking QA

10


Complexities
in Mobile
Banking QA

Domain

Technical


Operational

Complexities in Mobile Banking QA


Technical


SOA

Architecture


SMS

Based,

WAP,

LBS,

NFC,

RDC



Domain


3rd
party payment
systems


Rate systems


Payment
& reporting
engines



Operational


Development
and Testing
environment
setup


Procurement
of devices with
different
network carriers

Challenges involved in Mobile Banking QA

11

Challenges in Mobile Banking QA



Screen Size


Smallest Size(128 * 128)


Largest Size(1024 * 768)



Operating Systems


Android, IoS,
Windows Mobile, RIM BB


User Interface


Touch/Keypad, Track
pad/Trackball


Browsers


Android, Safari, RIM BB, IE


Geography
-

Different carriers


Network Access and Performance


Wi
-
Fi, 2G, 3G


Frequent upgrades
-

OS versions, App
versions


Skills
-

Immature mobile Skill Market


Alliance Change


Nokia alliance with
Windows.

Challenges @
Mobile Banking
QA

Screen Size

Operating
Systems

User Interface

Browsers

Geography &
Carriers

Network
Access and
Performance

Security Risk

Upgrades

Skills

Alliance Change

Scenario 1 : Our experience in Remote Based Testing

12

Remote
Based Testing
-

a) Security Challenge while doing validation for banking
application through remote based devices. Many a times QA tester acquire the device,
login with the requisite credentials into the app and release the device without logout. In
such cases, the other user can acquire the device and use the same session.


b
) Also using remote based testing method for network and precise usability validation.





Mistake







卥獳楯渠䱯杩渠慮a潧潵o 睩瑨潵琠


proper sign
-
out


For usability and Network testing

Solution


Te獴s却S慴敧a

景爠牥浯瑥f瑥t瑩湧


T牡楮r湧⁦潲⁒ m潴o 瑥t瑩湧 瑨潤


Test Execution checklist include login
and logout procedure.

Scenario 2 : Our experience in Security Testing

13

One
-
time password (OTP) is the latest tool by the financial and banking service providers
to fight against the mobile fraud. OTP is send to the customer through SMS whenever
they want to perform critical transactions and the password is expired once used or after
a designated life
-
cycle

Sometimes QA team can fail to capture some of the critical real time scenarios associated
with OTP during the test case preparation
activity

Mistake






a)
Missed validating if the OTP can be
used more than once for critical
transaction.

b)
Missed validating if the OTP is still
active after the scheduled life
-
cycle.

Solution


Strong guidelines and Strong

KM on
Security Testing


䕸pe物r湣ed⁡湤 m慴a牥搠允⁩渠
卥捵物瑹rTe獴楮s


D楳捵獳楯渠睩瑨 瑨e 捬楥湴 瑯⁩de湴楦i
all possible real time scenarios


TC Prep Checklist to include such
scenarios

Scenario 3 : Our experience in Network Testing

14

Mobile
QA validated the impact of network hop on critical transaction with only one type
of network switch (say GPRS to
Wi
-
Fi).
The impact of network variability may be different
for network hop between different networks.

Also
doing the validation only with a single network carrier.

Mistake







Failing to identify the impact on transaction if
any other type of network switch can occur.


Limiting the testing to only one type of
network switch


Limiting the testing with a single network
carrier

Solution


Network Simulation

Tool


Different Network Bandwidth


App behavior

and impact at different network
condition to be analyzed


Experience mobile QA in Network Variability
Testing


Discussion with the client/business to identify
the real time scenarios and getting a sign off
on the transactions


Analyze the support required for testing
complex scenarios in advance and ensure the
availability before testing starts

Scenario 4 : Our experience in Localization Testing

15

Localization Failure
-

Spanish banking user receives English SMS with transaction related
info rendering it useless for him. The application supposed to be launched in multiple
geography with the local languages get extensive validation for selected few languages
only(assuming it will work for other local languages as well
).

Mistake







Failed to validate the application in

all the
requisite local language


Test

Strategy incomplete

Solution


Complete Test strategy for localization
testing for mobile


Strong mobile QA in localization Testing


Scope of testing should clearly highlight
the languages for which the application
will be validated


Specific training/exposure to the
languages involved in validation improves
the speed and quality of testing

Scenario 5 : Our experience in Desktop and Real Device Testing

16

Validating the application features of the desktop instead on the actual device.

User got an upgraded version of android app on his device but found some broken link
and image distortion.


Mistake







Features Validated on Desktop


With the size and content display constraint
of the mobile devices, the usability for an app
will be completely different on mobile devices
and has to be validated properly.

Solution


Optimize the test strategy to reduce the time
and cost only up to the extent where the
usability is not comprised


Automate the regression suite to optimize the
cost and time


Good Expertise on Real Mobile

Device Testing


Proper Real Device available

for testing



Test execution reviews to be conducted to
ensure the tester tests the features as
expected

Scenario 6 : Our experience in Emulator Testing

17

Assuming that using the emulator, one can validate functional, security, usability, performance aspects
of the application is a myth. Though one can cover lot of functional aspect through emulators, the test
strategy can’t be built completely on emulator. It cannot validate the usability and performance of the
application. Also one cannot rely on emulator for validating the transfers and payment features of m
-
banking solution due to security concerns.

Mistake







Validation of usability and security aspects of
banking app


Test Strategy built only upon Emulator

Solution


Identification of different emulators for
proper test coverage


Identification of the test types to be covered
using emulator


Test strategy to clearly include details on how
different types of testing will be covered


Desktop availability and requisite
configuration for Emulator so that the QA
personnel can download them for application
validation


Emulator specific training to the mobile QA
group

Recommendations

18

Technical


Early Life Cycle Validation


䝯潤G䑥癩捥c卡浰li湧

t散e湩q略u


Limited Testing with Emulator


Mobile Automation


Network Testing Tools and landscape


Ri獫⁂慳敤aT敳ei湧n䅰pr潡捨


End
-
to
-
End functional Flow


Identification of complex functionalities
of app before validation

Process


Test strategy for different testing
methods


Usability Test Strategy for real device


Tr慩ai湧⁳p散e晩挠t漠浯mil攠体⁡湤
Br潷獥牳


Training specific to network, security
and usability testing


Engage the Client/Business team


R敶e敷猠f潲oT敳e pl慮ⰠT敳e 獵it攠
捲敡瑩潮 慮a T敳e 數散eti潮

References


Infosys project experience


Infosys
resources (www.infosys.com)


Q&A:

Sanjeeb_Singh@infosys.com
,

yogita_s@infosys.com



20