One of the critical phases in building your corporate mobile app is testing. If we consider the fact that your app will end up being installed on users’ smartphones – their own or those given to them by the company they work for – it is understandable that this must be a very detailed and accurate process, covering every potential vulnerability or bug.
Your mobile app is a part of your corporate identity. It becomes associated with your brand by users and therefore any kind of negative effect this app may have on people’s data protection or online security will be reflected on your company as a whole.
Simply put, your organization is liable for every virus, data theft or device hacking which occurs via your mobile app. Of course, there is no way in which you can offer your users a 100% guarantee that your app is safe from any kind of present or future threat. What you can do is to plan and oversee the testing process so that it is very thorough and touches all the critical aspects connected to the security, usability and functionality of your app.
The guidelines we are about to present reflect the most important aspects which your mobile app testing must include:
1. Encryption and Authentication Testing
The number one rule in performing these tests is to assume nothing. Do not assume the server is secure and the data transfer will always run smoothly and seamlessly. Do not assume that users will conscientiously perform a logout at the end of each session.
Hackers are lying in wait looking exactly for these apparently small oversights – the smallest glitch in the process offering them a backdoor to gain control over a mobile app and the device it is installed on. In this phase of testing, several scenarios must be simulated, such as:
- multiple users on the same device;
- incomplete data transfer – what happens to the data packages in case of network and power failure;
- open login sessions for an extended period of time;
- inadvertent accessing of administrator privileges by non-technical inclined users.
2. Device Range Testing
While iPhones are confined to a manageable number of versions, Android phones are in a huge variety. This variety is expressed in terms of brand, screen size and resolution, processor, RAM size, internal storage, graphics and audio capabilities. There are large varieties even among the same family of products (from the entry level to the premium models of the same brand).
However, a professionally developed mobile app should deliver consistent performance throughout all these ranges of products (excluding, of course, obsolete or out of production models). This compatibility is achieved by consistent testing for various hardware settings.
3. User Experience Testing
In this series of tests, you should identify the vulnerable or non-ergonomic parts of your apps. Can a user inadvertently place an order by randomly tapping on the screen? Are the login and logout buttons easily reachable even for one hand use? Are error messages clearly displayed and easily understandable? At any moment, and in any potential scenario, the user must be able to revoke an action (such as a payment) before it is completed and to know why the app behaves in an unexpected manner (insufficient storage space, no data network available, low battery, etc.).
4. Interference with Other Smartphone Functions
What happens if a user gets a phone call or a text message while using your app? Does the session remain active, running in the background and the user can return to your app as soon as the conversation or reading of the text is finished? Is the user required to log out? Does the app perform an automatic logout?
You must remember that no matter how much your users love your apps, the primary phone functions (calls, messages) have the top priority. Therefore the app should be tested until it is proven that it offers a secure and fast option for the user to leave it and tap to answer the call or read the text.
5. Install/Uninstall and Updates Testing
This series of tests must take into account several aspects, such as what happens if the user runs an older version of the mobile OS, what happens to active login sessions during updates, whether installation will resume after power or data network loss or if the user is prompted to begin the process again, and whether there are any notable crashes on low-end hardware configurations. In case of uninstalls, the main concerns are checking that all the files associated with the app are completely deleted from the device and that any link between the device and the cloud storage is completely interrupted.