Tag Archives: app

Mobile app security: Always keep the back door locked

In the 1990s, client-server was king. The processing power of PCs and the increasing speed of networks led to more and more desktop applications, often plugging into backend middleware and corporate data sources. But those applications, and the PCs they ran on, were vulnerable to viruses and other attacks. When applications were poorly designed, they could leave sensitive data exposed.

Today, the mobile app is king. The processing power of smartphones and mobile devices based on Android, iOS, and other mobile operating systems combined with the speed of broadband cellular networks have led to more mobile applications with an old-school plan: plug into backend middleware and corporate data sources.

But these apps and the devices they run on are vulnerable… well, you get the picture. It’s déjà vu with one major difference: while most client-server applications ran within the confines of a LAN or corporate WAN, mobile apps are running outside of the confines of corporate networks and are accessing services across the public Internet. That makes mobile applications potentially huge security vulnerabilities—especially if they aren’t architected properly and configured with proper security and access controls.

Speed (to market) kills

Today we have tools like PhoneGap and Appcellerator’s Titanium platform as well as a host of other development tools for mobile platforms that resemble in many ways the integrated development tools of the client-server era (such as Visual Basic and PowerBuilder). So individual developers and small development teams can easily crank out new mobile apps that tie to Web services, hooking them to backend systems launched on Amazon at high speed.

But unfortunately, they all too often do so without considering security up front, creating the potential for exploitation. While a lot of attention has been paid to security on the device itself, the backend connection is just as, if not more, vulnerable.

If companies are lucky, like Montreal-based SkyTech Communications, those holes merely produce public embarrassment. When a computer science student at a vocational college used a freely downloaded security scanner on SkyTech’s mobile app (which allows students to access their records and register for classes), he found major security flaws in the application. These flaws allowed anyone to gain access to students’ personal information.

Small developers aren’t the only ones who can get caught by their mobile app backends. Take, for example, General Motors’ sudden leap forward with its OnStar Web API. The company was forced to accelerate a public API effort when it discovered an enterprising Chevy Volt owner had reverse-engineered its mobile application API for retrieving vehicle statistics from OnStar’s data centers for personal use. Fortunately, he wasn’t malicious. But he did build a website for other drivers to do the same—which potentially exposed personal data in the process by using those drivers’ OnStar account logins, in violation of GM’s privacy rules. The site now runs on a new, more secure API.

Keeping the client (mostly) dumb

"This sort of thing has been a problem since computers started talking to each other," said Kevin Nickels, the president and CEO of "backend as a service" provider FatFractal. To prevent these sorts of problems—or worse—developers need to address issues like security and access control early on. "Too often, developers try to address these after the fact, and not from the very beginning," Nickels explained.

One of the key elements of security design in mobile applications is making sure that the client—the phone app itself, or the browser app—does very little processing. "The general best practice is to let the code on the device do as little as possible," said Danny Boice, the co-founder and CTO of Speek, a cloud-based conference call service that works through native mobile clients and Web browsers. (Boice is also a former executive in charge of Web and mobile development for the SAT testing company, The College Board.) "There are things on a person’s phone that you can’t control. We put most of the heavy lifting off of the client, because you can control what the application sends and receives."

It’s especially important to handle all data integration with other services on the backend and not on the mobile device, says Nickels. "Ads exposed in an app, for example, could have malicious code. We recommend people do that sort of integration via the backend. That way, things coming from outside the app won’t have any access to any system resources at all."

Dan Kuykendall, Co-CEO and chief technology officer of security testing firm NT Objectives, said the less mobile apps store and process data on the client device, the better. "A lot of developers think, ‘The only traffic that’s going to come in is from my mobile app’," Kuykendall explained. "And they build logic into the mobile client"—building queries to be sent to the backend systems and processing raw data sent back. But requests from the app can easily be "sniffed" by someone who has the application on a device of their own, by malicious software on the device that might monitor outbound traffic, or by someone maliciously monitoring what comes off mobile devices. "You don’t want the app passing SQL statements back to the backend," Kuykendall said. "That’s crazy." But as he says, that’s also all too common.

The most basic bit of hardening required for mobile applications is to encrypt traffic to the backend—at a minimum, by using Secure Socket Layer (SSL) encryption. But SSL by itself isn’t enough because of the nature of how mobile devices connect. Many smartphones will automatically connect to available open Wi-Fi networks they remember, making it relatively easy to get them to connect to a rogue device that can act as an SSL proxy, decrypting and re-encrypting traffic while recording everything that passes through.  While SSL is usually a defense against attacks on browser-based sessions on PCs, some mobile apps are vulnerable because they rely on WebKit to handle SSL. WebKit doesn’t fail by default with bad certificates like those used in "man in middle" (MIM) attacks—it sends an error message to the app that a cert is bad, and lets the code decide what to do about it. In some cases, to get around errors, apps get set to accept any cert, so they’re vulnerable to MIM attacks.

"I can sit in a public place, like the mall, with a Wi-Fi Pineapple and my laptop," Kuykendall said, "and deliver real Internet access with me as a ‘man in middle’, and see the traffic coming from people’s smartphones without them knowing their smartphone is connected to me. And when apps fetch updates, I see that." Since many mobile apps fetch updates without user interaction, "the users aren’t instigating the connection—it just happens." If data pulled from a man-in-the-middle attack doesn’t have additional sorts of controls and protection, it could then be used to attack the backend systems.

Another vulnerability caused by putting too much reliance on the client is that it requires more data to be stored on the client—data that could be exploited. Even ephemeral data (information stored locally to be processed for display or to be sent to the backend and then be disposed of) is vulnerable. "It’s not so easy to get into a running app and steal stuff," Nickels said. "It’s more of an issue with a data cache or on-phone storage, using databases like SQLite. You need to obfuscate that data as best as you can, encrypt it at rest, and store things that are not easy to associate with each other."

Source: http://arstechnica.com/security/2013/02/mobile-app-security-always-keep-the-back-door-locked/

Did you like this? Share it:

Top 12 Mobile App Testing Tools

Bangalore: In the recent years, the world witnessed an immense growth in the mobile technology space with new handsets and features being made available in the market. This growth has in turn led to an increase in the demand for mobile applications. Analysts expect the mobile app downloads to increase from 30.1 billion in 2011 to 200 billion in 2016.

Mobile application stores are filled with apps from all horizons from games to business apps to entertainment. This posed a stiff competition among the developers on who can deliver the best. In order to be a competitor in this market, there is a need to produce quality apps. It is imperative to test your apps regularly as this will prevent bad feedbacks from the users.

However; without proper tools, developers as well as testers will face many problems when testing their apps. Here is an infographic created by asoprofessional.com which highlights the top 12 app testing tools.

Source: http://qa.siliconindia.com/news/Top-12-Mobile-App-Testing-Tools-nid-137691.html

Did you like this? Share it:

Mobile App Testing – An Overview

Mobile app testing as an entity and a profession is relatively new in the field of Information Technology. Some people perceive mobile app testing as just an extension of traditional software testing, while others see it as an entirely new concept. While, the concept, and for that matter ‘mobile devices’ are new; from purely a testing perspective, there is one statement that rings true, and that is “good software testing principles can be applied to any software, regardless of the platform.”

The experience required to adequately test a mobile app can be significantly reduced if the tester has experience testing other forms of software. Once the tester understands the new processes involved in mobile apps, then they should be able to quickly be in a position to test a mobile app with confidence. For someone new to the field of software testing who wishes to start their career in mobile app testing, then this is not advisable, as key software testing principles can be easily overlooked by the way that the software is presented in a mobile format.

Mobile apps normally fall into two categories, either they are professionally developed for a specific purpose with a clear business goal in mind, or they are developed for fun, often the latter is developed by a single person. Testing of any application is critical and I won’t go into the reasons here, but it is clear that with the vast amount of mobile apps out there and in development, if the quality is poor it will not be a success….fact!

All apps need to be tested, and while a developer may think that they can effectively test their own work, nothing can replace the effectiveness of a professional tester’s expertise. Software companies who have developed their app may choose to test the app themselves (in-house) or choose to pay a professional outsourced mobile app testing company.  Often the decision to outsource the testing is made easier due to compatibility issues. While an iPhone app can be tested on a handful of Apple devices, it is virtually impossible to do the same with Android devices, which is why they predominantly choose to outsource to a testing company that holds a wide selection of Apple and Android devices.

A mobile app tester is considered to be a niche role at this moment in time. As mobile apps are the fastest growing form of software development, the niche will disappear and be replaced by a dedicated industry. While some perceive a split between traditional software testing and mobile app testing, there is no evidence to support this and the two entities will undoubtedly remain tied together, and rightfully so.

The importance of software testing has risen in recent years, and this is now reflected in the world of mobile app testing. These testers effectively hold the key to an app’s success, and ultimately the success of the business or person who developed it.

source: http://www.testing4success.com/t4sblog/mobile-app-testing-an-overview/

Did you like this? Share it:

Why Your Business Needs Software Testing Solutions

More and more businesses rely on complex software applications for the efficient and successful running of their organisations. This heavy reliance on software for everything from databases, project management and sales to software applications, which are entirely Internet based with hundreds and sometimes thousands of people using the applications at the same time. This increased reliance on software for most, if not all business functions, means that it is imperative that it is tested thoroughly to ensure that whatever software you rely on is adequate for the demands of your day-to-day operations.

Downtime is not an option as this can lead to the loss of thousands if not millions in terms of lost revenue depending on the size of your business. In addition, the increase in business reliance on IT solutions over time has lead to an increase in malicious hackers trying to break into companies computer systems. The increase in security of these systems has meant that today, many hackers turn to the application layer. According to technology research giant Gartner, the application layer accounts for up to 90 per cent of all vulnerability when it comes to malicious threats to business. Software testing can identify potential threats. Software testing tools such as those made by Veracode, help to identify such threats in the code of your software.

What Is Involved
Software testing involves running the software through a series of tests in order to identify any bugs or system defects. This is called regression testing. Software testing can not only enable you to find bugs in applications, but it can also help you to identify what could go wrong so that you can then implement ways of stopping things from going wrong. Software testing can also ensure the following:

* That the software meets the needs of the users.
* That the software works as it was intended to work.
* That the software can be applied with the same characteristics as it was intended for in the design process.

Example Product
There are a number of software testing products on the market, which claim to help you improve the quality of your software, and enhancing your productivity levels. HP Quicktest Professional or HP QTP provides automated regression testing for software and forms a part of the HP Quality Centre Tool Suite. This software-testing tool is currently the market leader, but there are a few others on the market such as Veracode Tools and there are also some open source software testing tools available.

The HP Quicktest Professional application claims to provide a unique approach to automated testing. The software boats keyword driven tests which simplify the creation of tests and the maintenance of those tests so much so that your IT team can easily integrate it into their functions with minimal training. Clearly, this would allow any quality control team members within IT departments to quickly and easily identify bugs and to simply document and replicate any regressions and communicate them to the developer team. This allows for bugs to be fixed faster and more efficiently. Obviously, this would then allow for optimal functionality across all departments, data sets and business processes, improving efficiency and helping to maintain security.

Source:http://www.tipsblogger.com/2012/06/why-your-business-needs-software-testing-solutions/

Did you like this? Share it:

Enterprises get serious about mobile app testing

With mobility now a necessity, the software testing space is now making accommodations to ensure enterprises can extend their applications to run on devices, according to an analyst report being released on Tuesday.

Voke’s Market Mover Array Report on software testing platforms says an explosion of mobile testing companies focusing on enterprise applications is a “clear indicator of the enterprise’s need to deliver quality software to a plethora of mobile devices.” Mobile testing vendors, the report states, will ultimately be acquired by traditional testing vendors. But for now, innovation “must be allowed to flourish.” Keynote Systems’ acquisition of DeviceAnywhere last fall represents this shift in the market; meanwhile, innovation in mobile testing also is occurring from companies including Experitest, Parasoft, Perfecto Mobile, and Soasta, according to the report.

“What we’re seeing [with mobile applications] is every organization now has to have some sort of mobile strategy, and that mobile strategy has to already fit in with what they’re doing with their existing apps,” said analyst Theresa Lanowitz, a co-author of the report and founder of Voke. “There’s very little tolerance for a mobile application that does not work from a functional perspective as well as from a performance perspective.” Software testers, she said, really need to look for commercially available tools to manage “that complex grid of what they’re going to test.”

Mobile application testing is becoming more commonplace and has been moving to the cloud, she said. Keynote DeviceAnywhere’s Test Center Developer, for example, provides online access to any mobile device, network, and operating system worldwide. Perfecto Mobile has a similar SaaS (Software-as-a-Service) platform with its MobileCloud platform.

Overall, software testing has to be done earlier in the application development lifecycle, to make sure defects do not leave the development phase, Lanowitz said. Companies like Electric Cloud and Microsoft are offering capabilities to apprise developers of what exactly is going on with their software builds.

Voke’s report found the software testing market “currently in a renaissance,” in terms of testing professionals and vendor innovation. Market leaders could face challenges from innovators tackling emerging technology like the cloud, mobile, device software, and infrastructure as well from innovations delivering simple solutions to classic and age-old problems by leveraging virtualization. Vendors solving problems of entrenched testing tools also could pose a challenge.

Source:http://www.computerworld.com/s/article/9227751/Enterprises_

get_serious_about_mobile_app_testing?source=CTWNLE_nlt_app_2012-06-07&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A

+computerworld%2Fs%2Ffeed%2Ftopic%2F11+%28Computerworld+App+

Development+News%29

Did you like this? Share it:

Enterprises get serious about mobile app testing

With mobility now a necessity, the software testing space is now making accommodations to ensure enterprises can extend their applications to run on devices, according to an analyst report being released on Tuesday.

Voke’s Market Mover Array Report on software testing platforms says an explosion of mobile testing companies focusing on enterprise applications is a "clear indicator of the enterprise’s need to deliver quality software to a plethora of mobile devices." Mobile testing vendors, the report states, will ultimately be acquired by traditional testing vendors. But for now, innovation "must be allowed to flourish." Keynote Systems’ acquisition of DeviceAnywhere last fall represents this shift in the market; meanwhile, innovation in mobile testing also is occurring from companies including Experitest, Parasoft, Perfecto Mobile, and Soasta, according to the report.

"What we’re seeing [with mobile applications] is every organization now has to have some sort of mobile strategy, and that mobile strategy has to already fit in with what they’re doing with their existing apps," said analyst Theresa Lanowitz, a co-author of the report and founder of Voke. "There’s very little tolerance for a mobile application that does not work from a functional perspective as well as from a performance perspective." Software testers, she said, really need to look for commercially available tools to manage "that complex grid of what they’re going to test."

Mobile application testing is becoming more commonplace and has been moving to the cloud, she said. Keynote DeviceAnywhere’s Test Center Developer, for example, provides online access to any mobile device, network, and operating system worldwide. Perfecto Mobile has a similar SaaS platform with its MobileCloud platform.

Overall, software testing has to be done earlier in the application development lifecycle, to make sure defects do not leave the development phase, Lanowitz said. Companies like Electric Cloud and Microsoft are offering capabilities to apprise developers of what exactly is going on with their software builds.

Voke’s report found the software testing market "currently in a renaissance," in terms of testing professionals and vendor innovation. Market leaders could face challenges from innovators tackling emerging technology like the cloud, mobile, device software, and infrastructure, as well from innovations delivering simple solutions to classic and age-old problems by leveraging virtualization. Vendors solving problems of entrenched testing tools also could pose a challenge.

Source:http://www.infoworld.com/d/application-development/enterprises-get-serious-about-mobile-app-testing-194814

Did you like this? Share it:

Five Steps to Managing Third-Party Application Security Risk

How secure is your 3rd party code? What are the major security vulnerabilities present in SDLC today?

Can you trust that the code delivered to you was tested for security risks? 3rd-Parties are the Achilles’ Heel in the Software Supply Chain. 40% of all software submitted at the request of large Enterprises is from third parties, but very little security testing is ever performed on this software.

This whitepaper outlines a five step process that enterprises can apply to their third-party application portfolio to gain visibility into their security state and make informed purchase, integration, deployment and maintenance decisions. From software risk assessments to embedding specific contract language into procurement contracts, these key steps provide guidance that enterprises can swiftly implement to simply and cost-effectively meet regulatory requirements, establish a third-party governance framework and protect their critical assets.

Read More:

http://www.informationweek.com/whitepaper/Security/Application-Security/five-steps-to-managing-third-party-application-sec-wp1337796521?articleID=191704892&itc=SBX_iwk_fture_wp_Security_security

Did you like this? Share it:

Test leaders reveal Google’s approach to testing software

Technologies continue to evolve, but does the way we test software change? Leaders at Google, a company known for its innovation, have broken the mold and their unique test strategies are revealed in the new book, How Google Tests Software. Authors James Whittaker, Jason Arbon and Jeff Carollo discuss the book and what readers can learn from Google’s approach to testing software.

SSQ: You mention in the introduction that Microsoft also has a book about how they test software, but “the approaches to testing couldn’t be more different.” Can you highlight some of the major differences?

James Whittaker/Jason Arbon/Jeff Carollo: At Google, testing is owned by everyone on the development team. Developers have to take responsibility for their unit tests and testers take responsibility for making developers productive testers. It’s not a dev-test model; everyone is a tester at Google.

SSQ: Are many of the differences in test processes that you describe only for Web-based test efforts or do you recommend them universally for all types of software testing efforts?

Whittaker/Arbon/Carollo: At the end of the day, all software does only four things: accept input, produce output, store data and perform computation. Thus, many of the things in the book speak to this general problem and thus apply universally. Google may be known as a Web company, but Chrome is a client app, Android is an OS, App Engine is a platform…Google test processes have to span the gamut. That said, Web testing is a large part of the Google mission and in many ways the Web makes testing easier: We can deploy fixes instantaneously, we can test in production, we can utilize crowd source testing to great effect. The Web is a special case but it is still basically the same testing problems and lessons in testing that apply universally.

SSQ: You recommend that testers learn to code and that developers learn to test and that the functions of development and test are both performed by each engineer. This works if you hire people with both of these skills, but if a team is transitioning, how do you deal with testers that don’t have the aptitude or interest in coding?

Whittaker/Arbon/Carollo: Their role is limited. A single manual tester acting like a user is likely to be much less effective than a tester who can also apply their skill using automation. Coding isn’t that hard to learn and testers should actively want to expand their impact. That’s what careers are made of!

SSQ: You say, “The first piece of advice I give people when they ask for the keys to our success: Don’t hire too many testers.” However, shouldn’t that be, ‘Don’t hire too many dedicated testers?’  It seems the real key is to hire people who can perform both development and test functions. Would you agree? If so, how do you assess this in your hiring process?

Whittaker/Arbon/Carollo: In the old days, Chrome had a dedicated team of manual testers. The cost to the company was astronomical. They found lots of bugs pretending to be users and soon enough the dev team got used to relying on them. In the end, it just made developers lazier and helped them write more bugs. When developers were given the tools to perform self-service testing (described in the book) they wrote fewer bugs and we needed fewer testers. When internal dog food users were given better bug reporting tools (also described in the book) they found more and better bugs than the manual testers and were much cheaper. A combination of automation and crowdsourced testers keeps the costs of testing software down.

Read More:

http://searchsoftwarequality.techtarget.com/news/2240150801/James-Whittaker-and-other-test-leaders-reveal-Googles-approach-to-testing-software

Did you like this? Share it:

Adventures in Mobile-Payment App Field Testing

Since I began reporting and writing about the payments industry in late 2007, I’ve come across what seems like an infinite number of products and services that either fall flat on their face shortly after launch, slowly gain traction over a number of months or skyrocket to immediate success. Tabbedout, which is a mobile-payment application intended for the hospitality sector, falls somewhere between the latter two outcomes I described.

The idea behind Tabbedout is simple. You link a credit or debit card to the app, which you then can use to pay your bill at a participating bar or restaurant. When you open a tab on the app, you receive a unique code to give the server or bartender so they can track your order through the corresponding software on the merchant’s point-of-sale system. At the end of night when it’s time to leave, you simply press a button to pay your tab. That’s it. No waiting around a busy bar and fending off others to get the bartender’s attention to pay your bill. But what sounds good on paper does not always work in real-world situations.

A couple of weeks ago, three Mercator analysts, our friends and me decided to test Tabbedout in Cambridge, Mass. at Charlie’s Kitchen, which is a stone’s throw away from Harvard University. Our mission was to test Tabbedout’s limits. We learned at the end of the night that the merchant might have a large part in how successful any mobile-payment application can become in the long-term.

Trouble immediately greeted us when we arrived on a Friday night after work. When I told the server I intended to pay my portion of the bill with Tabbedout, she was unfamiliar with the app. Only one staff member really understood how it worked. And that’s something Tabbedout recognizes as a problem.

“We know staff turnover at these places is high,” Arturo Coto, Tabbedout’s vice president of marketing, told me in an interview.

Tabbedout created an online learning management system that bar and restaurant staffers can access through Facebook. The company also is engaged with the establishment throughout the entire implementation process through phone calls and site visits.

Coto also noted one challenge Tabbedout faces is in its own market-by-market penetration strategy. For example, Tabbedout users in cities such as Portland, Seattle and Austin, Texas have little to no problems using the app because many merchants in the area accept it as a payment option and are familiar with it.When Tabbedout has multiple bars and restaurants in one city accepting the app as payment, “the consumer experience is much better,” Coto said.

In the Boston area, only Charlie’s Kitchen and Red Lantern, a sushi restaurant, accept Tabbedout. Coto anticipates in the next year that more merchants in Boston and the city’s immediate surrounding areas such as Cambridge will accept Tabbedout. “That will help lower the problems you faced,” he said.

Back to the experiment, which got a bit more rocky as the night went on.

Once my server returned after asking someone behind the bar about Tabbedout, she told me we could try it out and see what happened at the end of the night. I proceeded to give her the unique code so she could keep track of my order. But no items were ever entered into the system.

We learned this when David Kaminsky, an analyst for the Emerging Technologies practice, tried to join my tab, which the app enables you to do. He could not, which meant my items, and really the everyone’s in general, were not put into Tabbout’s corresponding register software. Had the process worked as it was intended, Kaminsky at the end of the night could have paid his portion of the bill from my tab from his phone.

At some point during the night, I noticed my tab timed out on the app because no items were added. Tabbedout does this as a security measure, Coto said.

Read More:

http://www.paymentsjournal.com/Content/Blogs/Mercator_Blog/11747/

Did you like this? Share it:

Mobile Application Testing: Should The Device Matter?

At the STAR EAST conference this year, mobile solutions saturated the vendor exhibition area. It’s no wonder that mobile application testing is the hot in the testing community right now. Testers are now faced with the task of testing mobile versions of their applications and figuring out how to adapt to the new paradigm (and challenges) mobile applications bring. It’s not as if they didn’t have enough to test already, right?

After listening to some of the conversations around mobile and seeing some interesting questions being raised, I’m wondering if this has become more difficult than it should be. A common question I hear is “How do I figure out how to test all of these different devices with various screen sizes by different manufacturers with a different OS on each?”  A quick look at the market reveals at least four major operating systems (Apple, Android, Windows, and Blackberry), with multiple versions for an untold number of devices for each.  I think every tester would agree, automation is a must.

So, should the device matter? For years we have been testing applications on various laptops, desktops, and servers without regard to the model, size, or parts inside. Aren’t we just replacing the PC with a mobile device? The reason I could see the specific device playing a key role today has to do with the way automation is being accomplished – namely through bitmap recognition and/or OCR technologies. These technologies are useful, and serve their purpose for building automated test scripts. However, when screen sizes change (i.e. iPhone to iPad), this breaks the scripts. Worse case, multiple versions of the script need to be in place to accommodate different devices.

As an HP reseller, we’re focused on the automation capabilities of HP’s Unified Functional Test, which includes QuickTest Pro and Service Test. There are a few add-ins that can be purchased to add mobile automation. They include ZAP-fiX, DeviceAnywhere, and Perfecto Mobile. All of these handle automation using bitmap recognition and/or OCR. They also currently require the device to be jail broken (iPhone) or rooted (Android) to start testing. This causes a major dilemma for the QA Manager committed to quality. How can you start with a fundamental change to the OS code? It’s a hack, which means it is an undocumented change to the release being tested that does not reflect the production end user build (unless they have the exact jailbreak too) with no control over that changed code. Nevertheless, testing must get done.

What if there was one solution that approached this problem a little differently? JAMO Solutions provides code that is integrated into the application as it is delivered to the device. This code allows for object recognition so that an automation product like QuickTest Pro can “hook” into the application and see all of the objects, their name, and many other properties. Why is that important? Now we have access to all the objects of the application various known properties that bitmap recognition methods could never be aware of (like hidden objects that might still need some form of verification). Scripts won’t break due to screen size because the object’s property is still the same. This means the OS matters, but the device doesn’t. If the device supports the OS, then the script will still work even when the device changes. This is much like how testers approach web based application test automation. They are not concerned whether they are testing against a Dell desktop, a Lenovo laptop, or an HP Proliant server. They obviously do care with regards to if the OS is Windows 2008, Windows XP, or Red Hat Linux.  However, if the OS supports the test case, that is what matters.

The leadership team at Northway Solutions Group spent a great deal of time and research in determining what type of partner we wanted for mobile testing solutions. Jamo Solutions was the obvious choice.  Offering JAMO as our mobile automation solution exemplifies our commitment to meeting the ever increasing needs in the Software Quality Management marketplace. It allows us to talk to our existing customers who already use HP’s QuickTest Professional and help them understand how they can extend its use into mobile applications in a pretty seamless fashion. It doesn’t require they rethink how they test applications today, so they can use the same approach, and the code for the OS is exactly the same in production.

What do you think? Should the device matter? Why or why not? We look forward to your comments.

Source:

http://northwaysolutions.com/our-work/blog/2012/05/mobile-application-testing-should-the-device-matter/

Did you like this? Share it: