Category Archives: Mobile App Testing

Sandeep Tuppad’s View & Experience On Mobile Application Security Testing

The smart phones and the availability of the connectivity has simplified many things in our lives. Whether it’s about navigating the streets or connecting with our friends and family or mobile banking or paying bills or booking movie tickets online. There is absolutely no limit. However it has also made the smart phone users and the service providers vulnerable to the security threats. It could be threat to finance or private information. So smart phone users and app developers need to be smarter to minimize the risks. However, most smart phone users are not tech savvy and even if they are they may be blissfully unaware. In such a scenario the onus is on the app developer and app security testers to ensure security. Why do I say minimize? Because there are few smartest people out there who can hack into almost any software/hardware. The mobile devices which capture

Data Theft - Web App Security Testing

Data Theft – Mobile App Security Testing

most of the market are android and iOS. Other smaller players are Windows and Black Berry. Each platform is vulnerable, some more and others less compared to other. Open source platform android is more vulnerable compared to iOS as android app and OS internals are available to be understood. I also believe the app framework of android is naturally more vulnerable for exploitation by hacker.

There are two players who can be impacted by the security of the app.
1) App “User” –
The user of the app running it on a mobile device or tablet.
2) App “Service Provider” or “Business” –
The app provider such as WhatsApp, Bank providing online services to users, online Food ordering app etc. These can be Business or non-paid service providers running the servers to serve the customers using their apps.

There are two other players who need to ensure the security of the app.
3) App “Developer” – The one who develops the app for a service provider or business
4) App “Security Tester” – The one who tests the app for its intended use and vulnerabilities. Often hired by the service provider.

Security from App Users perspective:
The Apps in which the user credentials and private information is stored on device or on the server which an unintended person can get access by some means. It can be user’s login credentials, credit card/debit card details for an online shopping or user’s private conversation as in case of a social networking app or any other user specific details at more technical level which can be used by imposter commit a fraud or harm. These are just a few examples and not limited to that.

Security from App Service Provider or Business perspective:
When the app user himself/herself attempts to exploit the vulnerabilities which can harm the app service provider or business. Imagine the app is to make online shopping. The reward points are granted based on users buying habits. What if the app user is able to modify the reward points by exploiting the app’s vulnerability? This would cause loss to business. What if an app user is able to get access and modify to other users data which he/she not intended to access. This can cause great damage to the service provider in terms of credibility.

There is also a possibility wherein the app developer himself/herself has added malicious code to eavesdrop and steal sensitive data. It could be your contacts list, messages, location details, call log or anything private and confidential.

In my experience following are some of the many areas where app could be vulnerable if not implemented with security in place.

Area What’s the risk? Incidents I have come across?
Device Logs It’s possible that during the development stages of the app various sensitive details which are directly or indirectly a risk may be printed to console or to some log files. But developer may forget to eliminate and they slip into production app. Credit card details being logged.
Rest API requests and responses logged.
Network traffic interception and tampering HTTP requests are unencrypted and can be intercepted and tampered by an intruder. With a session data stolen one can launch range of attacks. This is easily possible in public or untrusted hot spots.If the user himself/herself is intercepting the traffic whether HTTP or HTTPS (which can be unencrypted by the user if he/she has the malicious certificate installed on device) and the rest api calls are not implemented with security in mind then he/she can cause damage to business directly or indirectly by hacking into other user’s data.If the apps are caching the HTTP requests locally it can be a threat.
Insecure data storage in files/databases The app may store lot of sensitive details related to user or business on the device in files and databases. If these files can be accessed and the file contents are unencrypted it can be a risk. Private conversations in social networking app, which can be hidden in UI with password but can be read through access to database. We can modify the conversations too.
Also Found out the Lock Pattern password which is stored as an array of characters.
The C2DM registration ID which can be stolen to impose as the real user by the hacker.
Setting in file which enables rewards to a user. It can set again and again locally to get discounts.
Lack of Binary Protections and Reverse engineering If the apps sensitive code blocks are not obfuscated then they can be reverse engineered. This would give an unintended access to app’s sensitive logic which when understood can lead to possible exploitations. It can also be sensitive data being leaked not just the app logic.If the attacker is smartest he/she can modify the code with malicious logic, recompile, install and run. Think of an online shopping app which is loaded with the currency. Imagine attacker modifying the code block which verifies if the user has sufficient balance to make a purchase. The verification can be bypassed thereby allowing to shop irrespectively. Email login credentials found in reverse engineered code (SMTP Details).Critical code logics and sensitive strings discovered
App execution control flow manipulation Using GDB the app is run in debug mode. One can modify the variables and the control flow to exploit bunch of possible vulnerabilities.
Authentication and OTP codes If the authentication code or user verification codes are short and there is no limit to retries or sufficient incorrect authentication timeout before next retry then password can be hacked with automated test. In simple words its brute force attack.
Intra and Inter app data communication If the apps are placing the sensitive data in clipboard for later retrieval or to be passed to another app or within app it’s a threat. A malicious app can read the clipboard data and dump it to a file to be retrieved by the attacker remotely or locally when has the access.The data is passed between apps and within different entities within apps as in case of android app as intents. It’s possible to intercept the intent data using a malicious app installed on device if security measures not taken care while implementing an app.

Whether it’s about intercepting and tampering the network traffic or access the files and database or to launch brute force attacks or to reverse engineer and add malicious code to app or to intercept the inter app communication data, capture device logs, we need tools and utilities either running outside the device or on the device. Some of the tools are sophisticated ones and coming with our own such tool may be tough task. There are other tools which are not very complex to implement but I would rather use them if available to save my time and efforts. But those tools do have limitations in terms of the attacks I can carry out for a specific area for vulnerability. But tools limitations should not limit a security tester. She/he should go beyond the tools and perform the attacks manually with other means. If possible implement own tool which may be generic or has to be customized for every app to be tested for a specific area for vulnerability. But this would need the tester to educate himself/herself with the internals of the app framework and OS architecture. Having the knowledge of app development one can think of the possible security holes which may slip out into app. The mobile app framework (android or iOS) itself could be having limitations in terms of level of security in an area. So a real security tester should go beyond being just a tester and should be able to write or understand source code. Unless I know coding how can I exploit the app by reverse engineering? I have been developer most part of my life and at TestInsane, I am Developer in Test and Tester who brings in a different value to testing as a Developer. The security testing thrills me. Why? Because it’s challenging and feels like treasure hunt. My experience of being a developer has truly helped me in this never ending endeavor.

But the mobile devices come with user permissions which won’t let us access the protected file systems, access device shell and execute privileged commands or install new software (Only the App Store is source in case of iOS). These operations are only available to super user (also called root user).So we can’t install tools and utilities on the device meant for the security testing. But can we gain super user access? Yes we can. It’s called rooting the device. On android it’s easier. But on iOS it depends on release version. Apples iOS is not open source, so it’s the hackers who discover the iOS security loop holes to gain root access. Once rooted any third party apps and binaries can be installed and run. However rooting comes with a risk of bricking (leaving your device un-operational which is as good as brick). But successful rooting is equally rewarding considering what you can achieve as a user or a security tester. But from a developer point of view I would say the app (which needs to be implemented with high level security in place) should be capable of discovering and taking a counter measure to mitigate the risk of being exploited if device rooted ϑ

Security testing is a specialized skill beyond holding tester or developer tag.  It needs time and hunger to keep learning forever. Think of a fighter who has all lethal weapons and knowledge of the weapons. But that alone not enough to win the battle. He needs know how to fight using them (and without them) while continually exploring, acquiring or building and adding new weapons to his repertoire. So tools are like weapons, they help you fight better but they are not everything.

ABOUT SANDEEP TUPPAD

SandeepTuppad - VP, Mobile Apps Testing

SandeepTuppad – VP, Mobile Apps Testing

Sandeep Tuppad has a decade of experience in software development (Drivers & Application Software) for Consumer Electronic Devices such as Digital Television and other display devices. He has prior experience of implementing automation framework and utilities aiding software testing in the past. At TestInsane, he is responsible for exploring and implementing test automation framework, utilities, gathering knowledge and mentoring the team to enable “quality mobile apps testing”. He loves to travel and pursue outdoor adventure sports.

Follow him on LinkedIn at https://www.linkedin.com/profile/view?id=145478507

Our Insight On Mobile Test Automation Tools Appium, MonkeyTalk & MonkeyRunner

Mobile Automation Testing

Mobile Test Automation

There are many automation tools out there in the market. Both open source and commercial. We made an attempt to try some well-known open source tools to find out if they are useful to adapt for mobile app testing. We have documented their features and the limitations as we tried them to test some of the android apps from Google Play store. We are yet to discover their value on iOS if they are supporting iOS. Calabash is one more open source tool which we would be trying sooner. Going forward we will try out commercial tools if we feel they are worth giving a try. We will share our thoughts as we do it.  Please feel free to give a constructive feedback.

Monkey Runner by Android:

  • There are three classes in package com.android.monkeyrunner: MonkeyDevice, MonkeyImage and MonkeyRunner.
  • The MonkeyDevice, represents a device or an emulator. The class includes methods to perform various UI and user actions on device. The MonkeyImage represents a screen shot image of the device or an emulator. MonkeRunner: This includes methods to establish connection between device and monkey runner programs and managing the execution of the monkey runner program. Individually they support set of operations as explained below to enable automation.
  • The methods supported are drag gesture, touch, key press, type equivalent to consecutive key presses, wake up the screen, reboot device, launch an activity, install a package, uninstall a package, broadcast intents as if it’s generated by app, Execute a shell command, Take screen shot which is a monkey image. Read the device property variables such as current package and class of activity, device name, screen height, screen width, capture the screen shot, write it file or compare with the other image etc.
  • The touch and drag methods need the co-ordinates on the screen to be specified, which limits the developing the scripts which are scalable and can easily maintained. However there are plugins developed by third party but they seem to be in primitive stage.
  • Provide methods to enable interactive execution of the script like prompt for inputting the data, prompt list of choices.
  • Supports only Jython as scripting language.
  • Supports only android apps and doesn’t have support for UI locators. UI interactions are co-ordinate based. All these limitations make monkey runner not a good choice for automation.

Monkey Talk by Gorilla Logic:

  • Supports android and iOS platforms including corresponding emulator/simulator.
  • Does instrumentation of the app (The instrumentation of apk distorts the layout).The agent on the device establishes connection between app and the off device tool.
  • Supports test case Record feature.
  • Supports exporting the recorded actions scripts .mt files into java script .js code.
  • Supports ant interface to run the .mt scripts enabling CI support.
  • Supports data driven testing by executing the parameterized editing of the .mt scripts with default values. The data is part of a CSV file and specified as source for the script.
  • Supports verification commands by checking the value of the component matches the argument by absolute value, by wildcard, by regex expression and by image
  • Supports think time and time out in milli seconds as the delay for each command as well as global think time and time out if not specified for any command
  • Supports command to wait for an element optionally with a time out (default 10s). Also has waitfornot which is inverse of waitfor
  • We can call .mt scripts within .mt scripts using the monkey talk language.
  • Can edit test suites .mts which invoke multiple tests which are test scripts. Before invoking they call a setup script and post execution a tear down script with optional CSV file as input or other arguments. This is a GUI based editing. The tests are in line with the JUNIT tests and the results are pare part of the junit panel and an xml file.
  • Supports JAVA API’s to write the tests as pure java standard junit tests with the support of monkeytalk-java-all-in-one.jar in its class path. Can integrate with junit runners such as eclipse, ant and maven to clean, compile, run and report the results of the junit test code. The reports are generated as xml/html files.
  • Supports elements such as text input, text label, spinner, list, menu, radio group, check box, radio button
  • Supports gestures such as tap, move, drag and swipe (Note the gestures recording didn’t work when tested with android app, not very reliable I would say).can capture screenshots.
  • Customer Support lacks big time at least for open source community
  • When instrumented the layout is screwed by the monkey talk. To verify view the layout elements and their mapping in layout using the uiatomatorviewer tool with app running on and without instrumentation.
  • Cannot launch the app. Only upon launching the agent establishes connection.
  • Agent is not very reliable in terms of establishing connection when the app in background is brought to foreground i.e. resumed.
  • Cannot test for scenarios where the app under test launches another app which is not instrumented. Cannot test with the devices pre-installed apps.
  • Does not support key presses.
  • No mention of pinch and zoom or multi touch gesture support
  • Can invoke native shell commands in the scripts.
  • The support isn’t good for the queries on forum. The product bug fixing is slow.
  • Has good support for non-critical and good to have features such as CI, scripting and recording tests.  But some of the core features to enable testing such as gestures support don’t seem be stable with record and playback. It does too much instrumentation.
  • Does not support Windows mobile apps

Appium by Sauce Labs:

  • Appium is a server and the client implements Mobile JSON wire protocol. The clients can implemented as webdriver compatible binding for Java, Python, Ruby, Perl, C#.
  • Supports android and iOS platforms including android emulator and iOS simulator. Supports native, hybrid and mobile web apps.
  • Implements subset of selenium based API’s and then the custom API’s compatible to both android and iOS. However there are some platform specific as well as emulator/simulator only API’s.
  • The iOS app’s can be automated with appium only on Mac-OS X. However the appium for android can used on windows and Linux. Check for the corresponding versions of the tools and software for compatibility.
  • It looks like java binding supports most number of the API’s. I tried python bindings to try the automation for some of the apps but java has more methods. There are other scripting language support such as ruby, C#, python, java script etc.
  • It has support for vast number of actions. single and multi-touch gestures like tap, flick, pinch, zoom, move, drag and drop, swipe, long press by element id or co-ordinates, shake, Has key press support, can start activities, install an app, remove an app, launch an app, close an app, lock screen, check for locked screen, hide keyboard, reset app (stop and launch?) check if an app already installed, open notifications, force the app to back ground.
  • Support various class of locators by name and by accessibility id, locators specific to android (uiautomator) or iOS (uiautomation).
  • Supports Selendroid with limited features, for Android 2.3 and above for native or hybrid apps, above android 4.2(API level 17) uiatomator support is available. However some of the features such as zoom/pinch are available starting API level 18.
  • Supports pull and push file interfaces.
  • We can invoke shell commands as well in client program. At least I could do it in python for android.
  • Web apps are supported with safari on iOS and browser on android.
  • In case of hybrid app’s there is an interface to switch the context to any of the web view and native view specifying the context id. Can identify multiple contexts
  • Works across apps without instrumentation.
  • Has fairly good support with its discussion forums (involves mostly appium users and sauce labs support engineers) and documentation on-line.
  • The product is being improved with new features and being stabilized at good speed.
  • Does not support record test case feature.
  • Does not support Windows mobile apps.

 

What features make a good mobile automation tool?

1) Support for most well-known mobile OS platforms such as android, iOS and Windows. Other one being blackberry.
2) Support for most famous versions of the OS’s (Android, iOS and Windows are most important).
3) Supports record and playback feature.
4) Ability to export the recorded actions as standard test scripts (preferably junit tests) and able to be edited by the engineer. Ex: testing login feature with data sources.
5) Supports invoking all kinds of UI objects (or views or controls) and their discovery by various search criterion (by name, by type, by class name, by id etc.).
6) Supports all kinds of gestures such as swipe, pinch, zoom, flick, shake, scroll and patterns.
7) Does not need any instrumentation of the apk, thereby testing the app as it is.
8) Does not need to provide apk source as in case of testing the pre-installed apps on mobile.
9) Ability to record or write the test scripts for one platform (OS and its version) and run the same scripts on other platform with minimal changes.
10) Provides supports for the continuous integration for agile development and testing.
11) Supports verify (or assert) during test and generate test report at the end of each test.
12) Supports native, hybrid and web apps.
13) This is not really a feature automation tool should support. But, it’s good to have. The sauce labs mobile cloud is compatible with the appium test scripts. Xmarin cloud supports calabash for android and iOS. Calabash is an open source automation framework supporting ruby binding. If the customer needs us to test with various devices to address device fragmentation and we do not have those devices in our organization then we need to have an account for mobile cloud. With appium or calabash we know which cloud to choose if it has those devices which we are targeting to test on.
14) Support object based discovery of UI elements rather than image based to easily maintain and scale test scripts.
15) Support key presses and have support for things such as forcing the app to background and bringing it back to foreground, install app, remove app, launch app, terminate app, wake up the screen, lock and unlock screen etc.
16) Supports various well known programming/scripting languages such as java, python. C#, ruby etc. to write automated scripts for various test cases.

Testing eCommerce Applications At Test Insane

Testing eCommerce Apps

Testing eCommerce Applications At Test Insane – Web

Who is not excited about online shopping? Well, we equally love online shopping as much as you do. Again, loving is not sufficient; but demonstrating the value by testing e-commerce is what we believe in firmly. Testing e-commerce applications poses various challenges to testing and it is not a cakewalk where you choose any software testing services company to do it for you. We come with great experience in testing e-commerce applications and have delivered great value to our customers in terms of quality. We want to help you convert your leads to sales as that’s your business goal and that takes a lot as users demand a lot because there is not only one player in the industry, but many and the number is growing every day. So, how do you make sure that users choose you? Answer is Test Insane! [Read the testimonial by one of our customer who is into eCommerce industry].

 

Have you got powerful search?

Most people love search feature as it helps them to get what they want as soon as possible unless it is browsing through several categories. Hence, it makes it crucial to have powerful search functionality; and believe us, it is not that easy as the world thinks. Search itself has so many attributes like relevancy, wild card search,

eCommerce Search Feature Testing

Your users love search more for quick shopping. More Business to you!

auto-suggestions and more. Even though you have a product in your product catalog, but your search is not displaying the result then it is a big failure for the business. What can be worst than this kind of bug? You have it, yet you don’t have it!

Is your checkout reliable as it is the heart of your application?

Security-testing-for-ecommerce-apps

eCommerce Security Testing – Payment Security! Safeguard your users from hackers and threats.

Every part of the body is necessary to function well as a whole for the well-being of life. Now, even your application has different parts like UI, Functionality like checkout, search, add to cart, discount coupons, gift cards

and more. Now, checkout is the heart as that pumps in revenue for your business. You don’t want the heart of your application to be weak. Isn’t it?

We want to quote this to emphasize on why we call “Checkout” feature as “Heart” of your application.

According to Baymard Institute Research, “68% of all e-commerce visitors abandon their shopping cart” and now that’s a very big number. We strive hard to bring that number down with our testing and that means more business to you and more “Power” to you.

Is your platform secure?

eCommerce Platform Security

eCommerce Platform Security. Your users love secured platforms where payment is involved.

Hackers are always open to hack for numerous reasons. It could be data theft, getting personal details of your users, selling your users data to other competitors so that they can send e-mail campaign to those users and poach your users. It is always a nightmare to listen to such bad news and media is always waiting on the edge to hear such news. This could hit your brand image and bring a great loss to your business. We provide security testing services and read more about it here.

 

How good or bad is the user experience?

In today’s world, it is not about just shopping; but the ambiance too. Now, ambiance can be referred to how is your user interface appealing to your users. Usually, users are not satisfied only with the cart and checkout features. It is about colorology, discounts, gift card, wishlists, share with social media, customer service, help &

Delightful UX - A Happy Online Shopper

Delightful UX – Make your customers happy!

documentation, navigation, homepage elements design, product pages design, product description page design and details and lot more. Many claim that UX is easy, we somehow do not see anything as easy because it is not in reality and again the knowledge matters if something has to be seen as easy or challenging.

Do you care about the user reviews and how are you taking them forward?

Test Insane believes that user reviews are cool way to generate tests and they could reveal the bugs in the application. Usually, the feedback form that you may have in your application is never paid attention to. We have talked to customers who said, “We never look into it as it takes a lot of time from us based on the other priorities at work we have”. Well, this was the problem statement and we agreed to it. Now, Test Insane is also a solution provider and we developed a tool for our customer and now they are happy using it as it helps them to invest less time on reviews as they get organized data in the dashboard which highlights several problems that their users are speaking about via reviews / feedback system. We can help you to understand the psychology of your customers.

Do you have a mobile web or mobile app for your e-commerce business?

Web, Mobile, Physical stores are various channels for shopping. And online shopping can be through web via Desktop Computer / Laptop while it can be even on mobile phone. If you do not have a mobile app, you may lose to other competitor who has mobile app and is getting customers from mobile phone channel as well. And that

Testing eCommerce Mobile App

Make sure your mobile channel for your business is tested!

means, your competitor is making more money compared to you who may not mobile phone as a channel. Now, we come with mobile app testing expertise. We have read numerous research papers on usability, security apart from functional testing. To get a glimpse of our mobile app testing services, read more here.

Are there functional glitches that shoos off your customers?

Functional bugs will directly help your customers to go away from you. That’s the first quality criteria that needs to become stable which is important for your business to  kick-start. Let us say, someone is searching for a product and you just show “Oops, something went wrong” and this happened because search data contained some characters which your server couldn’t process and the user keeps getting that message repeatedly which irritates the user and that’s sufficient for abandoning you and going to competitor. Now, we focus on various types of coverage in our testing activity like “Data coverage”, “Feature Coverage”, “Quality Criteria Coverage” and more. This helps us in identifying the risks in various parts of your application and the it will help you in making better informed decisions about your business.

How is the performance of your application?

All cool features and actually more features implemented compared to any e-commerce site in your country or world. You are very happy and there is a sale that you plan or it is a festive season. May be, its Diwali or Christmas or Thanksgiving Day, we want to make sure that your application doesn’t perform like a snail due to the load. We identify the risks with performance by doing various tests which could be load testing, stress testing, volume testing so that we can plan well for such (un)expected situations.

 

Now, you have fair enough idea about how we test e-commerce applications. If this doesn’t convince you, then ask us more and we would be glad to help by understanding your pain points! Write to us at sales [at] testinsane [dot] com. Or else use contact us form.

Software Testing MindMaps For The World

Software Testing Mindmaps

We would love to start this blog post by thanking Mr. Tony Buzan who showcased the concept of mind-mapping to the world. We do not want to hype the usage of mind-maps in our testing activity, we see it as good way in specific contexts without comparing to any other way of doing it. It is a gut-feeling of our test team with which they feel they can do great with usage of mind-maps. Be it developing a test strategy for a software or be it using mind-maps for test coverage. One of the beautiful thing about our mind-maps is, we do not allow them to die; we keep them alive by adding more nodes or ideas as and when we get. Mind-map without great content or data is not great! We believe that, the content need to have value while the presentation also needs to rock for the projects that we undertake.

Why do we say “Testing Mindmaps For The World”? Good News!

We were just thinking about, open source tools or utilities that exist in this world; and a thought sparked in our brain circuit and we said, “Why not develop mind-maps in testing across various topics and make them downloadable”. When we say, “downloadable” it doesn’t only mean that you can download READ only format which is the image format, but also the source file which you can edit based on your project context (Example: *.xmind). This is our third contribution to the testing community and it is OPEN SOURCE. We wanted to give out completely without conditions. We love unconditional love.
Software Testing Mindmaps

THE IDEA & THE PROGRESS

Building Web-based Application For The Mindmaps Repository

Our team member Karthik Kini started the work on building the web application where we can upload the mind-maps and people can download the mind-maps. We came up with the wishlist feature set like,

  • Mind-map categories like usability testing, healthcare, BFSI testing, accessibility testing, security testing, UI / UX testing and more.
  • Search filters like Most downloaded, most viewed, latest etc.
  • We needed comment feature as well where visitors could add comment which may be “Awesome”, “Thanks for this mind-map”, “It sucks”, “This rocks” and whatever they intend to. Also, not only these kind of comments; but they could initiate the discussion also on the mind-map nodes which could be “Hashing”, or “Encryption” etc.

 

Where’s the data? (Mindmaps)

Now, you learned about the web application platform for mind-maps; but the question is about where do we start with mind-maps creation of various topics? Here is something insane that we came up with, “We would die soon if we did not have the commitment to keep this platform alive, so we need to dedicate some time in a week so that we are continuously contributing to the community”. Now, this being open source; even people around the world can contribute however, there would be moderation to keep the things neat and maintain the quality. As we still do not know how many people would contribute around the globe, we said to ourselves, “We do not have control on others, but ourselves! So, let us have the commitment and dedicate some time in every week for some mind-maps and the beautiful thing about this is, we will learn a lot while we are creating mind-maps based on various subjects”. Thanks to our team member Jyothi Rangaiah for heading the mind-maps creation activity on various topics of her interest for the launch. Not to forget our other supporters / contributors for the launch, and they are Jasmeet Singh & Mohit Verma. So, now you know how the data gets pumped into our mind-map web app repository.

What Next?

Visit our mind-maps repository at http://apps.testinsane.com/mindmaps/ and start browsing and downloading. We are providing MIT license and that means you could do anything with the source that you download.

CREDITS

We do not have control on how the world will use it and whether it will give credits to Test Insane and its contributors. Or people will just use their name by faking without mentioning the credits. So, we can say only one thing and that is, “We have put our efforts to give this to the world before we die! And we request you to mention us and the team wherever possible”. We love to owe credits and even receive them!

HOW CAN YOU GET INVOLVED WITH US?

Write to welovetohelp@apps.testinsane.com and we can talk further!

How do we test mobile apps?

Mobile App Testing

We were seeing the same set of testers who were tapping and telling the world, that “login is not working”, “error message appears to be inappropriate” and many other bugs which are good, but we come from a unique background and philosophy about mobile app testing. We have loved Scuba Diving because that’s where you can see great aquatic animals and that’s where the treasure is. Likewise, we love to deep dive into mobile app testing aspects and here are some things that we cover as part of Mobile Application Testing at our start-up.

Mobile App Testing

Mobile Application Testing