Security and performance are key words in the world of mobile apps. There are numerous ways in which a mobile app that is launched without proper testing will flounder and ruin the reputation of the enterprise that launches it, owing to the many threats lurking on the Internet. Performance testing and audits play an important role in the development life cycle of an app. There are many open source tools that can be used for performance audits, some of which are introduced briefly in this article.
Mobile apps face innumerable risks because of their vulnerabilities and it is important to test them on different parameters. Deploying a mobile app without proper and rigorous testing can be dangerous for the vendor. If an e-commerce based online shopping mobile app is launched without testing, hackers and malicious traffic can damage the overall setup and abnormal payments may be made. Often, the apps of e-wallets get exploited and the app users lose money. Such situations hurt the overall reputation and reliability of the company owning the app.
The performance of mobile apps can be evaluated through a number of testing strategies in a process known as the performance audit. In this process, malicious traffic is intentionally directed to the app so that its behaviour in such an environment can be analysed. There are many types of testing approaches that can be used for a performance audit of the mobile app.
A few key testing strategies for mobile applications are listed below.
Functional testing: This strategy ensures that all the functions, links and buttons on the mobile app are working as desired. Different options and further links are navigated in this process to confirm the overall flow of the application.
Interruption testing: As mobile apps work in the network environment, it is necessary to check their behaviour during assorted interruptions, such as:
- Network coverage
- Incoming and outgoing calls
- Incoming and outgoing SMSs
- Battery removal
- Turning media on/off
- Power cycle
- Transferring data via cable
The app is considered effective only when it’s confirmed that all interruptions can be handled without any error, warnings or system-generated exceptions.
Usability testing: This ensures that the application works on different platforms and devices without compatibility issues. The ease with which the application can be used, along with the flexibility in handling different controls and options, is considered in this testing strategy.
Stress testing: The goal of stress testing is to analyse the reliability and stability of the application when it’s exposed to different types of abnormal traffic or inputs. Stress testing checks whether the app is getting to any breakpoint on particular inputs. In addition, the modes and points of failure in the app are identified during this test.
Memory leakage testing: As mobile devices have memory constraints (RAM, internal memory, SD card storage, etc), it becomes necessary to check whether the app is consuming additional memory. An app that works efficiently with fewer resources is considered effective.
Lab testing: Laboratory testing provides the mobile app with a simulated wireless environment without actual network coverage. It is implemented in a way that the coverage and behaviour of calls, SMSs and other functions can be evaluated on different bandwidths.
Load testing: This analyses how the mobile app performs when exposed to many users at one time. Load testing checks whether the app crashes or hangs when there is a heavy load of users. For example, the mobile app is opened concurrently by one thousand users to check whether it is able to handle such a load.
Location testing: This includes testing whether the app is able to identify the network coverage and location correctly. The compatibility of the app with different networks is checked during this test.
Installation testing: This process checks whether the application can be installed on all types of devices with different configurations. For example, the app can be tested to be installable on different versions of the mobile operating system and on handsets with different memory constraints.
Penetration testing: The process of penetration testing checks whether the forms and online widgets of the app are fully secured. This is always required in the case of sensitive and financial apps like those used for e-commerce, online shopping, banking, etc. The hackers should not be able to penetrate the payment gateway of the app with their tricks.
Open source tools for testing Android smartphone apps
The three open source tools listed in this article provide different functions that rigorously analyse the behaviour of the mobile app when exposed to diverse traffic.
Appium is a powerful free and open source automation testing tool for native, mobile and hybrid apps. It provides cross-platform features to execute the tests on multiple mobile handsets.
Appium can be used for the testing of Android, iOS or Windows mobile apps in association with the WebDriver protocol. It supports multiple browsers, including Chrome and Safari, for testing apps.
Appium works on the philosophy of creating and executing the test scenarios or test cases without using any software development kit (SDK). The test cases can be written and executed in Java, Ruby, PHP, Perl, C, Python, DotNet and Node.
The installation of Appium can be done using any of the following options:
1. Appium Desktop (https://github.com/appium/appium-desktop)
2. NPM Package Manager (https://www.npmjs.com)
Download Appium Desktop from GitHub for Windows (https://github.com/appium/appium-desktop/releases/tag/v1.6.1). The .exe file of the Appium setup can be directly installed using the installation wizard. After setup, the message to run Appium is displayed. Once Appium Desktop is opened, a window is displayed to start the server with the particular port.
After starting the server, the new device is set up in a way that it can be tested using Appium. In this screen, the details of the platform, version, device’s name and app parameters are specified for the test.
To install Appium Server on a Linux distro, use the following commands:
$ npm install -g appium $ appium
Selendroid is the Selenium automation testing solution for the Android platform. It is a free and open source tool that can evaluate native as well as hybrid mobile apps.
Testing with Selendroid can be done using emulators or actual physical handsets. It has an inbuilt inspector for test case generation and analysis.
Use the following commands to install Selendroid on Linux 64-bit systems:
$ sudo dpkg --add-architecture i386 $ sudo apt-get update $ sudo apt-get install libc6:i386 libncurses5:i386 libstdc++6:i386
You can download the JAR file of Selendroid from https://github.com/selendroid/selendroid/releases/download/0.17.0/selendroid-standalone-0.17.0-with-dependencies.jar
On starting, the HTTP based interface with Port 4444 will be initiated and the scanning of Android virtual devices (AVD) will take place.
Calabash is used to write and execute the test cases for mobile smartphone apps. It is available with free and open source distros with cross-platform compatibility. The open source flavour of Calabash is maintained by Xamarin.
Ruby has to be installed in order to work with Calabash. The following command can be executed to check whether Ruby is already installed in the system:
$ ruby -v
After confirming Ruby’s availability, the installation of Calabash-Android is done, as follows:
$ gem install calabash-android
On executing the command, Calabash-Android will be ready to be used to test mobile apps. Calabash can be integrated with Xamarin Test Cloud to test the application on numerous devices in the cloud environment.