Post on 17-Aug-2015
K3 Keynote 4/16/2015 8:30 AM
"The Perfect Storm: Mobile
Application Quality"
Presented by:
Jeffery Payne
Coveros, Inc.
Brought to you by:
340 Corporate Way, Suite 300, Orange Park, FL 32073 888-‐268-‐8770 ·∙ 904-‐278-‐0524 ·∙ sqeinfo@sqe.com ·∙ www.sqe.com
Jeffery Payne
Coveros, Inc. Jeffery Payne is CEO and founder of Coveros, Inc., a software company that builds secure software applications using agile methods. Since its inception in 2008, Coveros has become a market leader in secure agile principles and was recognized by Inc. magazine as one of the fastest growing private US companies. Prior to founding Coveros, Jeffery was chairman of the board, CEO, and cofounder of Cigital, Inc., a market leader in software security consulting. Jeffery has published more than thirty papers on software development and testing, and testified before Congress on issues of national importance, including intellectual property rights, cyber terrorism, and software quality. Follow Jeffery on Twitter @jefferyepayne.
1© Copyright 2015 Coveros, Inc.. All rights reserved.
The Perfect Storm:Mobile Application Quality
Jeffery PayneChief Executive Officer, Coveros Inc.
jeff.payne@coveros.com@jefferyepayne
2© Copyright 2015 Coveros, Inc.. All rights reserved.
y Coveros helps organizations accelerate the delivery of secure, reliable software
y Our consulting services:– Agile software development– Agile coaching & improvement– Agile testing & automation– Secure agile development– DevOps
y Agile training– Agile Fundamentals (ICAgile)– Agile Testing (ICAgile)– Agile Test Automation (ICAgile)– Security Testing– Mobile Testing– DevOps
About Coveros
Areas of Expertise
3© Copyright 2015 Coveros, Inc.. All rights reserved.
Agenda
y What is going on out there?
y The perfect storm
y Mobile application quality
y Getting ahead of the curve
4© Copyright 2015 Coveros, Inc.. All rights reserved.
Convergence of technology
What is going on out there?
5© Copyright 2015 Coveros, Inc.. All rights reserved.
Technology adoption
What is going on out there?
6© Copyright 2015 Coveros, Inc.. All rights reserved.
Social aspects of mobiley Fear of losing your phone is called Nomophobia.
– Half the world has it.
y It takes 26 hours for the average person to report a lost wallet …– and 68 minutes to report a lost phone.
y We use our phones for many things:– 56% of time spent in applications– 19% of time spent in email/msgs– 15% of time spent on phone
What is going on out there?
7© Copyright 2015 Coveros, Inc.. All rights reserved.
A world-wide phenomena
y USA– 51% use phones in bed– 23% use phones during
meetings and classy UK
– 22% of adults use their phone in the bathroom
– 37% of adults admit they are addicted to their phone
y Russia– 154% market penetration
What is going on out there?
8© Copyright 2015 Coveros, Inc.. All rights reserved.
Mobile Apps: The Perfect Quality Storm
The Diamond of Danger
Usability
Performance
Security CompatibilityThe Perfect
Quality Storm
9© Copyright 2015 Coveros, Inc.. All rights reserved.
Usability
y Screen size / colorsy Adaptive/responsive designy Emphasis on usability often forgets beautyy Emphasis on beauty often forgets usabilityy Device specific features (Accelerometer, GPS,
touchscreen)
y “A product gets uglier if it doesn’t meet user needs.”
Mobile Apps: The Perfect Quality Storm
10© Copyright 2015 Coveros, Inc.. All rights reserved.
Compatibility
y Devicesy OS’sy Versions (Devices, OS,
Apps)y Browsersy Networksy Data storage
Mobile Apps: The Perfect Quality Storm
11© Copyright 2015 Coveros, Inc.. All rights reserved.
Performancey Mobile users expect real-time response and performance
– 40% of mobile application users will abandon an app if load time is >3 seconds – KISSmetrics
– 51% of online shoppers in the US say that slowness is the top reason they’d abandon a purchase -- Radware
– The abandonment rate for mobile shopping carts is 97%, compared to 70-75% for desktop carts – Radware
– For iOS, 98-99% of response time happens after HTML arrives at the client application
Mobile Apps: The Perfect Quality Storm
12© Copyright 2015 Coveros, Inc.. All rights reserved.
Security
Mobile Apps: The Perfect Quality Storm
y Mobile devices have a radically different threat profile than our computers do– We leave them laying around without strong authentication– We download untrusted applications without blinking an eye– Mobile security models on devices are complicated and unique
to each platform– Devices storage mechanisms aren’t very secure
y We perform business-critical operations on mobile apps residing on devices we often leave in the bathroom
13© Copyright 2015 Coveros, Inc.. All rights reserved.
Achieving Mobile Application Quality
14© Copyright 2015 Coveros, Inc.. All rights reserved.
Effective Usability Testing
y Leverage usability checklists“A Usability Checklist for the Usability Evaluation of
Mobile Phone User Interface”-- Yong Gu Ji, Jun Ho Park, Cheol Lee, Myung Hwan Yun
y Test your application on actual users … and youdon’t need many!
y User Experience Design
Mobile Apps: The Perfect Quality Storm
85%
15© Copyright 2015 Coveros, Inc.. All rights reserved.
Effective Compatibility Testing
y Know your customer and market trends
Mobile Apps: The Perfect Quality Storm
16© Copyright 2015 Coveros, Inc.. All rights reserved.
Effective Compatibility Testing
y Know your customer and market trends
Mobile Apps: The Perfect Quality Storm
17© Copyright 2015 Coveros, Inc.. All rights reserved.
Effective Compatibility Testing
y Leverage emulators, simulators, cloud platforms
Mobile Apps: The Perfect Quality Storm
18© Copyright 2015 Coveros, Inc.. All rights reserved.
Effective Performance Testing
y Factor in networks– 2G, 3G,4G LTE, EDGE, WiFi, Airplane Mode– Switching across networks– Roaming
y UI issues
y Performance is not just a device issue …. it’s a software issue– Integrate profiling and performance testing into Sprints/iterations– Test subsystem performance when implemented– Don’t wait until the end!
Mobile Apps: The Perfect Quality Storm
19© Copyright 2015 Coveros, Inc.. All rights reserved.
Effective Performance Testing (cont.)
y Low resources– Optimization Modes– Power saving Modes– Variable Battery Levels (Full, Low, Critical, Charging)– Memory/CPU utilization– Launch, Background, Foreground, Exit– Simultaneous Applications utilization– Continuous Keypad entry (across various keypad controls/events)– Memory Sweeping– Storage Space– Installation– Application Utilization– Battery Consumption
y Use emulators / simulators to ease this process
Mobile Apps: The Perfect Quality Storm
20© Copyright 2015 Coveros, Inc.. All rights reserved.
Effective Security Testing
y Focus on privacy first– Screen snapshots are not your friend!– Protect your data on the back-end
y You will have to cover all of your security bases– Web, legacy, privacy, malicious code, viruses/worms,
platform/configurations, operating systems
y Use risk analysis and an understanding of where your “crown jewels” reside to focus your efforts
y Understand your device and security model very well!
Mobile Apps: The Perfect Quality Storm
21© Copyright 2015 Coveros, Inc.. All rights reserved.
Putting It All Together
Mobile Apps: The Perfect Quality Storm
22© Copyright 2015 Coveros, Inc.. All rights reserved.
Getting Smartery Coveros Labs (www.coveroslabs.com)
– Secure mobile development– Malicious code analysis– Cloud security– Active Authentication
y OWASP (www.owasp.org)– Mobile testing– Web testing– Free tools
Mobile App Security
23© Copyright 2015 Coveros, Inc.. All rights reserved.
Questions?
Thank You
Contact Information:
Jeffery PayneCoveros Inc.@jefferyepayne