K3 Keynote  4/16/2015  8:30  AM  

     

"The Perfect Storm: Mobile

Application Quality"  

Presented by:

Jeffery Payne

Coveros, Inc.          

Brought  to  you  by:    

   

340  Corporate  Way,  Suite  300,  Orange  Park,  FL  32073  888-­‐268-­‐8770  ·∙  904-­‐278-­‐0524  ·∙  sqeinfo@sqe.com  ·∙  www.sqe.com

Jeffery Payne

Coveros, Inc. Jeffery Payne is CEO and founder of Coveros, Inc., a software company that builds secure software applications using agile methods. Since its inception in 2008, Coveros has become a market leader in secure agile principles and was recognized by Inc. magazine as one of the fastest growing private US companies. Prior to founding Coveros, Jeffery was chairman of the board, CEO, and cofounder of Cigital, Inc., a market leader in software security consulting. Jeffery has published more than thirty papers on software development and testing, and testified before Congress on issues of national importance, including intellectual property rights, cyber terrorism, and software quality. Follow Jeffery on Twitter @jefferyepayne.  

1© Copyright 2015 Coveros, Inc.. All rights reserved.

The Perfect Storm:Mobile Application Quality

Jeffery PayneChief Executive Officer, Coveros Inc.

jeff.payne@coveros.com@jefferyepayne

2© Copyright 2015 Coveros, Inc.. All rights reserved.

y Coveros helps organizations accelerate the delivery of secure, reliable software

y Our consulting services:– Agile software development– Agile coaching & improvement– Agile testing & automation– Secure agile development– DevOps

y Agile training– Agile Fundamentals (ICAgile)– Agile Testing (ICAgile)– Agile Test Automation (ICAgile)– Security Testing– Mobile Testing– DevOps

About Coveros

Areas of Expertise

3© Copyright 2015 Coveros, Inc.. All rights reserved.

Agenda

y What is going on out there?

y The perfect storm

y Mobile application quality

y Getting ahead of the curve

4© Copyright 2015 Coveros, Inc.. All rights reserved.

Convergence of technology

What is going on out there?

5© Copyright 2015 Coveros, Inc.. All rights reserved.

Technology adoption

What is going on out there?

6© Copyright 2015 Coveros, Inc.. All rights reserved.

Social aspects of mobiley Fear of losing your phone is called Nomophobia.

– Half the world has it.

y It takes 26 hours for the average person to report a lost wallet …– and 68 minutes to report a lost phone.

y We use our phones for many things:– 56% of time spent in applications– 19% of time spent in email/msgs– 15% of time spent on phone

What is going on out there?

7© Copyright 2015 Coveros, Inc.. All rights reserved.

A world-wide phenomena

y USA– 51% use phones in bed– 23% use phones during

meetings and classy UK

– 22% of adults use their phone in the bathroom

– 37% of adults admit they are addicted to their phone

y Russia– 154% market penetration

What is going on out there?

8© Copyright 2015 Coveros, Inc.. All rights reserved.

Mobile Apps: The Perfect Quality Storm

The Diamond of Danger

Usability

Performance

Security CompatibilityThe Perfect

Quality Storm

9© Copyright 2015 Coveros, Inc.. All rights reserved.

Usability

y Screen size / colorsy Adaptive/responsive designy Emphasis on usability often forgets beautyy Emphasis on beauty often forgets usabilityy Device specific features (Accelerometer, GPS,

touchscreen)

y “A  product  gets  uglier  if  it  doesn’t  meet  user  needs.”

Mobile Apps: The Perfect Quality Storm

10© Copyright 2015 Coveros, Inc.. All rights reserved.

Compatibility

y Devicesy OS’sy Versions (Devices, OS,

Apps)y Browsersy Networksy Data storage

Mobile Apps: The Perfect Quality Storm

11© Copyright 2015 Coveros, Inc.. All rights reserved.

Performancey Mobile users expect real-time response and performance

– 40% of mobile application users will abandon an app if load time is >3 seconds – KISSmetrics

– 51% of online shoppers in the US say that slowness is the top reason  they’d  abandon  a  purchase -- Radware

– The abandonment rate for mobile shopping carts is 97%, compared to 70-75% for desktop carts – Radware

– For iOS, 98-99% of response time happens after HTML arrives at the client application

Mobile Apps: The Perfect Quality Storm

12© Copyright 2015 Coveros, Inc.. All rights reserved.

Security

Mobile Apps: The Perfect Quality Storm

y Mobile devices have a radically different threat profile than our computers do– We leave them laying around without strong authentication– We download untrusted applications without blinking an eye– Mobile security models on devices are complicated and unique

to each platform– Devices  storage  mechanisms  aren’t  very  secure

y We perform business-critical operations on mobile apps residing on devices we often leave in the bathroom

13© Copyright 2015 Coveros, Inc.. All rights reserved.

Achieving Mobile Application Quality

14© Copyright 2015 Coveros, Inc.. All rights reserved.

Effective Usability Testing

y Leverage usability checklists“A  Usability  Checklist  for  the  Usability  Evaluation  of

Mobile  Phone  User  Interface”-- Yong Gu Ji, Jun Ho Park, Cheol Lee, Myung Hwan Yun

y Test your application on actual  users  …  and  youdon’t  need  many!

y User Experience Design

Mobile Apps: The Perfect Quality Storm

85%

15© Copyright 2015 Coveros, Inc.. All rights reserved.

Effective Compatibility Testing

y Know your customer and market trends

Mobile Apps: The Perfect Quality Storm

16© Copyright 2015 Coveros, Inc.. All rights reserved.

Effective Compatibility Testing

y Know your customer and market trends

Mobile Apps: The Perfect Quality Storm

17© Copyright 2015 Coveros, Inc.. All rights reserved.

Effective Compatibility Testing

y Leverage emulators, simulators, cloud platforms

Mobile Apps: The Perfect Quality Storm

18© Copyright 2015 Coveros, Inc.. All rights reserved.

Effective Performance Testing

y Factor in networks– 2G, 3G,4G LTE, EDGE, WiFi, Airplane Mode– Switching across networks– Roaming

y UI issues

y Performance  is  not  just  a  device  issue  ….  it’s  a  software  issue– Integrate profiling and performance testing into Sprints/iterations– Test subsystem performance when implemented– Don’t  wait  until  the  end!

Mobile Apps: The Perfect Quality Storm

19© Copyright 2015 Coveros, Inc.. All rights reserved.

Effective Performance Testing (cont.)

y Low resources– Optimization Modes– Power saving Modes– Variable Battery Levels (Full, Low, Critical, Charging)– Memory/CPU utilization– Launch, Background, Foreground, Exit– Simultaneous Applications utilization– Continuous Keypad entry (across various keypad controls/events)– Memory Sweeping– Storage Space– Installation– Application Utilization– Battery Consumption

y Use emulators / simulators to ease this process

Mobile Apps: The Perfect Quality Storm

20© Copyright 2015 Coveros, Inc.. All rights reserved.

Effective Security Testing

y Focus on privacy first– Screen snapshots are not your friend!– Protect your data on the back-end

y You will have to cover all of your security bases– Web, legacy, privacy, malicious code, viruses/worms,

platform/configurations, operating systems

y Use risk analysis and an understanding of where your “crown  jewels”  reside  to  focus  your  efforts

y Understand your device and security model very well!

Mobile Apps: The Perfect Quality Storm

21© Copyright 2015 Coveros, Inc.. All rights reserved.

Putting It All Together

Mobile Apps: The Perfect Quality Storm

22© Copyright 2015 Coveros, Inc.. All rights reserved.

Getting Smartery Coveros Labs (www.coveroslabs.com)

– Secure mobile development– Malicious code analysis– Cloud security– Active Authentication

y OWASP (www.owasp.org)– Mobile testing– Web testing– Free tools

Mobile App Security

23© Copyright 2015 Coveros, Inc.. All rights reserved.

Questions?

Thank You

Contact Information:

Jeffery PayneCoveros Inc.@jefferyepayne