“Iowa Democrat’s First Failure Was Not Testing That Calamitous App”
“Personal Data of All 6.5 Million Israeli Voters Is Exposed”
“At Least 80% of Shopping Apps Leak Users’ Data”
We’ve talked a lot about the value of quality assurance (QA) in creating seamless user experiences. After all, easy and bug-free digital experiences can lead to greater brand loyalty and sales. More important, however, is creating functional applications that keep your customers’ data safe.
The Iowa Democratic Party and the Likud Party in Israel found out the consequences of poor quality assurance the hard way.
Just this month, a mobile app designed to collect and relay caucus results from over 1,700 sites across Iowa failed in one of the most public ways possible. As conspiracy theories multiplied and trust dwindled, it became clear that the app had failed primarily due to a lack of testing. “This app has never been used in any real election or tested at a statewide scale and it’s only been contemplated for use for two months now,” said David Jefferson, a computer scientist at Lawrence Livermore National Laboratory. Not only would automated testing have found the coding errors that were blamed for the app’s disfunction, but manual testing might have shown light on other issues surrounding its launch.
The application was deployed through mobile testing platforms, a method used by many companies to circumnavigate quality control process built into more formal distribution methods like the App Store.
Moreover, the actual user experience designed into the app left much to be desired. Brain Foster, a senior vice president at MobileIron, said that the caucus app was overly complicated and required too many steps to log on, including email and password, two-factor authentication, and a precinct PIN. Even if the coding had functioned, manual quality assurance would have shown vulnerabilities in its desired performance.
Finally, a more robust training program and backup plan might have saved the caucus reporting fiasco. Precinct captains were reportedly downloading the app on the day of the caucus, and when the app failed, they could not effectively report vote tallies through the phone line created in the event of the app’s failure.
So what can business learn from Iowa? The first lesson is to not skimp on QA. Slower time-to-market and the cost of robust testing pale in comparison to brand equity and sales lost to a nonfunctioning app. The second lesson is to make the download and setup process for your applications as easy as possible, leveraging innovative capabilities that eliminate passwords, like zero sign-on. Third, invest in a functioning backup plan that has the capacity to take the application’s place in the event of failure.
Still, it’s crucial to remember that there’s more at stake when developing applications than brand equity and sales. Security of customers’ data needs to be of top priority. Just a week after the Iowa Caucus app failed, a mobile app launched by the Likud Party of Israel leaked the personal data of every registered voter (6.5 million!) in the nation. And it didn’t take an advanced technical expert to extract that data. A simple flaw in the app’s design made full names, addresses, identity card numbers and more available to anyone who could right-click their computer mouse.
Considering 80% to 90% of retail mobile apps are leaking personal information as I write this blog, it’s imperative that businesses take QA seriously and consider the enormous potential cost of an untested app when building go-to-market timelines.
1. Run automated testing throughout the development process to find and fix coding errors as they occur
2. Run thorough manual testing to illuminate potentials for user-error or poor user-experiences that could render the applications purpose moot
3. Offer training resources to help users understand the application set-up process
4. Keep security top-of-mind, particularly for applications that collect and/or distribute personal information
With these steps in place in your application development process, you can significantly reduce your risk of fatal bugs and leaked data.