As mobile technology and the Internet of Things drive the growth of the API economy, providers and developers are faced with 3 major challenges that threaten API quality: security, integration and standardisation. APIs are big business and companies like Salesforce, NetFlix and Facebook are responding to more user requests through API calls than through their own front-end. When an API falls short of a customer’s quality expectations, providers face the serious risk of losing those customers. There is also a danger of more widespread reputational damage as 33.4% of users say quality issues would make them consider switching API providers permanently and 31% admit they would report the problem externally to their peers and other customers rather than to the provider.

So, as an API provider how can you overcome these challenges and mitigate these risks to reap the benefits of providing a quality API?

First it’s essential to understand what your customer actually wants and see how this corresponds to the challenges you are experiencing as a provider. The 3 top requirements of API consumers are ease of use, excellent responsiveness and performance, and overall service reliability.

API Security

As is usually the case when the IoT is a driving force, security is top of the list of challenges for 41% of providers with regard to both internal and external APIs. An API increases the attack surface and can provide hackers with a roadmap to app functionality and internal database structure that would normally be invisible under layers of functionality, so opening up new attack vectors.  It’s interesting to note then that only 40% of API providers are currently using a specialised API testing tool! The key to mitigation is to take a shift left approach to implementing built-in security measures and security testing and execute thorough authentication, encryption, access control and penetration attack test scenarios, while carefully monitoring the back-end during test execution.

API Integration

The lack of integration between tools and systems is another major challenge. The best way forward is to carefully define your user stories, select and authenticate integration endpoints, define standard and custom data endpoints, map and transform your data, determine event triggers and orchestrate continuous integration testing from the outset.

Lack of Standardisation

While standardisation is recognised as a major challenge and 75% of providers say they have a formal developer documentation process, only 45% make it a priority and 25% say they either don’t have one at all or haven’t been made aware of it! Providers need to create a clear developer documentation process and ensure visibility and accessibility to all relevant team members while forming partnerships and working groups with other businesses to share information, develop API specifications and reference architectures.

Reputation Management Strategy

As always, users’ demand for a speedy delivery has to be weighed against the even bigger demand for quality. Nearly a third of API providers admit that a lack of time and resources is the major barrier to quality, with lack of expertise and the complexity of many API tools also being major issues. The other important factor that goes in hand with quality and brand reputation, is how providers respond when customers flag up an issue, and the statistics show that worryingly, less than 10% of API issues are resolved within 24 hours and nearly 24% remain unresolved for more than a week!

The key elements of an API brand reputation strategy are to:

  • Promise reasonable response and fix times that you can genuinely meet
  • Provide a temporary solution, workaround or back-up until the issue is fixed
  • Create several lines of efficient communication for customer feedback, initial response, updates, notification of resolution and final feedback to ensure customer satisfaction.
  • Enable communication on the same platforms where complaints are made. So if, for example, your customers are complaining publicly on social media, then you need to have a social media presence and engagement strategy giving you the ability to take control of the conversation, publicly acknowledge the issue and demonstrate that you are fixing it and offering excellent customer service.
  • Take a shift left approach to continuous testing with a comprehensive test strategy that focuses on the main areas of security and integration.
  • Work with a partner who is an expert in disruptive technologies such as IoT and Mobile and who has strong partnerships of their own in terms of access to best in class tools that offer, re-usability of tests, scripts and resources.
  • Create a set of metrics with Performance as the key measure of success.

State of API Survey

All statistics in this post come from SmartBear Software’s 2016 State of API Survey.

You can download the full survey here:

If you want to discover more about how to overcome integration challenges to deliver high-quality APIs you can also listen to the recording of our recent webinar with SmartBear, here.

Andrew Fullen AUTHOR:
Andrew is a managing consultant who looks after strategy for technical aspects of testing in the quality centre.

Posted in: API, architecture, Business Intelligence, communication, Digital strategy, Infrastructure, Innovation, integration tests, Internet of Things, IT strategy, mobile applications, mobile testing, project management, Quality Assurance, Requirements, Research, Security, Social media, Social media analytics, Software Development, Test Tools, Testing and innovation, Transformation, User Experience, user stories      
Comments: 0
Tags: , , , , , , , , ,



Tick. Tock. Tick. Tock.

Do you hear that?

Tick. Tock.

It’s the clock ticking down the time left on your project.

Tick. Tock.

Unless you are going to shift your completion date to the right, then you are not-so slowly eating up your testing time.

Tick. Tock.

That clock’s annoying, isn’t it?

Tick. Tock.

That’s another test your could have been running that you’ve run out of time for. So what could you have done to reduce the time pressure that you are facing?

Tick. Tock. Ti……

Automation is often suggested as a good way of saving time and improving quality. In the World Quality Report the respondents put the figure of automated test cases at a fraction over 45%. Hey that’s good,

Tick. Tock.

isn’t it?

Tick. Tick. Tick

Automation has been around for quite a while. Computers were invented and 5 minutes later the first programmers figured out a way of saving sometime to get the computer to do something for them while they had a cup of tea.

Tick. Tock.

But 45% isn’t that much is it? What next? 50%? 51%?

Tick. Tock.

How about 100%? That’s what I’m aiming for. To do that automation has to be right at the start of any project. As the requirements are being designed then the questions you need to be asking  are 1. Can we build it? 2. Does it give you value? 3. How do we automate it? I’m not saying how do we test it. If we can code it, and it gives value then it can be tested. But the automated test case needs to be there right at the very front. When the code comes in, so does the test.

Tick. Tock. Time for tea.


Andrew Fullen AUTHOR:
Andrew is a managing consultant who looks after strategy for technical aspects of testing in the quality centre.

Posted in: Automation Testing, DevOps, Digital, Digital strategy, functional testing, Performance testing, Rapid Application Development, Scrum, Software testing, Test Automation      
Comments: 0
Tags: , , ,


Customer or User Experience?

Everyone is talking about Customer Experience (CX): defining it, differentiating it from User Experience (UX) predicting the trends and wondering how it will impact upon the Marketing and IT departments. The concept is not new, but given that the World Quality Report (WQR) shows that Digital Transformation and customer expectation make CX the key driver in Business Strategy and consequently protecting the corporate image is now the highest QA and Testing priority, the CX concept has clearly now become our reality.  So what is CX; what are the benefits and challenges and how will it change the role of the Testing team, the individual tester and QA and Testing strategies?

We’re accustomed to talking about and testing UX where the focus is on how users interact with our apps and products. For UX, we test things like speed of access and ease of use and determine clicks to completion through usability testing and we carry out omni-channel testing to ensure a seamless experience across the vast range of devices and operating systems.  However, Customer Experience incorporates UX and then goes far beyond it, looking at every interaction your customer has at every touchpoint on their entire journey with your brand. As testers we therefore need to focus on a new strategy of behaviour-driven and more inquisitive scenario-based testing. We need  to walk a mile in our customers shoes and instead of looking at the journey we expect or want them to take, examine the journey’s they’re actually taking and whether that experience is giving the wider business a competitive edge or could potentially damage the corporate reputation.

Top UX & CX Trends

So where are our customers going to be walking on their CX journey in 2016? Today’s IT customers’ expectations are not unlike what we all want from a really great waiter in a top restaurant. We want to be understood and remembered and our preferences anticipated and we like friendliness but abhor over-familiarity or any invasion of privacy.  These desires could make Personalisation big news this year, driving the need for more relevant and timely mobile notifications, highly-tailored content and predictive automation, while still ensuring that the user maintains a level of control over their own experience. This will mean something to anyone who has ever sat down to watch 1 episode of a box set on Netflix and 5 hours later realised they’ve fallen prey to the next episode autoplay!

The challenge here is that every customer is of course a unique individual and predicting and testing reactions to a personalised experience is a tall order! The flip side of predictive Personalisation and therefore also a CX trend for 2016, is user Customisation. These could both have an impact on A/B testing. As Liraz Margalit of Clicktale told UX Magazine, the smart strategy will move away from the traditional concept of testing reactions to page alterations so that “Instead of testing different versions on all website visitors, we should be testing how different groups react to the same version and provide them with the opportunity to customise their own experience.”

Other trends set to have a massive impact are of course the Internet of Things and mobile enabled technology; the migration of touchscreen from mobile to laptop and desktop; the rise of touch-free as voice command prevails; new improved customer journey analytics and the need for more Data Scientists to interpret them; the continuing rise of omnichannel; advances in user interfaces; and different applications merging together to give us one end to end experience. On the customer service side of things, video interaction and on-demand contact centres are on the rise while Customer relationship Management systems are maturing fast.

Testing CX

According to the WQR, with regard to omnichannel testing, IT leaders are finding that achieving test coverage that meet the end user requirements is the biggest challenge, followed by the immaturity of available CX testing tools and the fact that test case design is becoming increasingly complex.

The basics of CX testing success are that we need to test in a live environment, from a variety of locations, across all touchpoints and of course test more regularly to meet the speed at which new features are added and the fact that customer behaviour morphs at warp speed. We also need to be more aware of all the different channels of feedback, both requested and unsolicited, that pours in from the plethora of social media channels and review sites. Including this information in test scenarios has the potential to give a great competitive advantage.

Coming Out of the Shadows

So to sum up, these trends will require the Test Team to fully understand and align to the wider business goals and become business enablers at a much higher level. Teams will need upskillling with training programmes and new hires to keep up with testing the new technology. We will also see a further rise in DevOps adoption with QA playing a key role. Finally, testers will need to come out of the shadows of the test lab and take a walk in the customers’ shoes to fulfil their new role as protector of the corporate reputation.

Andrew Fullen AUTHOR:
Andrew is a managing consultant who looks after strategy for technical aspects of testing in the quality centre.

Posted in: Behaviour Driven Development, DevOps, Digital strategy, Innovation, Internet of Things, IT strategy, Marketing, Quality Assurance, Research, Smart, Social media, test data management, Testing and innovation, Transformation, User Experience, User Interface, World Quality Report      
Comments: 0
Tags: , , , , , , , , , ,


There’s a long history of people who are dumb.. Why else would there be a series of movies called Dumb and Dumber, and Dumbonot to mention the Darwin awards.

Thinking of the trouble that people can get up to without “Smart Cities” helping them is best described as “interesting.” Interesting being a synonym for bowl-emptying, terrifying (see item 5 in the list of Smart City services)

Do you want to live in a city that is smarter than you?  And where does a Smart City stop? What if you live in a town? Or a village? Or even in your home? What about the parking system linking to the company health insurer and deciding you need to walk a bit more?

Now if you are reading this I’m going to mark you down as being on the smarter side of the human spectrum (you can read, use a computer and you’ve found this blog entry) and I want you to think about a little about Smart Cities.

What is a Smart City?  Is it just another term that generates lots of white papers, documents and government grants but never actually amounts to very much? It probably even generates lots of blog posts (but we’ll exclude them)

One of the best quotes for what Smart City is and should be came from New York city.

A smart city uses digital technologies or information and communication technologies (ICT) to enhance quality and performance of urban services, to reduce costs and resource consumption, and to engage more effectively and actively with its citizens.”(

But none of this really sounds very bright to me – especially if the lights have been turned off because the software wasn’t tested correctly. One of the lists about the top five items in smart cities listed the following:

  1. Smart lighting saves energy but can make people feel unsafe
  2. Smart parking helps you find a parking spot but what about the shops paying to make sure that their “best” customers get to park closest
  3. Smart traffic lights; keep the traffic flowing but watchout for the Italian job jamming them
  4. Smart waste systems get it right and you come up smelling of roses but get it wrong especially in the summer
  5. Smart emergency response great for co-ordinating responses to expected incidents but able to be spoofed to respond to one incident and move resources away from where they may be really needed

All of these systems exist now and work well – within the limits imposed by the physical space in the cities. All of them have evolved for many years in handling the peaks and trough of demand. Now by simply adding the prefix “smart” they have turned into a hot topic. None of them seem to address the basic question of “what do I get extra for living in a smart city compared to living in a normal city?” The answer so far is in fact it probably costs more, introduces a new level of complexity to the city and increases the risk of key systems either failing or being compromised by external bad actors (the real bad guys, not the ones in the films).

If the city is smart, what about our homes? How long before the kettle is going to let the bus know you are having an extra cuppa before setting off? But perhaps it is another member of the family or a guest who’s having the cuppa? Should it be sharing that information? Now cities are complicated machines that can very easily stop working.

If you want to see a classic, lightning strike scenario you don’t have to look further than New York. Back in the pre-web days of 1977 an actual lightning strike brought large areas of the city to a standstill,  which led to looting and generally lots of really bad stuff happening. The transportation system gave up, ventilation systems failed, the  airports closed.

Imagine that happening now but with the added horror of not being able to tweet or share it on Facebook?

So how can we avoid the pitfalls? Do we want the bus stop to ask us to like it on Facebook (and those get a bus quicker). Should we be looking to put smart living intoschools? Run public education advertorials and training sessions? Or do we keep it simple, avoid leaving the decisions down to machines and rely on people? After all, cities have worked quite well for thousands of years and all without a blue screen of death. image credit: shutterstock


Andrew Fullen AUTHOR:
Andrew is a managing consultant who looks after strategy for technical aspects of testing in the quality centre.

Posted in: Big data, Data structure, Digital, Infrastructure, Internet of Things, IT strategy, Research, Smart, Social Aspects, Social media      
Comments: 0
Tags: , , , , , , , ,


I’ve been in IT a long time. So long that I can remember when hexadecimal was the new flavour of the month; one that was going to sweep away binary and revolutionise our industry. Today we can see the same patterns emerging with the rise in hot new topics such as Web, Mobile, Big Data and the Internet of Things – all part of the digital revolution, so why not utilise the digital generation to work with them?

With enough time I could probably work out the number of projects that I’ve worked on during my career and come up with a very rough estimate of how many strategies and plans I’ve written. After a while, as a tester, you work out what works and what doesn’t. The time taken to sketch out a plan drops from values of “You want it when?!” to “Will tomorrow morning do you?”

We build up a mental toolkit based on those experiences of what works and what doesn’t (the latter is often the most important of the two). We then use that to construct our plan and make informed and reliable estimates and plans that we can deliver to.

It works and we stick with it.

Now, at Sogeti, we run a large and successful graduate programme each year. We take in a bunch of young university leavers and run them through a series of training courses (both technical and soft skills), workshops, mentoring, practical project work and more before they even see a customer for the first time.

There’s a belief amongst some in our industry that graduates are “cheap” and that we are “looking to get customers to train them for us”. Like many beliefs it is backed up by experiences, hear-say, opinion and dogma – however not all beliefs are valid!

Already when talking with our graduates, running through things that I’ve taken for granted I’ve found myself stopped by a well placed “shouldn’t we try this?”  or “why do we do it this way?”

What we get with the graduates is a fresh way of looking at the world. They’ve grown up on a planet in which they have been completely surrounded by digital, mobile, new technologies and rapid innovation. They aren’t blinkered by old ways of doing things, nor have they been beaten down into following the patterns that the rest of us have obeyed through our years in the industry and they aren’t afraid to say so.

So open your ears and listen to the younger generation in our industry – who knows, you might learn a new trick or two!


Andrew Fullen AUTHOR:
Andrew is a managing consultant who looks after strategy for technical aspects of testing in the quality centre.

Posted in: Big data, communication, Developers, Innovation, Internet of Things, IT strategy, mobile applications, mobile testing      
Comments: 0
Tags: , , , , , ,