Business Issues
A successful e-commerce application is:
- Usable: Problems with user interfaces lose clients.
- Secure: Privacy, access control, authentication, integrity and non-repudiation are big issues.
- Scaleable: Success will bring increasing demand.
- Reliable: Failure is unthinkable for a business critical system.
- Maintainable: High rates of change are fundamental to e-commerce.
- Highly available: Downtime is too expensive to tolerate.
These characteristics relate in part to the web technology that usually underlies e-commerce applications, but they are also dependent on effective integration and effective back-end applications. E-commerce integrates high value, high risk, high performance business critical systems, and it is these characteristics that must dominate the approach to testing because it is these characteristics that determine the success of e-commerce at the business level.
Technical Issues
The development process for e-commerce has unique characteristics and some associated risks. It is generally recognised that a ‘web year’ is about 2 months long. In other words, a credible update strategy would need to generate e-commerce site updates roughly monthly. For this reason, Rapid Application Development (RAD) techniques predominate in the e-commerce environment, and in some cases development is even done directly in a production environment rather than in a separate development environment. RAD techniques are not new, and it is generally agreed that they work best where functionality is visible to the user – so web site development would seem to be an ideal application area. Unfortunately, though, other aspects of e-commerce are at least as important as the front-end. The end-to-end integration of business processes and the consequent severe constraints placed on intermediate processes make them less than ideal application areas for RAD.
These changes increase risk and create new challenges for testers, because time pressures militate against spending a longer time testing sites before they are released. At the same time, the technical environment of front-end systems is changing very rapidly, so change is imposed on e-commerce sites even when the site itself is not changing. This requires more regression testing than would be expected in a conventional application to ensure that the site continues to function acceptably after changes to browsers, search engines and portals. New issues have also come to the fore for testers, notably security of transactions and the performance of web sites under heavy load conditions.
If we consider an e-commerce site as made up of a front end (the human-computer interface), a back end (the software applications underlying the key business processes) and some middleware (the integrating software to link all the relevant software applications), we can consider each component in isolation.
Front End Systems
Static Testing. The front end of an e-commerce site is usually a web site that needs testing in its own right. The site must be syntactically correct, which is a fairly straightforward issue, but it must also offer an acceptable level of serviceon one or more platforms, and have portability between chosen platforms. It should be tested against a variety of browsers, to ensure that images seen across browsers are of the same quality. Usability is a key issue and testing must adopt a user perspective. For example, the functionality of buttons on a screen may be acceptable in isolation, but can a user navigate around the site easily and does information printed from the site look good on the page when printed? It is also important to gain confidence in the security of the site. Many of these tests can be automated by creating and running a file of typical user interactions – useful for regression testing and to save time in checking basic functionality.
Dynamic Testing: Applications attached to an e-commerce site, either by CGI programming or server extensions, will need to be tested by creating scenarios that generate calls to these attached applications, for example by requiring database searches. The services offered to customers must be systematically explored, including the turnaround time for each service and the overall server response. This, too, must be exercised across alternative platforms, browsers and network connections. E-commerce applications are essentially transaction-oriented, based on key business processes, and will require effective interfacing between intranet-based and extranet-based applications.
Back End Systems:
The back end of e-commerce systems will typically include ERP and database applications. Back end testing, therefore, is about business application testing and does not pose any new or poorly understood problems from a business perspective, but there are potential new technical problems, such as server load balancing. Fortunately, client-server system testing has taught the testing community many valuable lessons that can be applied in this situation. What is essential, however, is to apply the key front end testing scenarios to the back end systems. In other words, the back end systems should be driven by the same real transactions and data that will be used in front end testing. The back end may well prove to be a bottleneck for user services, so performance under load and scalability are key issues to be addressed. Security is an issue in its own right, but also has potential to impact on performance.
Middleware and Integration:
Integration is the key to e-commerce. In order to build an e-commerce application, one or more of the following components are usually integrated:
- Database Server
- Server-side application scripts/programs
- Application server
- HTML forms for user interface
- Application scripts on the client
- Payment server
- Scripts/programs to integrate with legacy back-end systems
The process of developing an e-commerce site is significantly different from developing a web site – commerce adds extra levels of complexity. One highly complex feature is that of integration.
If an application is being built that uses a database server, web server and payment server from different vendors, there is considerable effort involved in networking these components, understanding connectivity-related issues and integrating them into a single development (executable) environment. If legacy code is involved, this adds a new dimension to the problem, since time will need to be invested in understanding the interfaces to the legacy code, and the likely impact of any changes.
It is also crucial to keep in mind the steep learning curve associated with cutting-edge technologies. Keeping pace with the latest versions of the development tools and products to be integrated, their compatibility with the previous versions, and investigating all the new features for building optimal solutions for performance can be a daunting task. Also, since e-commerce applications on the web are a relatively new phenomenon, there are unlikely to be any metrics on similar projects to help with project planning and development.
The maintenance tasks of installing and upgrading applications can also become very involved, since they demand expertise in:
- Database administration.
- Web server administration.
- Payment server administration.
- Administration of any other special tools that have been integrated into the site.
- Technical support should also be borne in mind.
Correctly functioning back-end and front-end systems offer no guarantees of reliable overall functionality or performance. End-to-end testing of complete integrated architectures, using realistic transactions, is an essential component.