Leading analyst Gartner predicts “By 2015, over 50% of organizations that derive more than 10% of their business online will roll out e-Commerce as a transformational initiative, up from 20% in 2012”.
Over the last decade, how internet is being leveraged and used has undergone a major shift with the advent of Smart Phones and Tablet Computers. This shift has caused a “Big Transformation” in the
eCommerce industry as it has dramatically changed consumer behaviour and moved them away from transacting traditionally. Consumer base and expectations have grown manifold. Consumers expect eCommerce platforms to be Smarter, Faster, and Secure. They also expect the transaction experience to be convenient, cost-effective, and safe. Multi-channel commerce consisting of
mCommerce and Social-Commerce is also grabbing equal attention of the consumers fuelled by enterprises’ “Mobile First” strategy.
Please refer to the eCommerce landscape provided in the image below.
With all the above said possibilities and associated complexities, an eCommerce platform also requires to seamlessly integrate with Payment Systems, Supply Chain, ERP, Warehouse Management, POS, and other applications in the Enterprise ecosystem. The above mentioned trends, complex business architecture, and Enterprise ecosystem call for testing specialists and a test partner who is agile, smart, effective, and efficient.
To address the above challenges and deliver a value-added service, Cigniti has developed an
eCommerce Centre of Excellence. The eCommerce CoE leverages proven methodologies, techniques, processes, guidelines, and a tool and technology agnostic framework to ensure effective and efficient testing and validation of eCommerce platforms along with its interfaces. Cigniti’s tool and technology agnostic framework ensures that our philosophy of “Script Once” and “Executes Everywhere” is implemented on a plethora of devices, browsers, O/S platforms, POS, and Payment Systems.
While the framework ensures functional readiness of the application, the performance (which is equally important), is addressed using the performance engineering approach. Our performance validation approach includes verifying the application performance via geographically distributed load, scalability, and stress testing, to meet SLA for response times, peak load response that will give utmost confidence in releasing the application, and preparing for “Holiday Readiness”. Our performance recommendations improve predictability, availability, and reliability of the application.
The major mental block for online purchases is Security as the consumers are required to provide their personal and banking related information while executing a transaction. Cigniti Security Testing CoE provides an end-to-end security testing solution ranging from Penetration Testing through Readiness check for PCI DSS certification. These tests are performed by Certified Ethical Hackers with the primary focus on threat models through SQL injection, Cross-Site Scripting, Cross-Site Request Forgery (CSRF) (including those published by OWASP consortium) and Zero-day Vulnerabilities along with vulnerabilities discovered by our R&D team through CoE. Cigniti follows industry standards throughout the testing process which includes Common Vulnerability Scoring System (CVSS) v2.0 to calculate the risk indexed of the vulnerabilities found and provides both holistic and “Hackers-eye-view” of the application.
Having thoroughly understood the dynamics, complexity and expectations of the eCommerce platform providers and end-users, Cigniti is confident of delivering a “World-Class” testing solution through the means of the following levers:
- UI and User Experience Testing: In-house frameworks, toolkits and checklists to perform automated UI validation across OEMs, Browsers and O/S
- Holiday Readiness Testing: Pay per use performance testing model improving application performance and assuring 90th percentile response times in standard reporting
- PCI Preparedness: Pre-defined checklists that enable preparedness of eCommerce portals for PIC DSS certification. Threat models and test execution are done by Certified Ethical Hackers.