Top 15 Bugs of Mobile Apps: Security, UI, Performance

Top 15 Bugs of Mobile Apps: Security, UI, Performance
January 20 10:00 2014 Print This Article

Note: the article was updated in September 2020.
Like all the versed smartphone users, we’ve taken to spotting defects in applications at a glance, from irritating interfaces to “time-bomb” buttons that make apps crash. (Bummer! They hoped we wouldn’t notice.) Beyond the most obvious bugs – which are a pure shame to miss – the QATestLab team has put together a list of common problems, so mobile app developers and end-users know how important the job of a mobile QA engineer is.

5 Most Common Defects Found During Security Testing

  • SSL Certificate Handling Flaws

Even though iOS and Android have built-in certificate handling code, there is always room for error once app developers start writing their own implementation. Hackers, obviously, are more than happy to leverage this opportunity by tricking the app into accepting a certificate that imitates the app’s server. Given that the certificate handling flaws lead to man-in-the-middle vulnerabilities, it’s easy for the attacker to go further and tamper with the incoming information.

  • Data Leakage

Even though the mobile OS itself offers some protection, it is not enough to stop someone from perusing the internals of their app. Mobile developers should be reminded constantly that mobile apps can be reverse-engineered. The list of commonly leaked data includes API keys, social network API tokens, AWS credentials, and RSA private keys.

  • Client-Side Validation

Security issues usually occur when developers rely on client-side validation for sensitive actions that require some sort of authentication. What is more, client-side validation bugs occur more often than in mobile app than in web apps.

  • Insecure Direct Object Reference

IDORs can often be found in an app-s REST API. Some elaborate manipulations and hackers gain access to the victim’s private messages.

  • Outdated Vulnerable Components

While cybersecurity has become the buzzword in the digital world, app developers don’t always pay enough attention to vulnerabilities of the components they use. It may involve failing to fix or upgrade the underlying platform, frameworks, and dependencies in a timely fashion, or not testing the compatibility of updated, upgraded, or patched libraries.


5 Most Common Defects Found During UI Testing

  • Compatibility Bugs

Ensuring the app’s compatibility with as many devices as possible is the bon ton of the digital era. The biggest challenge here is that smartphones nowadays are packed with functionality in terms of hardware and software that can be mixed in a variety of unimaginable combos.

  • Inconsistencies in Page Layout Across Devices

Rendering inconsistencies, misalignments, and overlapping that occur when end-user access the app using devices with different screen sizes – especially when it comes to e-commerce – may lead to significant losses in revenue. It’s almost as if a shop window goes blurry when a potential customer decided to come closer.

  • Unnecessary navigation

If your app needs a guide, that’s already a fundamental usability problem.

  • Lacking landscape mode

A good mobile app should be designed for both portrait and landscape to accommodate. Moreover, many experts agree that different approaches to the UI of each orientation should be considered, especially if the app contains video content.

5 Most Common Defects Found During Performance Testing

  • “Work-as-designed” Performance Issues

It is a group of issues related to the app design. Put simply, they occur because the application behaves exactly as designed but the design itself has flaws. It may involve non-scalable architecture, improper loading techniques, too much synchronization, etc.

  • Memory-related Issues

They involve memory leakage, improper caching, and insufficient memory allocation.

  • Interfacing performance issues

These issues usually get triggered by using an old driver or library, missing frequent database housekeeping, missing database indexes, logging issues, etc.

  • Slow Response Time

The list of top reasons why the mobile app gets slow includes the following: network latency, unoptimized encrypted connections, sluggishness of the server speed, chatty conversations, the app’s overcrowdedness with data.

  • Crashes

Apps crash due to unnoticed bugs. Any added feature or functionality should be thoroughly tested.

Bug Detection Checklist

As much as these ubiquitous bugs and irritating glitches can make our eyes roll, we can’t just leave you here helplessly dissolving into tears every time a bug ruins your reputation and self-esteem. On that note, we present a short checklist that covers lots of crucial aspects of the mobile app testing process.

  • Test the app against the requirements and acceptance criteria
  • Test on different platforms and OS versions
  • Check the development/design guidelines for the platforms
  • Test the app on different screen resolutions and screen densities/ in portrait and landscape modes
  • Test how the app handles a network change
  • Use the app in an airplane mode
  • Check the app’s memory usage/ battery usage while the app is running or in standby mode
  • Test the app in different languages
  • Check that the app can handle interrupts such as phone calls of any kind of notifications
  • Track post-release actions: gather feedback and crash reports

This list is by no means complete; it is just a hint on what you should cover in your testing strategy.

Hey, in this digital age, app development is not solely about revolutionary ideas, as the market literally has too much of them. If you do offer your product to the customer, think about the quality and your reputation first. And don’t forget about software testing!

Related Posts:

About Article Author

view more articles
Yulia Lomanova
Yulia Lomanova

View More Articles


write a comment

No Comments Yet!

You can be the one to start a conversation.

Add a Comment

Your data will be safe! Your e-mail address will not be published. Also other data will not be shared with third person.
All fields are required.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.