Why website and application testing takes so long

If you’ve had a scoping call with a website or application developer like us and received a bulky proposal with days and days of testing; you might wonder why website and application testing takes so long. What ARE we doing and how do we justify it as such a big chunk of time in proposals? Well, today we’re going to shed a little light on just what we’re testing, so you can feel more at ease that your project is in safe hands.

What kinds of tests are there?

Many guides to website and application testing sort the kinds of tests into 8 buckets. These are Functional, Localisation, Payment, Performance, Usability, Accessibility, Security and Crowdsourced. We’ll explore each one below.


This is the basic stuff like, do the forms work and are the URLs going where they should. Is anything broken or slow to load? Does the customer 404 page work? How does it look across the different devices?


Are there any translation or dialect issues to contend with? How are special characters displayed? Are you using the right currencies? Does the website show up properly globally? How fast is it?


How well do payments work across devices and providers? Are you offering the right currencies and options? How easy is it to buy? Are there any hurdles? What about addresses? Do they all input properly?


This section could really be four subsections covering spike testing, endurance, stress and load. It will include cross-browser testing, multi-device testing, platform testing and new versus return user testing. We’ll look at how the images load, the way the information is displayed and what the load times are. At what volumes does your website begin to fail and is that a business risk? 


A big factor for conversion – how does the user journey work? Are there breaks in the chain or is everything seamless? Are you able to segment and channel users down unique flows? What do users look at and is that what you want them to do?


90% of websites are inaccessible to people who need them. How well does your website work? Are you providing support for the colourblind, deaf or visually impaired? Are screen reading tools working well? Is there any risk of your website elements or animations exacerbating any conditions like seizures etc?


Another chunky bit of website and application testing is the security portion. This could involve vulnerability scanning, security scans, risk assessments, pen testing, audits, ethical hacking or a top-level posture assessment. We check things like authentication, privacy settings, PCI compliance, GDPR compliance, user access limits and threat detection measures.


Lastly, getting real users to have a go is often either an overlooked or too-highly-relied-upon part of website and application testing. While they should never be a substitute for proper testing from an approved 3rd party provider; getting users to look at your app or website can reveal new breaks in the user journey or user-created issues that you wouldn’t find relying on professional testing resources alone.


So, it’s clear that website and application testing is a pretty detailed and cumbersome process. While automated testing is available for some parts, it’s a good idea to apply a formulaic approach and tick all these boxes to prevent costly downtime and service recovery measures.

Want to weigh in on testing? Come join the convo on LinkedIn or Twitter. Or, if you require support for your own project, reach out to the team here.