Arming apps for the holiday season


The increase of mobile and online transactions has significantly raised the stakes for companies doing business in the app economy. The potential for lost revenue, broken trust, brand deterioration and bad publicity are just a few of the negative outcomes brought on by security breaches and software failures.

This year we’ve seen several high-profile incidents—Equifax and Yahoo are two examples. Since apps are one of the most vulnerable gateways for security and performance issues, businesses need to start thinking now about how to arm themselves for the influx of users this holiday season. Salesforce predicts that this Black Friday will be the busiest digital shopping day in US history, with a higher volume of transactions continuing well into December.)

>See also: App economy: desperately seeking security talent

In the months leading up to the holiday season, one of the biggest challenges facing companies is how to keep up with the rapid pace of commerce while maintaining an exceptional user experience—as well as giving teams the proper tools to do it. The foundation of the solution lies in DevOps and continual testing:

Making software updates a seamless experience for customers

The ability to deliver quality software in a short amount of time is dependent on a full toolchain – one weak link can hinder both time-to-market and quality. That is why it’s important to take a comprehensive approach to continuous delivery.

Testing is not an event that happens at a single point in time; security needs to be woven throughout the development process to ensure app security and build trust with consumers—starting in the requirement phase. Test cases can be automatically created and initiated, and occur at code check-in. This is the foundation of continuous testing.

As a complement to testing, teams should be actively monitoring application performance, infrastructure management service delivery and end-user experience. To monitor digital experiences, companies need analytics solutions that allow them to see, and resolve, potential problems before they start affecting customer experience.

>See also: Severe: the security risk to UK mobile app users 

Implementing a synthetic monitoring tool takes much of the burden off IT in maintaining website performance around the clock – even when there are no real users on the system to help find and fix issues before they occur. Teams can also mimic key transactions, like shopping cart checkouts, to mitigate roadblocks that cause bottlenecks or result in an outage.

App security testing also finds risks that would be vulnerable to a denial of service (DDoS) attack. If business app revenue is driven down because of an attack, it could be just as damaging to one’s career as a data breach would be to the company.

Keeping customers on the app

Being able to develop and deliver apps with speed, quality and a compelling experience should be a high-level priority. Customers expect the best, from up-to-date applications to an excellent user experience and seamless performance. This means that brands should rely on an agile approach to help them sense and respond to change based on how their app is performing as well as consumer feedback.

Combining an agile approach with DevOps helps deliver apps faster, but businesses also need to establish a continuous testing practice to ensure that they are adequately – and quickly – testing applications for performance, user experience and security.

A recent study by Accenture showed that once digital consumers leave, there is more than a 60 percent chance they are gone forever. It is essential to keep them interested and engaged with each experience, so focusing on delivering innovations faster than competitors is key. DevOps, continuous delivery and continuous testing have all been proven to increase the pace of companies delivering innovations to market.

>See also: The app-orientated world and the growing risk to privacy

IT should start by focusing on velocity, which is key to managing app updates and conflict resolutions. By choosing the most valuable, smallest pieces of work to implement agile planning and work sequencing, it is easier and faster to deliver to customers.

Applying agile portfolio management to quickly adapt and evaluate the start-to-finish cycle makes it easy for businesses to know they’re delivering new content and consumer value. Finally, optimise app investments on a continuous basis. Companies can do this by dynamically and intentionally reducing (or amplifying) investments in signature features and user value based on demand.

Controlling security risks and protecting data

The application economy has morphed dramatically in the landscape of IT security. Cybercriminals target the holidays’ uptick in consumer data input (an example of this a can be seen in the 2016 attack on 1-800-Flowers customers). Risk needs to be controlled in a way that assures application performance isn’t hindered by security.

Through examining user behaviour when interacting with a business over time, it’s possible to get a baseline of known patterns and hidden identity characteristics. If they deviate beyond a certain amount, the business has the information to understand that the identity may be fraudulent.

>See also: Are mobile app downloads putting businesses at risk?

An increasing selection of artificial intelligence (AI) tools means businesses can learn and monitor shoppers’ behavioural patterns for anomalies and suspect patterns that accompany fraud.

When AI partners with machine learning (which is already employed in FinTech), organisations can provide real-time protection and plans to block fraudulent attempts, and cardholder and issuer risk.

Security should be ingrained, so companies can automate (for minimal effort) any authorisations to reduce fraud. This will make it easier to balance revenue growth with risk control.

Post-holiday rush

Some companies have already mastered their digital transformation, while others are just starting the process. No matter where a business is along this journey, there will always be new hurdles to jump over that require a comprehensive suite of tools, so planning beyond the holiday season is important.

It’s hard to future proof apps, so testing for weaknesses is similar to trying to predict the future. Companies may know the risks of today, but the ones of tomorrow are unknown. Threat analytics can help determine behaviours that could identify new types of attacks and vulnerabilities.

>See also: The mobile threat landscape

As businesses move towards a mobile-first economy, each year the holiday season promises more consumer traffic than the one before. Readying apps properly today will ensure teams’ fluency in best practices tomorrow—not to mention sustained customer loyalty.

This holiday season and beyond, it’s important to take a holistic approach to your application development strategy by employing the right tools and technologies to make your business a success.


Sourced by Ayman Sayed, president and chief product officer at CA Technologies


The Women in IT Awards is the technology world’s most prominent and influential diversity program. On 22 March 2018, the event will come to the US for the first time, taking place in one of the world’s most prominent business cities: New York. Nominations are now open for the Women in IT USA Awards 2018. Click here to nominate

Avatar photo

Nick Ismail

Nick Ismail is a former editor for Information Age (from 2018 to 2022) before moving on to become Global Head of Brand Journalism at HCLTech. He has a particular interest in smart technologies, AI and...