Getting banking websites and apps ready for peak traffic over the holiday season

Though 2024’s Black Friday and CyberMonday have now passed, there are still some shopping milestones coming up, such as the December holidays and New Year sales. In turn, this leads to more banking customers logging into their accounts, checking available funds or whether the money for a returned item has been transferred, and other activities. 

This means that banks and other consumer-facing financial services organisations must ensure that websites and apps are prepared for the extra traffic, which may not just be higher in volume but also hard to predict. 

Otherwise, potential risks include damaged consumer confidence or even an app or website grinding to a halt because it is unable to cope with the extreme volume of demands. This is why it is vital to perform rigorous testing in advance to ensure a great customer experience.  The starting point for an effective holiday-ready test strategy is to know what aspects to cover. Here are some typical examples:

• Simple, fast log-in or account creation
• A seamless experience with fast page access and loading
• Consistency across multiple operating systems and devices
• Address specific requirements – such as regional variations or accessibility (for instance, supporting customers with visual impairment)
• Efficient email trails – if required, following specific actions
• Integration with third party services and apps where relevant. 

Once priorities have been established, there are a variety of test types to consider. Some of the more familiar testing techniques include performance testing, which covers load, stress, spike and cross-device testing. The aim of performance testing is to verify the responsiveness and reliability of an app or website, at speed and at scale and it ensures systems handle high traffic with reliability, while cross-device testing guarantees a seamless user experience across different operating systems and devices. Scalable load testing tools can simulate high volume traffic spikes ro verify system responsiveness under extreme levels of demand.

Functional testing checks that features are doing their job without glitches or bugs. Database testing validates that any functionality relating to data is performing properly, while security testing looks for compliance with security strategies and regulations.

Further down the line, other steps include user acceptance testing, which may involve a focus group of users, plus production testing (when the website or app is live, but typically during an expected quieter period and often with advance notification to customers). 

Evolution of testing best practices

Best practices to adopt when implementing various types of test have evolved over the past few years and will continue to do so into 2025 and beyond. So, even software development and test professionals with extensive testing experience may benefit from re-examining these improvements. 

For instance, given the volume of tests that might be required and results generated, think about adopting or increasing test automation, including continuous automated testing, plus no-code/low-code and the new generation of AI-driven test techniques on the horizon. Not only will these help banks deal with large test requirements faster and at scale, but they also help to remove the risk of human error and enable non-test professionals to be involved.

Much has been written about ‘shift left’ over the past few years, a term that originally just applied to testing but now addresses the whole of the software development lifecycle (SDLC). The term refers to carrying out more activities earlier, so that issues can be identified and remediated more easily and cost-effectively (the later a flaw or vulnerability is detected, the more complicated, time-consuming and expensive it becomes to fix). By integrating shift left in combination with automation techniques into continuous integration/continuous delivery (CI/CD) pipelines, testing can be carried out earlier and more frequently, therefore reducing risks and accelerating software delivery.  

Another valuable technique is virtual service testing, whereby a simulated environment mimics a real service, so that testing can be performed in a risk-free and controlled way. Similarly, virtual device test labs enable teams to test applications across a wide variety of devices and platforms without the need for physical hardware, providing an effective way to discover how an app might perform on different smartphones, laptops or tablets.

A final but critical point to consider is the volume of sensitive data held in non-production environments including testing. It is vital that this data is protected to avoid it being leaked or leading to compliance issues. However, test teams also need access to realistic test data. This is why more organisations are using tools such as static data masking, which ensures sensitive data is protected, while maintaining realistic testing conditions, helping teams comply with regulations. 

While it is impossible to predict the exact impact of seasonal events like the holidays, much can be done by banks and other financial institutions to prepare themselves and their customers. By adopting modern testing approaches, financial institutions can improve system reliability and customer satisfaction during peak demand periods.