Use Case Tests - TanelOrumaa/Estonian-ID-card-mobile-authenticator-POC GitHub Wiki

NB! Notation info: ... in the extension test cases means that steps up to this point are same as in the main success scenario test.

Test Case #1

Use Case being tested:
Use Case #5 : Display the public information of the ID card in the authentication application
Inputs:
A valid Estonian ID card with an NFC interface
The CAN (Card Authentication Number) of the ID card has been saved
Initial system state:
The application’s home screen is active.
The NFC connection is enabled on the device and the system has permission to use it.


Main success scenario test:
 1. The user puts the ID card against the smartphone.

Expected results:
 The system retrieves personal information from the ID card.
 The application notifies the user that data has been retrieved from the ID card.
 The application displays the full name, personal identification number, gender, expiration date of the ID card and citizenship of the card holder.


Extension test: Invalid CAN used
 1. User saves invalid CAN (for example 000000).
 2. User puts the ID card against the smartphone.

Expected results:
 The system is unable to retrieve information from the ID card.
 The application notifies the user that the saved CAN was invalid.
 The application deletes the saved CAN.


Extension test: ID card removed from the smartphone before allowed
 1. The user puts the ID card against the smartphone and removes it immediately.

Expected results:
 Connection between the ID card and device is lost.
 The system notifies the user that connection to the ID card was lost.
 The application allows the user to try again.

Test Case #2

Use Case being tested:
Use Case #4 : Save CAN of the ID card on the phone
Inputs:
The CAN (Card Authentication Number) of an ID card
Initial system state:
The application’s home screen is active.


Main success scenario test:
 1. The user opens the app's settings and chooses to save the CAN of the ID card.
 2. The user enters the valid CAN.

Expected results:
 The application notifies the user that the CAN has been saved and displays it.
 The CAN is saved.


No extensions

Test Case #3

Use Case being tested:
Use Case #6 : Use biometric authentication to enter PIN1 during the authentication process
Inputs:
A fine finger
Initial system state:
The user has enabled biometric authentication in the application’s settings.
The user has saved a valid PIN1 to the biometric authentication method.
The application has launched to authenticate the user and the user is shown a biometric authentication dialog.


Main success scenario test:
 1. The user touches a fingerprint sensor on the device.

Expected results:
 The system detects the fingerprint and the application enters PIN1 for the user automatically.


Extension test: Device's biometric authentication functionality is inaccessible

Expected results:
 The system notifies the user that biometric authentication is currently unavailable.
 The application asks to enter PIN1 manually.


Extension test: Invalid fingerprint
 1. ...

Expected results:
 The system notifies the user that biometric authentication has failed due to a non-matching fingerprint.
 The application asks to enter PIN1 manually.


Extension test: Invalid PIN1
Initial system state:
The user has saved an invalid PIN1 to the biometric authentication method.

 1. ...

Expected results:
 The application notifies the user that biometric authentication has failed, because the saved PIN1 is invalid.
 The application cancels the authentication process.
 The application turns off biometric authentication mode in the settings until a new PIN1 is saved to this feature in order to avoid future use of this feature with an invalid PIN1.

Test Case #4

Use Case being tested:
Use Case #7 : Application automatically closes itself at the end of the authentication process
Inputs:
-
Initial system state:
The authentication application has been started by an intent coming from another application.
Necessary information has already been retrieved from the ID card.


Main success scenario test:
 1. The user completes the authentication process.

Expected results:
 The authentication application closes.


No extensions

Test Case #5

Use Case being tested:
Use Case #8 : Use the authentication application to log into a website
Inputs:
The CAN (Card Authentication Number) of an ID card
The PIN1 of an ID card
A valid Estonian ID card with an NFC interface
Initial system state:
The CAN and PIN1 has not been saved by the application.
The user has the authentication application installed on the mobile phone.
NFC technology is enabled on the user’s device and user has given the authentication application permission to use the NFC adapter.
A website that supports logging in with the authentication application is active in the device’s web browser.


Main success scenario test:
 1. The user selects the authentication application option as a method for logging in.
 2. The authentication application opens and the user enters the CAN of the ID card.
 3. User enters PIN1 of the ID card.
 4. User puts the ID card against the device in the 90 second time window.

Expected results:
 The authentication application closes.
 The website should inform the user that it has received the necessary information.


Extension test: The authentication application is not found
 1. ...

Expected results:
 Nothing happens.


Extension test: User fails to put the ID card against the device in time
 3. ...
 4. The user does not put the ID card against the device in the 90 second time window.

Expected results:
 The authentication application cancels the authentication process and closes.
 The user is returned to the website.


Extension test: Information exchange between the device and ID card fails
 4. ...

Expected results:
 The application cancels the authentication process and directs the user back to the website.


Extension test: CAN does not match the ID card
 1. ...
 2. The authentication application opens and the user enters a CAN that does not match the CAN of the ID card.
 4. ...

Expected results:
 The application notifies the user that the CAN provided was incorrect.
 The application cancels the authentication process and directs the user back to the website.


Extension test: Invalid PIN1
 2. ...
 3. User enters a PIN that does not match the PIN1 of the ID card.
 4. ...

Expected results:
 The application notifies the user that the PIN1 provided was incorrect.
 The application cancels the authentication process and directs the user back to the website.

Test Case #6

Use Case being tested:
Use Case #9 : Use the authentication application to give a signature on a website
Inputs:
The PIN2 of an ID card
A valid Estonian ID card with an NFC interface
Initial system state:
The user is logged in to a website using the authentication application.


Main success scenario test:
 1. The user starts a process that requires a signature on the website.
 2. The authentication application opens and the user enters the CAN of the ID card if prompted.
 3. User enters a valid PIN2.
 4. User puts the ID card against the device.

Expected results:
 The authentication application closes.
 The website should inform the user that it has received the necessary information.


Extension test: The authentication application is not found
 1. ...

Expected results:  The system should inform the user that the authentication app could not be found.


Extension test: User fails to put the ID card against the device in time
 3. ...
 4. The user does nothing.

Expected results:
 The authentication application cancels the authentication process and closes.
 The user is returned to the website.


Extension test: Information exchange between the device and ID card fails
 4. ...

Expected results:
 The application cancels the authentication process and directs the user back to the website.


Extension test: Invalid PIN2
 2. ...
 3. User enters a PIN that does not match the PIN2 of the ID card.
 4. ...

Expected results:
 The application notifies the user that the PIN2 provided was incorrect.
 The application cancels the authentication process and directs the user back to the website.

Test Case #7

Use Case being tested:
Use Case #10 : Use the authentication application to authenticate to an application running on the same device
Inputs:
The PIN1 of an ID card
The CAN (Card Authentication Number) of the ID card
A valid Estonian ID card with an NFC interface
Initial system state:
The PIN 1 and CAN are not saved
The user has the authentication application installed on the device.
NFC technology is enabled on the user’s device and the user has given the authentication application permission to use the NFC adapter.
An application that supports logging in with the authentication application is active.


Main success scenario test:
 1. The user selects the authentication application as a means for logging in.
 2. The authentication application opens and the user enters the CAN of the ID card if prompted.
 3. User enters PIN1 of the ID card.
 4. User puts the ID card against the smartphone.

Expected results:
 The authentication application closes.
 The requesting application should inform the user that it has received the necessary information.


Extension test: The authentication application is not found
 1. ...

Expected results:
 Nothing happens.


Extension test: User fails to put the ID card against the device in time
 3. ...
 4. The user does not put the ID card against the smartphone.

Expected results:
 The authentication application cancels the authentication process and closes.
 The user is returned to the requesting application.


Extension test: Information exchange between the device and ID card fails
 4. ...

Expected results:
 The application cancels the authentication process and directs the user back to the requesting application.


Extension test: Non-matching CAN
 1. ...
 2. The authentication application opens and the user enters a CAN that does not match the CAN of the ID card.
 4. ...

Expected results:
 The application notifies the user that the CAN provided was incorrect.
 The application cancels the authentication process and directs the user back to the requesting application.


Extension test: Invalid PIN1
 2. ...
 3. User enters a PIN that does not match the PIN1 of the ID card.
 4. ...

Expected results:
 The application notifies the user that the PIN1 provided was incorrect.
 The application cancels the authentication process and directs the user back to the requesting application.

Test Case #8

Use Case being tested:
Use Case #11 : Use the authentication application to provide a signature to another application
Inputs:
The PIN2 of an ID card
Initial system state:
The requesting application is active.


Main success scenario test:
 1. The user starts a process that requires a signature in the requesting application.
 2. The authentication application opens and the user enters the CAN of the ID card if prompted.
 3. User enters a valid PIN2.
 4. User puts the ID card against the device.

Expected results:
 The authentication application closes.
 The requesting application should inform the user that it has received the necessary information.


Extension test: The authentication application is not found
 1. ...

Expected results:
 The system should inform the user that the authentication app could not be found.


Extension test: User fails to put the ID card against the device in time
 3. ...
 4. The user does nothing.

Expected results:
 The authentication application cancels the authentication process and closes.
 The system returns the user to the requesting application.


Extension test: Information exchange between the device and ID card fails
 4. ...

Expected results:
 The application cancels the authentication process and directs the user back to the requesting application.


Extension test: Invalid PIN2
 2. ...
 3. User enters a PIN that does not match the PIN2 of the ID card.
 4. ...

Expected results:
 The application notifies the user that the PIN2 provided was incorrect.
 The application cancels the authentication process and directs the user back to the requesting application.

Test Case #9 (new)

Use Case being tested:
Use Case #12 : Save PIN 1 of the ID card on the phone
Inputs:
The PIN 1 of an ID card
Initial system state:
The application’s home screen is active.


Main success scenario test:
 1. The user opens the app's settings and chooses to save the PIN 1 of the ID card.
 2. The user enters PIN 1 with a length 4..12.
 3. The user clicks on the 'continue' button.

Expected results:
 The application notifies the user that the PIN 1 has been saved.  The PIN 1 is saved.


Extension test: Input length is not in range 4..12

Expected results:
 The application notifies the user that input is does not meet PIN 1 length requirements.