Negative testing is the process of software testing in which software has to go through with possible negative test cases. That test cases can be related to Negative workflow or negative security testing. Talking about negative workflow, negative test cases are the cases which most probably will not be followed by the end user of the software. Negative testing validates the software with invalid data. It determines the capability of the software to prevent any negative flow and react as expected.
Negative testing determines the stability of the software under different conditions. It shows that software works only the way that is supposed to work. Any other workflow which is not valid for the particular software will not entertain by the software.
There are few Technique which are used for the negative testing, negative test case depends on the type of the software. It can differ according to the type of the software but below are some common things that used for the negative testing.
Negative Testing Software Scenario & Techniques
There are many types of testing in the world, and each one has its own purpose. Some are more commonly used than others, but each is necessary to ensure that your product functions correctly. However, there are some testing techniques that may not be necessary at all. Here’s a quick look at negative testing techniques.
1. Injecting invalid data into URL (URL Testing)
- Testing URL of any applications. It includes security, example SQL injections can be taken as negative testing of the particular URL.
- Other examples of URL testing. URL https://www.google.co.in is the basic URL for google search. But putting invalid characters between URL and checking its behavior includes into negative testing. For example hitting URL as https://www.goo$%gle.co.in/ it should not display google page.
2. Not entering proper data into the input field and continue
- The basic requirement of doing negative testing on input fields is that it should accept proper data.
- If the application allows wrong data to be entered into the input field. It leads to the wrong data collection and that can be harmful while using that data into corporate.
- First negative testing example, if any input fields only allow integer then it should be tested with entering any string char too. That should prevent user to enter any string char instead of an integer. See below screenshot.
- Second negative testing example for the input field, for example, we see subscribe input fields in a number of websites where we input email to get news latter. It should only accept email format. If it’s taking format which is not email then it should prevent user to process further. See below screenshot
3. Verify database type test in UI as well as the database
- While working on the database testing, it is mandatory that database fields should only accept the value which is set to its table structure. It should not allow other types of value.
- If column set with the date and time data type then it should only accept date and time apart from that value should throw error into a console. That needs to be validated by database schema design. So that would be a negative test case for the database testing. Same thing should be tested on UI part as well,
4. Testing size possibility of any input field or any column of the database
- Testing possible size means that testing input field’s length. If one field which is text field have a length of 500 char then negative testing would be entering more than 500 char and test that field.
- So it will validate the size of the text field as well and also UI part as well that UI must prevent user to update this kind of negative flows.
- Another good example of Negative testing on an input field. Any password input fields minimum expects 6 char to be entered. It should not accept less than 6 char. That would be negative testing of the field.
5. Verify date format possibilities
- Testing negative testing of a date it necessary to prevent wrong and faulty data to be entered into database and UI.
- Example of negative testing on date format. For example date, input field allows only MM/dd/yyyy format. Then we need to enter all possible date format to test the validation and check how software behaves in the different conditions.
Session-based negative testing
- A session is time span in which it will decide user validation on a user account. Some decide time span ideal situation should be logged out automatically. So after some time of being an idea if a user tries to attend to change anything into their account, it shouldn’t let them do that. It will give validation of session timeout.
- So negative test case will be the same. Keeping idea time span satisfied and then try to change anything into the user account. It must prevent user to change anything into a user account.
- Also, need to be confirmed that it should time out on the exact time that has given by the developer. It should not time out before and after the exact time. That is priority negative test case.
Importance of negative testing from company’s perspective
- Negative testing secures the product on the security basis. It prevents software to be vulnerable by hackers or any entity.
- Negative testing makes sure that product is secured and will not be a failure with any negative workflows.
- Testing all negative desired workflow of the software will make sure good health of the software that reflects positively on the organization’s report. It’s the first and foremost priority of the software organization to deliver quality and bug-free software to the client.
- There is no doubt that positive cases are mandatory software must work on all positive workflows. But negative testing is more critical because any negative workflow failure can lead to the product fatal failure and that can cost huge financial and trust issues with the client.
Importance of negative testing from client’s perspective
- The client always has high expectation for zero bugs, in order to ensure that negative test cases must be taken care. If any function breaks it can be taken care and can be resolved. But any security issue will be taken so seriously by a client and it may have a very bad impression.
- The risk level of any negative workflow may differ with the domain of the product. Let’s say any stock market product will take any digit negative testing very seriously compare to any social domain product.
- While creating a negative test case and when giving information to the client it sometimes becomes necessary to categorizing negative bug flows and priority for the same.
How to create negative test cases and what are the things needs to keep in mind while creating negative test cases for any product?
- First and the foremost thing needs to be taken into consideration is that needs to identify that what is the risk factor for any product and boundary value analysis.
- Important thing is to think about all possible negative test cases that can be possible with the product. In which way product can result in failure. That all the flows need to be included in the report.
- Need to cover all the prior cases of the workflows. Which are high in risk and main functionality of the product.
- Cases also include medium risk and low-risk bug, however, whole software needs to be validated with the testing.
Advantages of the Negative testing.
- The software will be tested 360 degrees.
- Security of the software will get much stronger and fewer chances of software failure.
- Negative testing will make the client to trust more and it will make the client more confident in any software release.
- When the product is related to finance or intelligence-related then negative testing becomes very positive and profitable.
Disadvantages of the negative testing.
- Sometimes increases workload and unnecessary testing.
- Sometimes it too much time-consuming.
- Need to have the resource who is experienced in a particular domain.
How it takes place in an industry and how workflow goes?
- Whenever any product come to the testing phase, the tester will plan all the possible functional test cases and test plan will be executed.
- Then according to the size of the product, a team of a tester according to the module will be assigned to the creating negative workflows.
- Again negative test cases priority changes according to the product domain.
- Once all the negative test been executed then product gets release if any priority bug found then it goes again for the bug correction.
- Some companies give more important to negative test cases if that product contains more confidential information. But again it differs according to the product domain.
- Keeping in mind that functional testing is most important for any product. But assuring the security, quality, stability, and strength of the software negative testing must be included in test case and strategy.
- Hence often it happens that negative testing increases some load of testing but it reduces risk factor. Some type of domain like finance and other risk factor containing applications.
- It will validate all the data that is getting inserted into fields. It includes valid data and invalid data too.