BACKGROUND

 

Cards OnLine is a small company that develops and sells electronic greeting cards over the Internet.  Cards OnLine markets cards that consist of:

·        Configurable Action Figures, computer graphics with animation that the buyer can select from a graphic menu

·        Personalized Greetings, a data panel that allows the buyer to enter text information to tailor the card to the sender (themselves) and the intended receiver

·        Personalized music that is played when the receiver opens the card and that the sender can select from a graphics menu.

 

The Buyer has to join the Cards OnLine Club to be able to buy cards, personalize them, and send them.  Before joining the Club, a prospective buyer can send one free card, but she has to identify herself via a Credit Card and an email address.  Once a Buyer joins the Club, she earns a free card every five.  Other than that, every time she selects and sends a card, she is charged a fee.  Accumulated fees for the month are tallied and the total deducted from her credit card in only one payment.  Buyers are recognized as soon as they enter the website, greeted with the name they signed in for the Club, and offered a menu of options.

 

Among the options are the capabilities to review her account, the list of delivered cards that have been opened, and the cards she has selected for future delivery (her “Treasure Trove”).  Any action that involves accounting requires added security to be performed.

 

When the Buyer requests a new card, a selection of cards related to her history are presented, plus some general categories that include “new” cards, and other categories like “Love,” “Friendship,” Get Well,” “Birthday,” “Bachelor Party,” “Seasonal,” etc.  Seasonal cards might be under a particular category when the time is ripe, for example “Hanukkah”, “Christmas”, “Kwanzaa,” Thanksgiving,” etc.

 

Two different types of problems have plagued the site:  it has been very slow in access in the past, and it has shown many defects during normal use; therefore, the next generation is in the plans.  Requirements have been gathered by interviewing someone from Marketing & Sales and the Security Officer.

 

What are the new requirements and what would be your testing approach?

MARKETING AND SALES REPRESENTATIVE INTERVIEW

 

What does Marketing & Sales expect of Version 2.0?

We have experienced a few problems with the current version.

• One serious problem is the loss of connectivity when the member has already started a session.
• Recovery is slow, painful, and sometimes impossible.  This discourages the heck out of our members; we see from usage statistics that after one of those episodes they tend to shy away from our site for over a month, sometimes forever.  We traced that to some program failures that we expect to be corrected by the programmers, but we cannot just patch the current code, so they tell me, because the flaw is in the heart of the program and impacts almost everything we do, something to do with the way we keep the connection information, I guess.  So, this prompted the move to a newer version.
• Since we are at it, we would like to move from Windows to Linux, which will provide us with the possibility of holding more sessions in parallel.
• We would like to significantly increase the response time of our site and the ability to work under larger loads.
• The functionality, from the point of view of the user, should not change, unless the addition of certain functions will enhance the services.
• We would like to keep the tried and true functions.

 

How will the overall system look to a new user?

This is a good question.

• Since we have decided to let prospective members send a couple (exactly two, no more, and not necessarily in the same session) Cards free, we need to identify them.
• So, they go through the process of opening an account, just like a joining member would, only that they are not charged for services.
• We also want to be able to identify the machine they link from, and check their Credit data.  This is not costly because we have a three-tiered algorithm that only checks at the credit card level when the others match, and usually these people end up joining in a high proportion, so that the money is well invested.
• As I was saying, we identify the prospect, check that is not someone that has done this before, and then set them loose in a restricted page that only gives them access to few selected Categories, rarely a Seasonal one.

 

What if the person has already had the free cards sent?

Well, in that case, we simply link them to one of the many pages in the net that offer similar services free.  We actually see a lot of traffic through our referring page; we think it has been bookmarked.

 

What are the ‘tried and true’ functions that you mention?

Well, a member can

• “Join” by following the correct link from the home page, then
• Completing a form with her name and,
• If under secure connections, her credit card information.
• Once the member confirms the application, we check that the credit information is kosher and we enable the member in our files.

In the same or other session, the member can now

• Select the link that takes her to our Card Services.
• That page presents a list of Categories as options to pick from.
• The member can follow a link for each category and, upon entering the corresponding page, view standard cards.
• If the member so wishes, she can select a card and customize the Action Figures® that are part of the card, or
• Go with the standard cartoons.
• In either case, they need to personalize the card before sending it.  Once they personalize it, they can
• Review it, or
• Send it directly.
• If they want to review it, they can go back to edit it.
• At this point they can also discard the card and go back to select another one from the same category or,
• Once on the Category’s Home Page, go to select another Category.
• When they send a card their credit card information is updated.  For reasons of administrative costs, we collect all the transactions for each member over a period of five weeks before invoicing their accounts.

 

What happens when the connection is not secure?

In that case, the member is given a 1-800 number to call and give us the credit card information.  The person on this side completes the application and the member can operate freely.

 

What happens when the credit card expires?

The system notifies us in advance (four weeks) of the upcoming expiration dates and it sends a reminder to the members via email.  If the member does not respond in time, the membership expires and she has to sign in again.

 

What other functions would you like to see in the new version?

The member today has no option to review the account status.  This has to change.

• She should be able to access her account’s history and her invoices, including the pending one.
• She is notified, upon request, of the opening of her card by the recipient, but we lose track of this once the email is sent.
• We want her to have access to the full history of her transactions with us and show her the records of everything she has done through us.
• She must be able to know what happened with a particular card, not just the ones received, but the others too.
• She might want to open one and change an email address;
• She must be able to do so.  You see, we charge for a service that many other sites offer for free because of the higher quality of our cards, so that we naturally want our services as well to have a differential for our members. 

 

What is a “Treasure Trove”?

It is a cutesy name we gave to what Amazon.com and other e-tailers call the Wish List.  It’s a list of cards that the member has marked as of high interest to her throughout her searches, whether she bought them then or not.  We keep this list for her, so that she can later refer to it when trying to recover “that card that was just for Mother’s anniversary”.

 

What are the loads you want the system to handle?

We want a

• 50% increase in response time to load the front page.
• This even in worst-case scenarios:
  • This past Christmas, we had over 5,000 new members per day.
  • Each member had an average of 1.3 sessions for the season, and
  • In each session, they constructed and sent an average of 7.6 cards.  This is a fantastic rate!  But you can see why we worry.

 

What security you want the system to have?

We want just enough security that the members feel comfortable, and so that the data is only accessed by rightful owners.  We don’t want anyone to impersonate a bona-fide member, and eventually corrupt his or her credit standing, through us.

 

What reporting capabilities will the system have to have for you?

We will need the system to provide us with just the usual.  We are used to querying the database in SQL, so we just want to continue doing so.  Of course, if the database structure changes, we need to know.

 

Are Card and Card Categories permanent?  Or do they have a life cycle themselves?  Who discards and/or adds Cards, Categories, and Action Figures?

Everything has a life cycle.

• Cards come and go,
• Action Figures® come and go,
• Whole Categories come and go.  Think of the Y2K bug, we had a Category for that.  Not that there is much interest in it nowadays.

We take a hard look at individual Card Sales and

• Discard the worse sales very month.
• If we think the problem is not the card itself, we change the sales pitch line that describes it and we give the card a second chance.
• The same takes place with Action Figures®.  We might even alter these a little, as we would with cards; if the feeling is that the members are “not getting it”.
• Not so with Categories, since they are usually very stable, sometimes just seasonal.
• They are programmed into our Sales Campaigns.
• When the time comes, the system reminds us via email of the season and we add the Category to our page.
• The Cards are treated differently: each is an individual creation that is tested with Focus Groups and incorporated into one or more of our Card Cats.
• Finally, Action Figures® fall somewhere in between, because they can be selling well in one Category and doing badly in others, so we need to reshuffle them in order to try new approaches that will work for our members.

 

SECURITY OFFICER INTERVIEW

 

What does Security expect of Version 2.0?

We don’t want to repeat problems that other sites have had.  We need good identification techniques and very safe access to the site from the user.  We need the technology to be ingrained into the system, it has to be at the kernel of it, and no page, other than the front page, can be accessed unless you are a member.

 

What about an initial “free Card” to show the possibilities of the site?

Well, that is true.  We should then have two similar pages, one for the member with full access, and another for the interested person who would like to know if joining is worth the money.

 

Do you require a secure connection in all instances?

No, only those transactions that involve recognizing the member as such.

 

What happens when the connection is not secure?

In that case, we restrict access to the member to only those pages that are free.

 

What happens when the credit card expires?

I don’t know, you should ask the Accounting Department.

 

What other functions would you like to see in the new version?

I don’t know, you should ask the rest of the company.

 

What are the loads you want the system to handle?

This is none of my business.  All I need to know is that whatever the number, they are all secure.

 

What security you want the system to have?

The best.  The very best.

 

What reporting capabilities will the system have to have for you?

I need to know the number of sessions, the number of hits per page, the percentage of secured connections, and the attempts to violate security.

 

Are Card and Card Categories permanent?  Or do they have a life cycle themselves?  Who discards and/or adds Cards, Categories, and Action Figures?

I don’t know and I don’t care.  Why do you ask me that?