Even as the acceptance of blockchain as a reliable technology widens in the banking sector, software quality assurance will be a must to ensure these projects succeed

Written by Vivek Porwal, Sr. VP & Delivery Head – Banking, ‎QualityKiosk

Perceived to be used only for the trading of cryptocurrencies initially, the decentralised electronic ledger technology, popularly known as blockchain, is being employed for multiple purposes by organisations world-over. From insurers (and hospitals) sharing patient health records to consumers sharing excess electricity with each other and with the power grid, to the casting of votes in an election—blockchain offers limitless possibilities to transferring information (or money) securely and transparently.

According to a report published by Grand View Research, the global blockchain technology market is predicted to touch $7.59 billion by 2024, growing by 37.2% year-on-year. The industries driving growth in adoption of blockchain technology include banking and financial services, consumer or industrial products companies, information technology, media and telecom, healthcare, transportation, and public sector undertakings. As per a study conducted by 6Wresearch, India’s blockchain technology market is predicted to grow by 58 per cent annually from 2018 to 2024.

Blockchain in banking

One of the key sectors that can leverage blockchain technology to its fullest advantage is banking. According to a study by Juniper Research, blockchain deployments will help banks realise savings on cross-border settlement transactions of more than $27 billion by the end of 2030.

While multiple use cases are available in banking, as per a Reserve Bank of India report by the Working Group on FinTech and Digital Banking, the banks in India are permitted to set up permissioned blockchains for centralized KYC, cross-border payments, Trade finance and syndication of loans, besides for their internal purposes.

Starting with ICICI Bank, Kotak Bank and Axis Bank in 2016, more and more banks are looking at examining blockchain’s potential. Given this scenario, as a technology, blockchain is here to stay. For example, in an industry-wide private blockchain deployment, multiple banks can be the participating members. Using such a network, customer KYC documents can be safely shared with each other for cross-validation and to avoid duplication of document processing. Similarly, a blockchain network can be deployed at a global level with participating member banks using it for executing cross-border payment transactions securely. Quality assurance (QA) testing becomes essential in each of these applications of blockchain to ensure that the technology works smoothly delivering the desired benefits.

Industry-wide blockchain

Consider centralised KYC as a hypothetical use case example to examine the role played by QA. In an industry-wide permissioned blockchain in which several banks are participants, the process begins with a bank registering itself as a participant. Upon registration, it starts onboarding its customers by uploading their KYC documents to the blockchain network. This data gets converted from images to Hex format at the blockchain level. The bank also whitelists a few other banks on the network it is willing to share its customer KYC data with. Functional and workflow testing become crucial to ensure that the entire process is followed methodically and without errors.

When a whitelisted bank requests for another bank’s customer KYC data, the requester bank is then provided access to that data for a consideration in a currency accepted by all participating banks which could be a virtual currency. The system also needs to be tested for access rights, data privacy, authentication, and transaction consideration.

The data access request and retrieval involve data conversion (to Hex format) and reconversion (back to images) for retrieval, making checks for data sanctity and fidelity (accuracy, protection from loss or tampering, etc.) essential. Auditability, authenticity, data ownership, and Blockchain security controls are other important areas QA testing addresses. As the process is driven by API integration between blockchain framework and application and hence API testing, business rules & workflow at applications layer and data conversion at blockchain layer are important functions fulfilled by QA.

A few other areas where QA testing plays a major role include usability / Compatibility testing, privileged access management testing, ensuring low response time (performance testing), data encryption, storage and retrieval testing, and security testing.

Blockchain adoption considerations

Even as banks look at investing in the permissioned blockchain model, there are a few critical elements they will need to consider to keep risks under control. Examining a few critical aspects beforehand may help a bank conduct quality assurance for any permissioned blockchain implementation successfully.

• Architecture assessment: Examine the technology architecture and design to be used for the Application presentation layer, API layer to integrate with blockchain framework and the blockchain platform (like Hyperledger Fabric, R3 Corda, Ethereum, Mutlichain, etc). Consider whether nodes are to be hosted on public or on-premise (private) cloud which consensus mechanism are used. 

• Use Led QA: Consider the end user of application from the perspective of Bank to cover the Bank end QA of app and from Consumer perspective cover the User Experience led QA to ensure that no compromise of quality, Speed of delivery and end User Experience due to technology stack. It is expected to be even better experience then having traditional multi-hand shacking apps. 

• Process flow and integrations: Examine how the existing interfacing systems are connected with blockchain framework. Assess whether the solution is geared to work seamlessly with the bank’s internal systems. 

• Data encryption: Ensure the data and images are encrypted and stored in blockchain and decrypted &retrieved in an error-free manner. The privilege controls within the network and the access provided to other participants nodes need to be clearly defined and tested.

• Compliance testing: Ensure the regulations related to customer data privacy and other aspects such as storage, authentication and verification are being complied with.

An ongoing process

Software quality proves essential not just at the beginning of a blockchain-based centralised KYC, remittances, clearing and settlement, trade finance, loan syndication, etc., but even afterwards. The use of blockchain by banks may be limited in the initial days. However, as the technology matures, banks will expand the scope of blockchain projects, further making quality engineering an essential component of these initiatives.