Testing and Certification
    • 27 Jul 2023
    • PDF

    Testing and Certification

    • PDF

    Article Summary


    Testing and certification are essential for FinTech implementations for several reasons:

    • Quality assurance: Testing ensures that the your product works as expected, and any bugs or issues are identified and resolved before release. Certification provides an independent validation of the quality and functionality of the product, giving users confidence in the product's performance.
    • Security: Your products deal with sensitive user data, and security vulnerabilities could result in significant harm to users. Testing and certification help identify and address any security weaknesses in the product, ensuring that it is secure and compliant with relevant regulations and standards.
    • Customer satisfaction: Your customers expect a high level of service and reliability. Testing and certification help ensure that the product meets customer expectations, reducing the risk of churn and enhancing customer loyalty.


    Please provide your I&O Specialist with access to the FinTech application 3-weeks prior to your desired launch date. 


    Synctera Certification
    Your I&O Specialist will review the FinTech application with the below conditions in mind. We hope to review the results with you to ensure the full end-to-end flow for your end-customers is amazing!

    You can download our Test Pack here for test-cases:

    Application Security 

    We will be testing the following functionality:

    • Strong password requirements
      • Alpha, numerical, case sensitive, & special characters
      • At least 8-characters
      • Password should not contain
        • Customer’s name or SSNs 
        • Common word 
        • Phrases on common password lists
        • Sequential/Repeating letters & numbers
    • App should timeout in < 30 minutes
    • 2FA available for customers

    Personal Identifiable Information (PII)

    • Customer should not be able to change DOB or SSN.
    • Customer should be able to change address, but should be additional 2FA or requires providing evidence of the change (e.g. utility bill).



    • Customer is shown disclosures prior to account opening
    • Customer cannot open accounts without agreeing to disclosures


    • Customer sees KYC disclosure prior to collection of PII 

    Account Linking



    • Oauth flow - test to see if major banks and credit unions can be linked via instant match authentication. 
    • Microdeposit flow - test to see if the manual, microdeposit flow works. This may take up to 3 days to test depending on when the microdeposit arrives at the institution. 


    Coming soon.



    Disclosure and Authorization

    • ACH Authorization Agreement is in place as a disclosure either in the initial disclosure list or in the ACH page
    • ACH verification is happening via Plaid or Finicity 


    • Incoming ACH (x3)
    • Outgoing ACH debit(x3)
    • Outgoing ACH credit(x3)
    • ACH return (x1)

    Debit Cards


    • Cardholder agreement is in place as a disclosure either in the initial disclosure list or when the card is issued.


    • Virtual card e-purchase (x2)
    • Physical card purchase(x2)
    • Add card to digital wallet (if applicable)
      • Apple wallet (x1)
      • Google wallet(x1)
    • ATM withdrawal (if applicable)


    Coming soon.


    Synctera's Ground Control team will be scheduling a meeting to review the any compliance related items 2-weeks post-launch. We will be going over the results of KYC and/or KYB cases, fraud and AML issues, and dispute management. 

    Was this article helpful?

    Changing your password will log you out immediately. Use the new password to log back in.
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.