Insurance App Testing Checklist (Policy, Claims, 2026)

Insurance apps handle sensitive personal / financial / health data, complex policy rules, and high-stakes claims flows. A broken claim submission during a real incident is a customer loss. This checkl

Insurance apps handle sensitive personal / financial / health data, complex policy rules, and high-stakes claims flows. A broken claim submission during a real incident is a customer loss. This checklist covers policy management, claims, and the regulatory layer.

Onboarding and account

1. Sign-up with email / phone
2. Identity verification (KYC) flow complete
3. SSN / tax ID captured securely (not logged)
4. Document upload (license, ID) works
5. Biometric login after setup

Policy

1. Policies list loads
2. Policy details clear (coverage, limits, deductibles)
3. Policy documents downloadable (PDF)
4. Beneficiaries editable
5. Rider / add-on management
6. Auto-renewal status visible

Quotes and purchase

1. Quote flow with sensible defaults
2. Rating factors captured (age, location, car model, etc.)
3. Quote displayed with breakdown
4. Purchase flow (payment) works
5. E-signature or consent captured
6. Policy issued immediately or clearly pending

Claims

1. File claim flow clear
2. Incident details form (date, time, place, description)
3. Photo evidence upload
4. Multi-photo / video support
5. Witness / police report attachment
6. Claim ID issued
7. Status tracking (submitted → under review → approved / denied)
8. Communication from adjuster in-app
9. Estimated payout / reimbursement visible
10. Direct deposit destination editable for payment

Payments

1. Premium payment methods (card, ACH, etc.)
2. Auto-pay setup and cancellation equally visible
3. Payment history accurate
4. Missed payment notification and grace period visible
5. Refund flow for cancellations

Health-specific (if applicable)

1. Medical records upload securely (HIPAA)
2. Prescriptions visible
3. Provider directory search
4. Deductible accumulated amount visible
5. Out-of-pocket maximum tracked
6. EOB (explanation of benefits) downloadable

Auto-specific

1. VIN entry with decode
2. Vehicle photos with damage annotation
3. Roadside assistance flow accessible
4. Towing contact in-app
5. Accident report wizard

Home-specific

1. Property details (sq ft, year, features)
2. Inventory / belongings list
3. Natural disaster claim shortcut
4. Contractor / repair network access

Notifications

1. Renewal reminder (N days before)
2. Payment reminder
3. Claim status updates
4. New document available
5. Disaster alert (if region-opt-in)

Compliance

1. HIPAA (health) — audit log per record access
2. GLBA (financial) — privacy notice
3. GDPR / state privacy — export, delete
4. Accessibility — WCAG 2.1 AA (ADA exposure)

Security

1. MFA required for account changes
2. Suspicious activity detection
3. Biometric required for high-value actions
4. Logout on inactivity
5. PII not in logs, URLs, push notifications

Accessibility

1. All forms labeled
2. Large text supported
3. Color contrast WCAG AA
4. Screen reader navigates policy and claim details
5. Voice input for claim description

Edge cases

1. Policy cancelled mid-claim — user informed
2. Duplicate claim submission prevented
3. Time-zone edge case for claim timestamp
4. Photo upload during disaster (poor network) — queued
5. User changes state / country — address update triggers re-evaluation

How SUSA tests insurance apps

accessibility_user verifies WCAG on every screen (legally required). elderly persona checks font sizes and touch targets on claim flows (demographic match). adversarial tests input validation on claim forms and invalid IDs.

susatest-agent test insurance.apk --persona elderly --wcag-level AA

Common bugs

• Claim photo upload fails on poor network, no retry
• Premium payment double-charges on retry
• Policy documents truncated when generated PDF exceeds page limit
• Accidental beneficiary change without re-confirmation
• Disaster notification fires for wrong region

Insurance is dull but critical. Annual audits plus per-release regression — always.