This website uses cookies to ensure you get the full experience. You can change this any time. Learn more

Bugs Found in Dokobit for iOS

Bug CrawlBugs Found in Dokobit for iOS

Dokobit

4.9
Download on the Apple Store Logo Download on the Google Play Logo

Dokobit is a handy mobile app that enhances productivity by facilitating electronic document signing and management. It is readily available for both iOS and Android users.

Enriched with a multitude of features, this app empowers users to authenticate legally binding documents and directly manage signing workflows on their phones. It essentially transforms the complex process of document management into a hassle-free task.

Our team at QAwerk has completed an extensive bug crawl of the Dokobit mobile app. During this process, we discovered some bugs that affect the user experience and, most importantly, the product’s security. We invite our readers to review our findings and see how these issues can be remedied with comprehensive security testing and by implementing the best QA practices.

5K+downloads
70 ratings
dokobit.com

‘Access Denied’ JSON error is displayed after clicking ‘Sign anyway’ (‘Sign with One-Time Password via SMS’ option)

Severity:

Critical

Precondition:

The app is installed.

Steps to Reproduce:
  1. Navigate to the ‘Documents’ tab.
  2. Decline a signature.
  3. Verify that the document is marked as ‘Declined’.
  4. Open the ‘Declined’ document.
  5. Tap the ‘Sign anyway’ button.
  6. Select the ‘Sign with One-Time Password via SMS’ option.
  7. Tap the ‘Sign’ button.
Environment:

iPhone 14 Pro, iOS version 26.2.1

Actual Result:

The user is presented with an ‘Access Denied’ (403 error) JSON page.

Expected Result:

The user should not be able to view the JSON page. Instead, an appropriate validation message should be displayed.

App closes when pressing ‘Delete’ key on iOS keyboard after entering invalid OTP code

Severity:

Major

Precondition:

The app is installed.

Steps to Reproduce:
  1. Launch the app.
  2. Tap the ‘Log in’ button.
  3. Select the ‘Country’ option.
  4. Select the ‘One-time Password via Email’ option.
  5. Enter a valid email address.
  6. Tap the ‘Login’ button.
  7. Open the received email.
  8. Return to the app.
  9. Enter an invalid OTP code.
  10. Tap the ‘Delete’ key.
Environment:

iPhone 14 Pro, iOS version 26.2.1

Actual Result:

The app closes automatically when you tap the ‘Delete (⌫)’ key after entering an invalid OTP code.
Note: The delete key functions as expected if the user does not open the received email.

Expected Result:

The user should be able to delete the entered OTP code without issue.

Option to save ‘First Name’ and ‘Last Name’ fields as empty in ‘Settings’

Severity:

Major

Precondition:
  1. The app is installed.
  2. The user is signed up.
Steps to Reproduce:
  1. Navigate to the ‘Settings’ tab.
  2. Update the ‘First Name’ and ‘Last Name’ fields to empty values.
Environment:

iPhone 14 Pro, iOS version 18.6.2

Actual Result:

No validation messages are displayed when the fields are left empty. The user’s name in emails and other parts of the application remains empty.

Expected Result:

Validation messages should appear upon attempting to save empty ‘First Name’ and ‘Last Name’ fields in the ‘Settings’ tab.
Note: validation messages are displayed on the ‘Enter Personal Information’ page for those respective fields.

Erroneous ‘Comment does not exist’ message appears if participant tries to remove owner’s comment

Severity:

Major

Precondition:
  1. The app is installed.
  2. The app is open.
  3. A document is uploaded.
Steps to Reproduce:
  1. Open the document.
  2. Tap the ‘Share’ button.
  3. Switch to the ‘Email’ tab and enter a valid email address.
  4. Tap the ‘Done’ button.
  5. Enter a message.
  6. Tap the ‘Share’ button.
  7. Switch to the ‘Comments’ tab.
  8. Verify the added comment is displayed.
  9. Log in to the app as another participant ( added in the previous steps).
  10. Open the shared document.
  11. Navigate to the ‘Comments’ tab.
  12. Swipe left to delete the comment.
Environment:

iPhone 14 Pro, iOS version 18.6.2

Actual Result:

‘Comment does not exist’ message is displayed.

Expected Result:

The participant should not be able to delete the owner’s comment. An appropriate validation message should be displayed instead.

Black bar appears at top of screen when closing ‘Validations’ page

Severity:

Minor

Precondition:
  1. The app is installed.
  2. The user is logged in.
Steps to Reproduce:
  1. Navigate to the ‘Validations’ page.
  2. Tap the ‘Cross’ button.
Environment:

iPhone 14 Pro, iOS version 18.6.2

Actual Result:

A black bar appears on the top of the screen.

Expected Result:

No black bars should appear after closing any pages.

Overlapping text on ‘Terms of Service’ page

Severity:

Minor

Precondition:
  1. The app is installed.
  2. The user is logged in.
  3. The document is uploaded.
Steps to Reproduce:
  1. Navigate to the ‘Documents’ tab.
  2. Open the document that requires a signature.
  3. Tap the ‘Sign’ button.
  4. Tap the ‘Terms of Service’ link.
Environment:

iPhone 14 Pro, iOS version 18.6.2

Actual Result:

The text on the ‘Terms of Service’ page is overlapping.

Expected Result:

The content on the ‘Terms of Service’ page should be displayed clearly without any overlapping.

Overlapping text on ‘Terms of Service’ page
The application performs well overall and offers a user-friendly, intuitive flow. However, I would recommend conducting comprehensive security testing and paying particular attention to role and permission management. There may be risks related to access control, especially in document-sharing and signing scenarios, that could affect security and the user experience.
Tetiana, QA engineer

Tetiana, QA engineer

Need a reliable QA partner?

Hire us

RELATED BUG CRAWLS