If you ship a fintech product, the hardest part of AI testing for fintech apps is not writing the test — it is making sure the test never becomes a breach. A single end-to-end run through onboarding touches a government ID number, a card PAN, a one-time passcode, and a session token, and most AI testing tools answer the obvious question — "where does that data go?" — with a shrug and a SOC 2 badge. This guide is for QA engineers and SDETs at banks, neobanks, lenders, and payment processors who have to test KYC, payments, and two-factor flows without sending a single account credential to a third party. We will walk through how to do that with BrowserBash, a free, open-source CLI that runs the model locally by default, and how that posture differs from cloud-only platforms like Functionize and Rainforest QA.
The promise here is specific and testable. You write the journey in plain English, an AI agent drives a real Chrome browser through it, your secrets are masked as ***** in every log line, and — when you run on local models — nothing about the run leaves your laptop or your build agent. No API key, no upload, no vendor in the data path. For a regulated team, that last property is not a nice-to-have. It is often the difference between a tool you can use and a tool legal will never approve.
Why fintech E2E testing breaks the usual AI-testing model
Most AI testing platforms are SaaS. You point them at your staging URL, they spin up a browser somewhere in their cloud, an LLM they host plans the steps, and the run executes on their infrastructure. For a marketing site or an internal dashboard, that is fine. For a fintech app, it quietly creates a data-residency problem that nobody on the sales call mentions.
Think about what a real onboarding test types. To exercise KYC, you submit a name, a date of birth, an address, and frequently a passport or driver's license number. To exercise a payment, you enter a card number, CVV, and expiry — even if it is a sandbox card, your test harness is now handling PAN-shaped data through systems that may fall under PCI scope. To exercise login and step-up auth, you type a password and a 2FA code. Every one of those values flows through the testing tool. If the tool runs the browser in its cloud and plans steps with a hosted model, your test data and a transcript of your screens now live, however briefly, on someone else's servers.
The compliance questions stack up fast. Where is the browser running? Which model saw the screenshot of the ID upload page? Is the prompt that contains the OTP retained for model training or abuse monitoring? How long are run artifacts kept, and can you guarantee deletion? For a team under GDPR, PCI DSS, SOC 2, or a banking regulator's audit, "trust our retention policy" is not an answer you can put in a control document. You need to be able to say the data physically never left your boundary.
That is the gap BrowserBash is built around — not by adding more certifications, but by changing where the work happens.
How local-first AI testing keeps account data on your machine
BrowserBash is Ollama-first. When you run it, it auto-detects a local Ollama install and uses a free local model to plan and judge the test. There is no API key to configure, no account to create, and — this is the load-bearing part — nothing about the run is sent to any external service. The model runs on your CPU or GPU, the browser runs on your machine (your real Chrome by default), and the screenshots, the DOM, the prompt that contains the card number, and the verdict all stay inside your boundary.
The resolution order is explicit and predictable: BrowserBash looks for a local Ollama endpoint first, then falls back to ANTHROPIC_API_KEY, then OPENROUTER_API_KEY. If you never set those environment variables, you physically cannot leak data to a hosted model, because there is no provider configured to send it to. That is a meaningfully stronger guarantee than a policy promise. The absence of a key is an architectural control, not a checkbox.
Here is the install and a first local run:
npm install -g browserbash-cli
# With Ollama running locally, this uses a free local model — no API key, no upload
browserbash run "Open the staging banking app, log in, and confirm the account dashboard loads"
Because the agent reads the live page on every step instead of relying on hardcoded selectors, the test describes what a person does, not how to find each field. That matters in fintech for a reason beyond resilience: KYC and payment UIs are some of the most frequently redesigned screens in any product, because compliance requirements and provider integrations change constantly. A selector-pinned test of your card-entry form breaks the week your payments team swaps processors. An intent-based test re-reads the page and adapts.
The honest caveat about local models
Local-first is the right default for fintech, but be realistic about model size. Very small local models — roughly 8B parameters and under — get flaky on long, multi-step objectives. A ten-step KYC journey with conditional branches (document upload, liveness check, manual-review fallback) can confuse a tiny model halfway through, and you will spend more time debugging the agent than the app.
The sweet spot is a mid-size local model — Qwen3 or a Llama 3.3 70B-class model — which is large enough to stay coherent across a long flow while still running entirely on your own hardware. If you have a workstation or a CI box with enough VRAM, that is the configuration to standardize on. If you do not, and a particular flow is genuinely hard, you have the option of a capable hosted model for that one flow while keeping everything else local. The point of local-first is not zealotry; it is that the secure path is the default path, and you opt out deliberately, per flow, with eyes open.
Secret-masked variables for KYC, payments, and 2FA
Keeping the model local solves the "where does the data go" problem. It does not by itself solve the "where does the data get written down" problem. Test runs produce logs, and logs are where credentials quietly leak — into shell history, CI build output, archived run transcripts, and screenshots that outlive the run by months. A test that handles a card number safely in memory but prints it to a CI log has still failed the security review.
BrowserBash handles this with committable Markdown tests and secret-marked variables. You write a *_test.md file where each list item is a step, you parameterize the sensitive values with {{variables}}, and you mark the secret ones so they render as ***** in every log line the tool emits.
A KYC and login flow looks like this:
# kyc_onboarding_test.md
#
# Variables:
# email = qa.user@example.com
# password = {{secret}}
# ssn = {{secret}}
# otp = {{secret}}
#
# Steps:
# - Open https://staging.yourbank.app/onboarding
# - Enter {{email}} into the email field and {{password}} into the password field
# - Click "Begin verification"
# - Enter {{ssn}} into the tax ID field
# - Upload the test ID document and click "Submit for review"
# - When prompted, enter {{otp}} into the one-time passcode field
# - Confirm the page shows "Verification submitted"
browserbash testmd run ./kyc_onboarding_test.md
When this runs, the password, the tax ID, and the OTP appear as ***** in stdout, in the generated Result.md report, and in any log line the agent writes. The masking is applied at the logging layer, so it holds even when a step fails and the tool dumps extra diagnostic context — which is exactly the moment a naive harness would print the raw value.
Three properties make this work well for regulated teams. First, the test file is committable and reviewable — your security reviewer can read the journey in a pull request and see that secrets are marked, without the secret values ever being in the repo. Second, @import composition lets you build a shared library of flows (a login_test.md, a step_up_auth_test.md) and compose them into longer journeys, so the secret-handling pattern is defined once and reused. Third, the human-readable Result.md written after each run gives you an audit artifact that is safe to attach to a ticket, because the sensitive fields are already redacted.
Where the secrets actually come from
Mark the variable as secret in the test, but source its value from your existing secrets manager — a CI secret, a .env that is gitignored, a vault. BrowserBash does not want to own your secrets; it wants to make sure that once a secret enters a run, it does not escape through a log. Combined with local models, you get a clean story end to end: the value comes from your vault, is typed into a browser on your machine, is judged by a model on your machine, and is redacted everywhere it could have been written down.
BrowserBash vs Functionize vs Rainforest QA
Functionize and Rainforest QA are both established, capable platforms, and for many teams they are the right call. This is not a takedown — it is a comparison of architecture and fit, and there are fintech scenarios where each of these tools is the better answer. Where a competitor's internals are not publicly documented, I will say so rather than guess.
| Dimension | BrowserBash | Functionize | Rainforest QA |
|---|---|---|---|
| Delivery model | Open-source CLI, runs locally | Cloud SaaS platform | Cloud SaaS platform |
| Where the model runs | Local by default (Ollama), or your own hosted key | Vendor-hosted AI (details not publicly specified) | Vendor-hosted; historically combined automation with a crowd-tester network |
| Where the browser runs | Your machine / your CI by default | Vendor cloud | Vendor cloud |
| Cost | Free, $0 model bill on local models | Paid, enterprise pricing (not public) | Paid, enterprise pricing (not public) |
| License | Apache-2.0 | Proprietary | Proprietary |
| Secret handling | {{variables}} masked as ***** in all logs |
Platform-managed; specifics not public | Platform-managed; specifics not public |
| Data residency | Data can stay entirely on your machine | Runs in vendor infrastructure | Runs in vendor infrastructure |
| Best fit | Teams that need credentials to never leave their boundary | Teams wanting a managed, self-healing enterprise suite | Teams wanting managed runs plus human verification |
A few honest points behind that table. Functionize has invested heavily in a polished, managed authoring and self-healing experience, with dashboards, scheduling, and team features that a CLI does not try to replicate out of the box. If your QA org wants a single hosted platform that non-engineers can drive, and your compliance team is comfortable with a SaaS data path, Functionize is a strong fit and BrowserBash is not trying to be that product.
Rainforest QA historically paired automation with a network of human testers, which is genuinely valuable for the kind of exploratory, "does this feel broken" checking that no LLM does well. If part of your fintech QA need is human judgment on ambiguous flows — a confusing fee disclosure, a misleading consent screen — a crowd-backed platform offers something a local CLI cannot. Use the right tool for that.
What BrowserBash uniquely gives you is the data-residency guarantee. With the cloud platforms, your test inputs and screen captures run through vendor infrastructure; that is inherent to the SaaS model, not a flaw. For a marketing-site test, who cares. For a flow that types a real customer's SSN or a live card number, that data path is exactly the thing your auditor will ask about, and "it never left our machine" is the cleanest possible answer. If that property is a hard requirement, the comparison is not close. If it is not a requirement for you, the managed platforms may save your team real time.
A complete secure payment-flow walkthrough
Let's make this concrete with a checkout-style payment verification, since the same shape applies whether you are testing a card top-up, a bill payment, or a transfer. The real example BrowserBash is built to run — log in, add an item to the cart, complete checkout, verify the success message — maps directly onto a payment flow.
# payment_topup_test.md
#
# Variables:
# email = qa.user@example.com
# password = {{secret}}
# card = {{secret}}
# cvv = {{secret}}
#
# Steps:
# - Open https://staging.yourbank.app/login
# - Log in with {{email}} and {{password}}
# - Go to "Add funds"
# - Enter 100.00 as the amount
# - Enter card {{card}}, CVV {{cvv}}, and any future expiry
# - Click "Confirm payment"
# - Confirm the page shows "Top-up successful"
browserbash testmd run ./payment_topup_test.md --record
The --record flag captures a screenshot and a full .webm session video of the run via ffmpeg, on any engine. For a payment flow, that video is your evidence that the success state actually rendered — useful for a regression ticket and for the auditor who wants proof the test exercised the real UI. Because secrets are masked, the card number is ***** in the logs even though the run typed the real sandbox value into the form.
When you wire this into CI, add --agent. That switches output to NDJSON — one JSON event per line on stdout — and gives you clean exit codes: 0 passed, 1 failed, 2 error, 3 timeout. No prose parsing, no scraping a human log to decide whether the pipeline goes red.
browserbash testmd run ./payment_topup_test.md --agent --headless
--headless runs without a visible browser window, which is what you want on a build agent. The combination — local model, masked secrets, NDJSON output, deterministic exit codes — is a fintech-friendly CI step: it gates the build, leaves a redacted audit trail, and never phones home.
Visibility without giving up control
You may want run history and replays without sending data anywhere. BrowserBash gives you a fully local dashboard with browserbash dashboard — run history and artifacts, served from your own machine, no upload. There is also an optional free cloud dashboard (run history, video recordings, per-run replay) that is strictly opt-in: you have to run browserbash connect and pass --upload for anything to leave your machine, and free uploaded runs are kept for 15 days. For a fintech team, the meaningful default is that the local dashboard exists, so you can get team-grade visibility into KYC and payment runs without an upload ever happening. You learn more about both modes on the features page, and the pricing page spells out exactly what is free.
Where to run the browser: local, CI, and managed grids
By default the browser runs locally — your real Chrome, on your machine. That is the most secure option and the right one for sensitive flows during development. But fintech teams also need cross-browser coverage and scale, and BrowserBash supports that through providers, switched with a single --provider flag: local (default), cdp (any DevTools endpoint), browserbase, lambdatest, and browserstack.
There is a real trade-off to name here. The moment you run the browser on a managed grid, the page — including any secrets typed into it — renders on that vendor's infrastructure. So for fintech, a sensible split is: run secret-bearing flows (KYC, real payment, step-up auth) locally or on a cdp endpoint you control, and use a managed grid like LambdaTest or BrowserStack for cross-browser checks of non-sensitive screens — marketing pages, public calculators, the logged-out experience.
# Cross-browser check of a NON-sensitive page on a managed grid
browserbash run "Open the public loan calculator and verify the APR field accepts 7.5" \
--provider lambdatest
The principle is the same one running through this whole article: keep the secure path the default, and step outside it deliberately, only for the flows where it is safe to. The learn section goes deeper on provider configuration, and there are real-world write-ups in the case studies.
Building an auditable fintech test suite
Pulling it together, a practical structure for a regulated team looks like this. Keep your flows as committed *_test.md files in the repo, alongside the code, so every change to a KYC or payment journey goes through code review. Define the sensitive-flow building blocks once — login_test.md, otp_test.md, card_entry_test.md — mark their secrets, and compose them into longer journeys with @import so the redaction pattern is never reinvented. Source secret values from your existing vault or CI secrets, never from the repo.
Run the suite on local mid-size models for the default secure posture, reserving a hosted key only for the occasional hard flow that a local model stumbles on, and only when that flow's data is not sensitive. In CI, run with --agent for NDJSON and exit codes, --headless for the build agent, and --record on the flows where a video artifact strengthens your audit trail. Attach the redacted Result.md to the relevant ticket as evidence.
The outcome is a suite where the secure choice is also the easy choice. You are not bolting compliance onto a tool that wants to phone home; you are using a tool whose default behavior already matches what your auditor wants to hear. That alignment — between the path of least resistance and the path of least risk — is what makes this approach stick on a real team, instead of becoming a policy everyone routes around under deadline.
When to choose each tool
Choose BrowserBash when data residency is non-negotiable — when account credentials, ID numbers, card data, or OTPs must never leave your machine — and when you want a free, open-source, scriptable tool that lives in your repo and your CI. It is the strongest fit for engineering-led QA teams in regulated fintech who are comfortable with a CLI and want a $0 model bill on local hardware. It is also a good fit if you simply want to try AI testing for fintech apps without a procurement cycle: install it and run a flow in minutes.
Choose Functionize if you want a managed, enterprise authoring-and-self-healing platform with a polished UI for non-engineers, and your compliance posture allows a SaaS data path. Choose Rainforest QA if part of your need is genuine human verification of ambiguous flows alongside automation, and again, the vendor data path is acceptable to you. Both are credible products; the deciding question is almost always whether your sensitive test data is allowed to leave your boundary. If yes, weigh the managed platforms on their merits. If no, local-first is the architecture that matches the requirement.
FAQ
Is it safe to use AI testing tools on fintech apps with real credentials?
It depends entirely on where the AI model and the browser run. Cloud-only tools execute the run on vendor infrastructure, so your test inputs and screenshots pass through their systems, which raises data-residency questions under PCI DSS, GDPR, and most banking audits. A local-first tool like BrowserBash runs the model and the browser on your own machine by default, so account data never leaves your boundary, and secret-marked variables keep credentials masked in every log.
How does BrowserBash keep passwords and OTPs out of logs?
You parameterize sensitive values as {{variables}} in a Markdown test file and mark the secret ones. BrowserBash then renders those values as ***** in stdout, in the generated Result.md report, and in every log line it writes, including failure diagnostics. The masking happens at the logging layer, so a secret stays redacted even when a step fails and the tool prints extra context.
Can I run fintech tests without any API keys or cloud account?
Yes. BrowserBash is Ollama-first and auto-detects a local model, so with Ollama installed you can run tests with no API key, no account, and nothing leaving your machine. There is also a fully local dashboard via browserbash dashboard for run history and artifacts. The cloud dashboard is strictly opt-in and only uploads when you run browserbash connect and pass --upload.
What model size do I need for reliable KYC and payment flows?
Very small local models around 8B parameters and under tend to get flaky on long, multi-step journeys like KYC. The reliable sweet spot is a mid-size local model in the Qwen3 or Llama 3.3 70B class, which stays coherent across long flows while running entirely on your own hardware. For an occasional hard flow you can fall back to a capable hosted model, ideally only when that specific flow's data is not sensitive.
Ready to test KYC, payments, and 2FA without your account data ever leaving your machine? Install the CLI with npm install -g browserbash-cli and run your first secure flow in minutes. No account is required to run locally, but if you later want team dashboards and replays you can sign up for free.