Version 4.35.2 (May 2024)
OneSpan Mobile Security Suite list of SDK versions
This section lists the current versions of the Mobile Security Suite SDKs. Items in bold indicate a version change in this release.
New features and enhancements
Several Mobile Security Suite SDKs
iOS
Frameworks compiled with Xcode 15
To ensure compliance with new Apple requirements, the frameworks of all Mobile Security Suite SDKs are now compiled with Xcode 15.
Signature added to framework
Also to ensure compliance with new Apple requirements, the .xcframework files of the SDKs are now signed. This applies to all Mobile Security Suite SDKs except the Image Generator SDK.
Privacy manifest added
To comply with Apple privacy guidelines, a privacy manifest file has been added to the MSSSdkName.xcframework file for most of the Mobile Security Suite SDKs, exluding the CDDC SDK and the Image Generator SDK.
Biometric Sensor SDK
Android
Target API level increased to Android 14 (API 34)
The target version of the SDK has been increased to Android 14 with API level 34.
CDDC SDK
Android
Target API level increased to Android 14 (API 34)
The target version of the SDK has been increased to Android 14 with API level 34.
iOS
Retrievable property removed
The Keyboard identifier property has been removed from the retrievable device and event properties for iOS due to a new limitation Apple introduced.
Device Binding SDK
Android
Target API level increased to Android 14 (API 34)
The target version of the SDK has been increased to Android 14 with API level 34.
iOS
Privacy manifest file added
For the Device Binding SDK, a privacy manifest file has been added to MSSDeviceBinding.xcframework to describe the data the SDK uses to bind the device.
Image Scanner SDK
Android
Target API level increased to Android 14 (API 34)
The target version of the SDK has been increased to Android 14 with API level 34.
Orchestration SDK
Android
Target API level increased to Android 14 (API 34)
The target version of the SDK has been increased to Android 14 with API level 34.
iOS
Retrievable property removed
For the OneSpan Client Device Data Collector (CDDC) SDK, the Keyboard identifier property has been removed from the retrievable device and event properties for iOS due to a new limitation introduced by Apple.
Privacy manifest updated
The privacy manifest for the Orchestration SDK has been updated. The SDK can use geolocalization to track the user for analytic and security-related purposes. This applies to both coarse and precise geolocalization.
Signature added to framework
To ensure compliance with new Apple requirements, the Orchestration SDK framework is now signed.
Framework compiled with Xcode 15
To ensure compliance with new Apple requirements, the Orchestration SDK framework is now compiled with Xcode 15.
Root Detection SDK
iOS
Removal of symbolic links from Root Detection SDK signature
Following new privacy guidelines from Apple for apps published on the App Store, symbolic links have been removed from the Root Detection SDK signature. This ensures compatibility with the requirement to describe use of required reason API.
For more information about these new guidelines, refer to the Apple developer documentation.
Secure Storage SDK
Android
Target API level increased to Android 14 (API 34)
The target version of the SDK has been increased to Android 14 with API level 34.
Fixes and other updates
Supported platforms
For information on the supported operating systems and platforms supported by Mobile Security Suite and the affiliated SDKs, see Supported platforms.
Known issues
For information on issues that have not yet been resolved in this release of Mobile Security Suite, see Known issues.
Third party licenses
For information on third party dependencies associated with Mobile Security Suite and the affiliated SDKs in this release, see Third party licenses.
Version 4.35.1 (November 2023)
OneSpan Mobile Security Suite list of SDK versions
This section lists the current versions of the Mobile Security Suite SDKs. Items in bold indicate a version change in this release.
New features and enhancements
CDDC SDK
Android
Deprecated keys
The following properties and their corresponding setters have been deprecated for Android and will be removed in a future version:
- Native code hooks
- Application repackaged
- Debugger attached
iOS
Deprecated keys
The following properties and their corresponding setters have been deprecated and will be removed in a future version:
- Rooting probability
- Root status
- Untrusted keyboard
- Untrusted screen-readers
- Native Code hooks
The Root status (Key 15) property and its corresponding setter has been renamed for iOS to DeviceJailbroken.
Required reason
To meet new App Store requirements, we have described the use for required reason APIs in the privacy manifest file.
Documentation
Documentation enhancement
The CDDC SDK Integration Guide has been updated to identify platform-specific data elements collected by the SDK.
DSAPP Server SDK
.NET
The DSAPP Server SDK has been re-factored to modernize and improve the code resulting in a number of code changes. We recommend that you review your integrations to make sure these changes are reflected in your code.
General changes
- Added the IDSAPPServer interface
- Replaced the DSAPPServer class with the IDSAPPServer interface
- Added the DSAPPServerProvider class used to create instance of IDSAPPServer
- Renamed namespace from Vasco to OneSpan
- Added C# XML comments
Changes in the DSAPPException class
- Updated the GetErrorMessage() method to the Message property
- Updated the GetErrorCode() method to the ErrorCode property
Changes in the EncryptActivationDataResponse class
- Updated the getSessionKey() method to the SessionKey property
- Updated the getXFad() method to the XFad property
- Updated the getXErc() method to the XErc property
- Updated the getEncryptedNonces() method to the EncryptedNonces property
- Updated the getEncryptedServerPublicKey() method to the EncryptedServerPublicKey property
- Updated the getServerInitialVector() method to the ServerInitialVector property
- Updated the getServerNonce() method to the ServerNonce property
Changes in the EncryptDataResponse class
- Updated the getServerInitialVector() method to the ServerInitialVector property
- Updated the getEncryptedData() method to the EncryptedData property
Changes in the GenerateSessionKeyResponse class
- Updated the getSessionKey() method to the SessionKey property
- Updated the getEncryptedNonces() method to the EncryptedNonces property
- Updated the getEncryptedServerPublicKey() method to the EncryptedServerPublicKey property
- Updated the getServerInitialVector() method to the ServerInitialVector property
- Updated the getServerNonce() method to the ServerNonce property
Changes in the SRPClientInfoResponse class
- Updated the GetPasswordVerifier() method to the PasswordVerifier property
- Updated the GetUserPassword() method to the UserPassword property
- Updated the GetSalt() method to the Salt property
Changes in the SRPEncryptResponse class
- Updated the GetEncryptedData() method to the EncryptedData property
- Updated the GetMac() method to the Mac property
- Updated the GetEncryptionCounter() method to the EncryptionCounter property
Changes in the SRPServerEphemeralKeyResponse class
- Updated the GetServerEphemeralPublicKey() method to the ServerEphemeralPublicKey property
- Updated the GetServerEphemeralPrivateKey() method to the ServerEphemeralPrivateKey property
Changes in the SRPSessionKeyResponse class
- Updated the GetSessionKey() method to the SessionKey property
- Updated the GetServerEvidenceMessage() method to the ServerEvidenceMessage property
For more information, see the DSAPP SDK Integration Guide.
FIDO SDK
All platforms
Nok Nok Update
The SDK has been repackaged with Nok Nok Labs version 7.0.2. The APIs have been enhanced and documented for easier integration of C++ as well as Swift and Objective-C projects.
The SDK has been repackaged with Nok Nok Labs version 7.0.2. Refer to the FIDO Authentication Solution Guide for changes in the integration and configuration settings.
Image Generator SDK
.NET
General changes
- Added IImageGeneratorSDK interface
- Renamed namespace from Vasco to OneSpan
- Added C# XML comments
Image Generator SDK
.NET
General changes
- Added the INotificationSDKServer interface
- Renamed namespace from Com.Vasco to OneSpan
- Added C# XML comments
These code changes will require some changes to your integration setup. For more information on the changes you need to make, refer to the Integrate the Notification SDK Server Sample
Orchestration SDK
Android
CDDC keys deprecated (MSS-8259)
For the CDDC SDK, a number of properties and their corresponding setters have been deprecated and will be removed in a future version. With this, the following properties and setters will also be no longer available for the Orchestration SDK:
- Native code hooks
- Application repackaged
- Debugger attached
iOS
CDDC keys deprecated (MSS-8248)
For the CDDC SDK, a number of properties and their corresponding setters have been deprecated and will be removed in a future version. With this, the following properties and setters will also be no longer available for the Orchestration SDK:
- Rooting probability
- Root status
- Untrusted keyboard
- Untrusted screen-readers
- Native Code hooks
The Root status (Key 15) property and its corresponding setter has been renamed for iOS to DeviceJailbroken.
WBC SDK
All platforms
Key checksum returned
The White-Box Table Generator tool now returns a key checksum for the validation of the key.
XOR instead of concatenation
When the key is entered in multiple parts into the White-Box Table Generator tool, the tool now performs XOR instead of just concatenating the key parts together.
Windows support for White-Box Table Generator
The White-Box Table Generator tool can now also be used on the Windows platform, in addition to Linux and Mac, to generate the encrypted table data file.
Fixes and other updates
Digipass SDK
Android
[INC0012248]-[MSS-7760] Combination of Gradle 8 and JDK 17 generates invalid device code
In a previous release, the combination of Gradle 8 and JDK 17 caused the SDK to generate an invalid device code. This issue has been fixed.
FIDO SDK
Android
[INC0012565]-[MSS-8522] SDK terminates unexpectedly after upgrade
After the upgrade to or reinstalling with version Mobile Security Suite 4.34, the FIDO SDK terminated unexpectedly due to changes in the APIs after modernization. This issue has been fixed.
Notification SDK Server
.NET
[MSS-8654] Error during sending of a notification
When sending a notification, the SDK threw an error, stating that the file or assembly could not be loaded. This was caused by an issue during the launch of the .NET server. This issue has been fixed.
Java
[MSS-8136] Error due to expired certificate
Due to an expired certificate, an error occurred when sending a Java notification. This issue has been fixed.
Orchestration SDK
All Platforms
[INC0012471]-[MSS-8265]and [MSS-8264]: API improvement for crypto app indexes
The name and value names of the API crypto app indexes have been unified and now have the same names as used by Digipass:
- Name: CryptoAppIndex (instead of CryptoApplicationIndex)
-
Value:
- Android: appnumber or, on Java, APP_1, APP_2 etc. (instead of FIRST, SECOND, THIRD etc.)
- iOS (Swift): appnumber (app1, app2 etc.) (instead of indexnumber)
iOS
[INC0012472]-[MSS-8274]: Optional challenge
For a challenge request, the challenge is optional but this was not reflected correctly in the Orchestration SDK.
This issue has been fixed. Now the challenge is indicated as optional, either as nullable for the challenge property (Objective-C), or with null as default value of the challenge (Swift).
Root Detection SDK
Android
[INC0012476]-[MSS-8222] Rooting issue on Android 14 emulator
On Android 14, there was an issue with rooted device detection when the device was run on an emulator. This issue has been fixed.
Secure Storage SDK
Android
[MSS-8109, MSS-8114] Handling of corrupted files in the storage
When corrupted files were present in the storage, the SDK either overwrote or deleted these files. This issue has been fixed. Now, an error is displayed. A static deletion method was added to enable integrators to delete the corrupted files.
Supported platforms
For information on the supported operating systems and platforms supported by Mobile Security Suite and the affiliated SDKs, see Supported platforms.
Known issues
For information on issues that have not yet been resolved in this release of Mobile Security Suite, see Known issues.
Third party licenses
For information on third party dependencies associated with Mobile Security Suite and the affiliated SDKs in this release, see Third party licenses.
Version 4.35.0 (August 2023)
OneSpan Mobile Security Suite list of SDK versions
This section lists the current versions of the Mobile Security Suite SDKs. Items in bold indicate a version change in this release.
New features and enhancements
All Mobile Security Suite SDKs
iOS
Bitcode support has been eliminated
Following the deprecation of Bitcode by Apple, we have removed all Bitcode from the SDK framework.
Device Binding SDK
iOS
Improved thread safety
In previous releases, the user could see an error when two or more threads try to access the fingerprint for a salt at the same time. The code has been improved to ensure thread safety, fixing this issue and other potential thread issues.
FIDO SDK
All platforms
Nok Nok Update
The SDK has been upgraded with Nok Nok Labs version 9.0.0. Refer to the FIDO Authentication Solution Guide for changes in the integration and configuration settings.
Update metadata to V3
The SDK has been updated to use FIDO Alliance Metadata Service version 3.
DSAPP Server SDK
.NET
Upgraded to .NET 6
The .NET version of the Server SDK has been upgraded from .NET Framework to .NET 6.
DSAPP Client SDK
iOS
Updated C++ API
The former C++ API is now advertised directly inside the umbrella header.
Image Generator SDK
.NET
Upgraded to .NET 6
The .NET version of the Server SDK has been upgraded from .NET Framework to .NET 6.
.NET version has been re-factored
The Image Generator SDK has been re-factored to modernize and improve the code, resulting in a number of code changes.
Refer to the Image Generator SDK Integration Guide for information about specific code changes.
Notification SDK Server
.NET
Upgraded to .NET 6
The .NET version of the Server SDK has been upgraded from .NET Framework to .NET 6.
.NET version has been re-factored
The Notification SDK Server has been re-factored to modernize and improve the code, resulting in a number of code changes.
Refer to the Notification SDK Integration Guide information about specific code changes.
Orchestration SDK
Android
Improved readme file
The readme.md file included with the Orchestration SDK has been updated to include more detailed instructions on how to work with the sample app included in the product package.
Secure Messaging SDK Server
.NET
Upgraded to .NET 6
The .NET version of the Server SDK has been upgraded from .NET Framework to .NET 6.
.NET version has been re-factored
The Secure Messaging SDK Server has been re-factored to modernize and improve the code, resulting in a number of code changes.
Refer to the Secure Messaging SDK Server Integration Guide for information about specific code changes.
Secure Storage SDK
iOS
Improved thread safety
There was potential for a race condition to create multiple keys with the same tag which could result in corrupted storage. The code was improved to ensure thread safety extended to these additional cases. Additional logic was implemented to ensure return of the correct instance for a secure storage.
WBC SDK
All platforms
Updated WBC SDK API
The WBC SDK has been re-factored from a static method to an instance-based API. You may now use multiple instances of the WBC SDK, each with a different obfuscated encryption or decryption key to improve security of your apps.
New output for the White-Box Table Generator
The new, Java-based White-Box Table Generator tool creates a .dat file instead of source code files to be integrated into your mobile project.
At this time, the new White-Box Table Generator tool is only available for the Linux and Mac platforms. The tool is still being refined for Windows and will be available in an upcoming release.
You must review and update your integrations to accommodate the API changes and add the .dat file into your project. For more information about using the API, refer to the technical documentation included in the product package.
Fixes and other updates
Device Binding SDK
iOS
[MSS-7154]-[MSS-7123] SDK requests password and gives an internal error after cancellation
In previous releases, users might have been prompted to authenticate when the SDK queried a keychain item unrelated to Mobile Security Suite and might have seen an internal error upon cancellation. The solution was to migrate the keychain keys to include a custom attribute which enables better filtering and omits keychain keys that are unrelated to Mobile Security Suite. This issue has been fixed.
If this issue occurs, note that after migrating the keychain keys, the erroneous authentication prompt will be displayed one last time but after that, the issue will be resolved and the prompt will not be displayed any more.
Digipass SDK
iOS
[MSS-7732] Missing header file in Umbrella warning
A warning message appeared due to a missing header file in the Umbrella header file in the SDK. This issue has been fixed.
DSAPP Server SDK
.NET
[INC0011729]-[MSS-7158] Bad Image Format Exception
In a previous release, a Bad Image Format Exception was displayed when attempting to integrate the DSAPP Server SDK into a solution using .NET 6. In this release, all of the server SDKs have been upgrated to .NET , which fixes the issue.
DSAPP Client SDK
iOS
[MSS-7862] Objective-C errors and warnings during launch of sample project
Upon launching the DSAPP sample project, some integrators may have seen Objective-C errors or warnings displayed. This was caused by a minor conflict with between different versions of C++ in the sample code versus the newly-created project. The solution is to update the project build settings and change the C++ Language Dialect to Compiler Default.
Image Scanner SDK
iOS
[MSS-7580] White screen displays on iOS 16.4 and 16.3
In a previous release, on iOS 16.4 and 16.3, when attempting to scan an image, users would see a white screen for a brief period before the camera launched. This issue has been fixed.
Orchestration SDK
iOS
[MSS-7948]-[TIDL3S-502] Unexpected termination when missing callback
In previous versions, there was an unexpected termination when attempting a Remote Authentication Commandor or a Remote Transaction Command without defining the proper callback. As of this release, new error cases have been added: RemoteTransactionCallbackNotSet and RemoteAuthenticationCallbackNotSet. This issue has been fixed.
Secure Storage SDK
iOS
[MSS-7768] Secure Storage corrupted when using keychain sharing
When two separate apps create secure storages using the same name, the secure storage from the first app would become corrupt. This issue has been fixed.
Version 4.34.0 (April 2023)
OneSpan Mobile Security Suite list of SDK versions
This section lists the current versions of the Mobile Security Suite SDKs. Items in bold indicate a version change in this release.
New features and enhancements
Biometric Sensor SDK
Android
Target API increased to Android 13 (API 33)
To meet the latest requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 13 (API level 33).
Client Device Data Collector SDK
Android
Target API increased to Android 13 (API 33)
To meet the latest requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 13 (API level 33). This change is needed to avoid APK rejection caused by security issues found with older API versions.
Device Binding SDK
Android
Target API increased to Android 13 (API 33)
To meet the latest requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 13 with API level 33. This change is needed to avoid APK rejection caused by security issues found with older API versions. Additionally, this change leverages the latest Google libraries to facilitate biometry-protected device fingerprints.
Biometric fingerprint protection added
The DeviceBindingWithBiometrics interface for generating fingerprints that are protected by device biometric credentials has been added to the Device Binding SDK. This provides a more secure fingerprint which is based on the user's registered biometric profile. For more information on how to use biometry-protected fingerprints, see Obtain the device fingerprint on Android on the Integration Guides page. Additional information is available in the sample application included in the product package.
iOS
Biometric fingerprint protection added
A new Protection parameter has been added for creating fingerprints. With this, it is now possible to protect the fingerprint with the device passcode or biometry (Face ID, Touch ID). This parameter only applies to new fingerprints, any fingerprints created before the addition of this parameter will be returned without any biometry or passcode prompts.
For more information about the various protection methods, refer to the technical documentation and sample application provided in the product package.
Fingerprints saved with Protection.biometryCurrentSet will be locked if there are any changes to the currently-enrolled biometry set at the time of the fingerprint creation. These changes include adding, removing, or resetting a fingerprint or face ID. There is no guarantee from Apple that a major iOS update will not impact the Protection.currentBiometrySet.
Updates to technical documentation and sample
The technical documentation and the sample application included in the product package have been updated.
Digipass SDK
Android
Target API increased to Android 13 (API 33)
To meet the latest requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 13 (API level 33). This change is needed to avoid APK rejection caused by security issues found with older API versions.
DSAPP SDK
Android
Target API increased to Android 13 (API 33)
To meet the latest requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 13 (API level 33). This change is needed to avoid APK rejection caused by security issues found with older API versions.
FIDO SDK
Android
Target API increased to Android 13 (API 33)
To meet the latest requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 13 (API level 33).
Image Scanner SDK
Android
Target API increased to Android 13 (API 33)
To meet the latest requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 13 (API level 33). This change is needed to avoid APK rejection caused by security issues found with older API versions.
Notification SDK
.NET and Java
Create notifications based on server-set priority
It is now possible to create the notification based on a priority set by the server. For example, it is now possible for a device in sleep mode to wake up to receive a high priority notification without delay.
Android
Target API increased to Android 13 (API 33)
To meet the latest requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 13 (API level 33). This change is needed to avoid APK rejection caused by security issues found with older API versions.
New permission required
Android 13 (API level 33) and later supports a runtime permission for sending non-exempt notifications from an app, POST_NOTIFICATIONS. This change helps users focus on the notifications that are most important to them and includes Foreground Services (FGS).
For more information, refer to the Android developer documentation on how to check if your app can send notifications.
iOS
Full control over notification body and title
The SDK now offers full control over the notification body and title. This can facilitate automation and potential integration of the Notification SDK Client with third party solutions used in combination with the Notification SDK.
Orchestration SDK
Android
Target API increased to Android 13 (API 33)
To meet the latest requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 13 (API level 33). This change is needed to avoid APK rejection caused by security issues found with older API versions.
Root Detection SDK
Android
Target API increased to Android 13 (API 33)
To meet the latest requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 13 (API level 33). This change is needed to avoid APK rejection caused by security issues found with older API versions.
Detection of additional rooting methods and root cloaking tools added
Detection for the following rooting methods has been added:
- OneClick Root
- KingoRoot
- Root Dashi (Zhiqupk Root)
Also, the following root cloaking tools have been added:
- Hide My Root Adfree
- Hide Rooting Premium
If Magisk Hide was used to prevent root detection on an Android device, the SDK is not able to detect that a device is rooted.
iOS
Jailbreak method detection improved
The detection of jailbreak methods has been improved. The SDK checks if URL schemes of suspicious apps are present.
Secure Messaging SDK Client
Android
Target API increased to Android 13 (API 33)
To meet the latest requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 13 (API level 33). This change is needed to avoid APK rejection caused by security issues found with older API versions.
Secure Storage SDK
All platforms
Biometric protection - new parameter to enhance storage protection
A new parameter has been added to the API which provides the option of requiring a passcode or biometric authentication for initializing the storage. The Protection option is set when the write function is called. With this, it is now possible to protect the keys with biometry (Face ID, Touch ID). For more information, see the technical documentation included in the product package.
Android
Target API increased to Android 13 (API 33)
To meet the latest requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 13 (API level 33).
SDK source code now in Kotlin
The SDK has been rewritten in Kotlin.
New interface for Secure Storage APIs
A new interface called SecureStorage is included in the product package and contains the public APIs for the SDK. To instantiate the Secure Storage SDK instance, use the createSecureStorage method from the companion object of the SecureStorage interface.
Updates to technical documentation and tutorials
The technical documentation and the tutorials included in the product package have been updated. The sample apps include new flavor examples for Kotlin and Java implementations.
iOS
SDK source code now in Swift
The SDK has been rewritten in Swift.
New asynchronous API
New asynchronous APIs have been added and replace the old synchronous APIs. This is a result of changing the architecture of the SDK to fix the unhandled threading issues in the previous versions. The new API enables the SDK to do heavy operations like reading and writing of the storage without blocking the main thread. And it makes the secure storage instance thread safe.
To use the asynchronous API, you need to add:
- Await functions to Swift calls
- Completion handler parameter to Objective-C calls
Enhanced error handling and thread management
Error handling has been enhanced. The SDK now provides more information when an error is thrown, and stack traces are available to facilitate tracing errors if thrown in multiple locations. Also, thread management has been improved.
Updates to technical documentation and sample
The technical documentation and the sample application included in the product package have been updated.
Fixes and other updates
Biometric Sensor SDK
iOS
[MSS-7125] Improved error handling
After a user was locked out due to unsuccessful login attempts, the SDK threw an incorrect biometry lockout error.
This issue has been fixed. Now, after the user is locked, they are correctly prompted to authenticate first with PIN, and then with biometry.
Device Binding SDK
Android
[CS0115641]-[MSS-7041] API-specific information moved to technical documentation
API-specific information such as parameter listings and descriptions have been moved from the Device Binding SDK Integration Guide and are now available in the technical documentation included in the product package.
[INC0011777]-[MSS-7194] Support reintroduced for deprecated ANDROID_ID parameter
The ANDROID_ID parameter to generate fingerprints is supported again after it had been deprecated in version 5.0.4 of the SDK, following Google guidelines regarding the use of device identifiers. We recommend, however, to use this parameter only as a fallback option when the system stops responding or similar behavior. By default, the HARDWARE parameter should be used.
There is no migration path defined for changing the fingerprint types from one option to another.
This also fixes issue [INC0011555]-[MSS-7036], where the deprecation of the parameter had only been documented in the technical documentation included in the product package but not in the Device Binding SDK Integration Guide.
iOS
[CS0115768]-[MSS-7123] User incorrectly prompted for authentication when canceling fingerprint creation
When the user tried to create the device fingerprint, the app prompted them for a PIN and did not allow the user to continue. When the user canceled the operation, an internal error was thrown.
This issue has been fixed.
Digipass SDK
Android
[INC0011564]-[MSS-7038] Security risk removed from CharSequence method to enter password
When the CharSequence method to enter a password as a string was introduced, there was a mild security risk.
This issue has been fixed.
[MSS-7132] byteArray method to enter password incorrectly documented as deprecated
In the technical documentation included in the package, the byteArray method to enter a password was incorrectly marked as deprecated.
This issue has been fixed.
iOS
[INC0011901]-[MSS-7300] Unclear documentation for NSException behavior change
In version 4.30.1 of the SDK, the NError support for Objective-C was added, the Objective-C API points no longer throw an NSException. This means that if an error occurs, the response object will be null. The dynamic vector will be attached to the error object so it can still be saved in the secure storage. The user and technical documentation and the Objective-C and Swift samples included in the product package did not describe this changed behavior clearly enough.
This issue has been fixed. The documentation and samples have been updated.
Image Scanner SDK
iOS
[INC0011522]-[MSS-7025] SDK stopped responding due to issue with zxing library
An issue with the zxing library caused the SDK to stop responding.
This issue has been fixed.
[CS0112394]-[MSS-7048] SDK incorrectly called AVFoundation API on main thread
The SDK incorrectly called the AVFoundation API on the main thread. This caused issues when the scanner view was displayed via the SDK.
This issue has been fixed. The SDK no longer runs Foundation calls on the main thread.
[CS0110530] and [CS0120703]-[MSS-7335] iPhone 14 Pro: Scanning of the activation code failed due to Apple known issue
On iPhone 14 Pro devices, using the default camera for scanning with the Image Scanner SDK failed because the iPhone 14 Pro camera lenses do not focus as well as those of previous models. This is a known issue for iPhone 14 Pro.
This issue has been fixed. The SDK now uses a different default camera for scanning. By using a built-in virtual dual wide camera, the lens stays focused, and the scanning operation succeeds.
Orchestration SDK
Android
[INC0011414]-[MSS-6926] SDK stopped responding when password flow was changed
The SDK stopped responding during attempts to change the password flow when the wrong crypto app index was provided, or when there was no crypto app index provided.
This issue has been fixed. The SDK handles this as an error and sends an error message.
iOS
[INC0011518]-[MSS-7026] Error in user authentication fallback
Due to a change introduced in an earlier version of the Biometric Sensor SDK, the user authentication fallback method did not work correctly. If the user authentication method requested by the server was not available, the Orchestration SDK did not fall back to authentication via password (PIN).
This issue has been fixed.
[INC0011585]-[MSS-7052] Application data missing from the CDDC message
In the CDDC message, application data was missing. This caused an internal failure of the command execution and consequently, the registration process failed.
This issue has been fixed.
[INC0011119]-[MSS-7140] Access group required for orchestration
To avoid an issue reported by a customer related to the Device Binding Access Group, we introduced a change in the implementation procedure. As of this release, it is mandatory to provide an access group when creating an orchestration. For existing integrations, the AppPrivate access group must be used for activated users when creating an orchestration.
Secure Messaging SDK Server
All platforms
[INC0011458]-[MSS-6948] API with templateNumber variable deprecated
The existing API using a templateNumber variable has been deprecated and replaced with a new API without this variable. The default value for the templateNumber parameter in this new API has been set to 0.
Secure Storage SDK
iOS
[INC0011657]-[MSS-7105] Unable to delete old storage and create new
In an earlier version of the SDK, with a new Swift implementation, the storage name prefix had changed but the SDK incorrectly checked only the existing prefix. As a result, when trying to delete the old storage and create a new one, an unknown storage error was thrown.
This issue has been fixed.
[INC0011774]-[MSS-7191] Migration lead to corrupted storages
On iOS 12, the migration to version 4.28.1 of the SDK always lead to corrupted storages.
This issue has been fixed.
Version 4.33.0 (November 2022)
OneSpan Mobile Security Suite list of SDK versions
This section lists the current versions of the Mobile Security Suite SDKs. Items in bold indicate a version change in this release.
New features and enhancements
Biometric Sensor SDK
Android
New APIs to detect changes in the biometry set
There are new APIs to detect changes in the biometry set. See the Mobile Security Suites > Guides > Biometric Sensor SDK Integration Guide. for a detailed explanation of these APIs and platform limitations.
Minimum supported version increased to Android 6 (API 23)
The minimum supported version has been increased to fully support new features and devices. Deprecated code has been replaced and simplified to be compatible with API 23 or higher.
Target API increased to Android 12 (API 31)
To meet new requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 12 with API 31 or higher. This change is needed to avoid APK rejection caused by security issues found with the older API versions.
iOS
New API to detect changes in the biometry set
There is a new API to detect changes in the biometry set. See the Mobile Security Suites > Guides > Biometric Sensor SDK Integration Guide. for a detailed explanation of these APIs and platform limitations.
Minimum supported version increased to iOS 13
The minimum supported version has been increased to fully support all arm64 devices and SwiftUI features. Deprecated code has been removed and replaced with code fully supporting iOS 13 or higher.
Client Device Data Collector SDK
Android
Minimum supported version increased to Android 6 (API 23)
The minimum supported version has been increased to fully support new features and devices. Deprecated code has been replaced and simplified to be compatible with API 23 or higher.
Target API increased to Android 12 (API 31)
To meet new requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 12 with API 31 or higher. This change is needed to avoid APK rejection caused by security issues found with the older API versions.
iOS
Minimum supported version increased to iOS 13
The minimum supported version has been increased to fully support all arm64 devices and SwiftUI features. Deprecated code has been removed and replaced with code fully supporting iOS 13 or higher.
Device Binding SDK
Android
Minimum supported version increased to Android 6 (API 23)
The minimum supported version has been increased to fully support new features and devices. Deprecated code has been replaced and simplified to be compatible with API 23 or higher.
Target API increased to Android 12 (API 31)
To meet new requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 12 with API 31 or higher. This change is needed to avoid APK rejection caused by security issues found with the older API versions.
iOS
Minimum supported version increased to iOS 13
The minimum supported version has been increased to fully support all arm64 devices and SwiftUI features. Deprecated code has been removed and replaced with code fully supporting iOS 13 or higher.
Digipass SDK
Android
Minimum supported version increased to Android 6 (API 23)
The minimum supported version has been increased to fully support new features and devices. Deprecated code has been replaced and simplified to be compatible with API 23 or higher.
Target API increased to Android 12 (API 31)
To meet new requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 12 with API 31 or higher. This change is needed to avoid APK rejection caused by security issues found with the older API versions.
iOS
Minimum supported version increased to iOS 13
The minimum supported version has been increased to fully support all arm64 devices and SwiftUI features. Deprecated code has been removed and replaced with code fully supporting iOS 13 or higher.
DSAPP SDK
Android
Minimum supported version increased to Android 6 (API 23)
The minimum supported version has been increased to fully support new features and devices. Deprecated code has been replaced and simplified to be compatible with API 23 or higher.
Target API increased to Android 12 (API 31)
To meet new requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 12 with API 31 or higher. This change is needed to avoid APK rejection caused by security issues found with the older API versions.
iOS
Minimum supported version increased to iOS 13
The minimum supported version has been increased to fully support all arm64 devices and SwiftUI features. Deprecated code has been removed and replaced with code fully supporting iOS 13 or higher.
FIDO SDK
Android
Minimum supported version increased to Android 6 (API 23)
The minimum supported version has been increased to fully support new features and devices. Deprecated code has been replaced and simplified to be compatible with API 23 or higher.
Target API increased to Android 12 (API 31)
To meet new requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 12 with API 31 or higher. This change is needed to avoid APK rejection caused by security issues found with the older API versions.
iOS
Minimum supported version increased to iOS 13
The minimum supported version has been increased to fully support all arm64 devices and SwiftUI features. Deprecated code has been removed and replaced with code fully supporting iOS 13 or higher.
Image Scanner SDK
Android
Minimum supported version increased to Android 6 (API 23)
The minimum supported version has been increased to fully support new features and devices. Deprecated code has been replaced and simplified to be compatible with API 23 or higher.
Target API increased to Android 12 (API 31)
To meet new requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 12 with API 31 or higher. This change is needed to avoid APK rejection caused by security issues found with the older API versions.
iOS
Minimum supported version increased to iOS 13
The minimum supported version has been increased to fully support all arm64 devices and SwiftUI features. Deprecated code has been removed and replaced with code fully supporting iOS 13 or higher.
Change of framework name to MSSImageScanner
The framework name has been changed from ImageScannerSDK.xcframework to MSSImageScanner.xcframework.
Notification SDK
Android
Minimum supported version increased to Android 6 (API 23)
The minimum supported version has been increased to fully support new features and devices. Deprecated code has been replaced and simplified to be compatible with API 23 or higher.
Target API increased to Android 12 (API 31)
To meet new requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 12 with API 31 or higher. This change is needed to avoid APK rejection caused by security issues found with the older API versions.
iOS
Minimum supported version increased to iOS 13
The minimum supported version has been increased to fully support all arm64 devices and SwiftUI features. Deprecated code has been removed and replaced with code fully supporting iOS 13 or higher.
Orchestration SDK
Android
Minimum supported version increased to Android 6 (API 23)
The minimum supported version has been increased to fully support new features and devices. Deprecated code has been replaced and simplified to be compatible with API 23 or higher.
Target API increased to Android 12 (API 31)
To meet new requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 12 with API 31 or higher. This change is needed to avoid APK rejection caused by security issues found with the older API versions.
iOS
Minimum supported version increased to iOS 13
The minimum supported version has been increased to fully support all arm64 devices and SwiftUI features. Deprecated code has been removed and replaced with code fully supporting iOS 13 or higher.
Root Detection SDK
Android
Minimum supported version increased to Android 6 (API 23)
The minimum supported version has been increased to fully support new features and devices. Deprecated code has been replaced and simplified to be compatible with API 23 or higher.
Target API increased to Android 12 (API 31)
To meet new requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 12 with API 31 or higher. This change is needed to avoid APK rejection caused by security issues found with the older API versions.
iOS
Minimum supported version increased to iOS 13
The minimum supported version has been increased to fully support all arm64 devices and SwiftUI features. Deprecated code has been removed and replaced with code fully supporting iOS 13 or higher.
Change of framework name to MSSRootDetection
The framework name has been changed from RootDetectionSDK.xcframework to MSSRootDetection.xcframework.
Secure Messaging SDK Client
Android
Minimum supported version increased to Android 6 (API 23)
The minimum supported version has been increased to fully support new features and devices. Deprecated code has been replaced and simplified to be compatible with API 23 or higher.
Target API increased to Android 12 (API 31)
To meet new requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 12 with API 31 or higher. This change is needed to avoid APK rejection caused by security issues found with the older API versions.
iOS
Minimum supported version increased to iOS 13
The minimum supported version has been increased to fully support all arm64 devices and SwiftUI features. Deprecated code has been removed and replaced with code fully supporting iOS 13 or higher.
Change of framework name to MSSSecureMessagingClient
The framework name has been changed from SecureMessagingSDKClient.xcframework to MSSSecureMessagingClient.xcframework.
Secure Storage SDK
Android
Minimum supported version increased to Android 6 (API 23)
The minimum supported version has been increased to fully support new features and devices. Deprecated code has been replaced and simplified to be compatible with API 23 or higher.
Target API increased to Android 12 (API 31)
To meet new requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 12 with API 31 or higher. This change is needed to avoid APK rejection caused by security issues found with the older API versions.
iOS
Minimum supported version increased to iOS 13
The minimum supported version has been increased to fully support all arm64 devices and SwiftUI features. Deprecated code has been removed and replaced with code fully supporting iOS 13 or higher.
WBC SDK
iOS
Minimum supported version increased to iOS 13
The minimum supported version has been increased to fully support all arm64 devices and SwiftUI features. Deprecated code has been removed and replaced with code fully supporting iOS 13 or higher.
Change of framework name to MSSWBC
The framework name has been changed from WBCSDK.xcframework to MSSWBC.xcframework.
Update to the White-Box Cryptography SDK API
The API was updated to remove a dependency to vds_int32.
Fixes and other updates
Biometric Sensor SDK
iOS
Fixed internal error conversion issues
Errors converted from Swift to Objective-C require the implementation of the CustomNSError protocol so that the resulting NSError object contains the correct error code, domain and user info. This implementation fixes the issues with integration of the SDK in Objective-C projects. Swift projects were not affected.
This issue has been fixed.
CDDC SDK
iOS
Fixed internal error conversion issues
Errors converted from Swift to Objective-C require the implementation of the CustomNSError protocol so that the resulting NSError object contains the correct error code, domain and user info. This implementation fixes the issues with integration of the SDK in Objective-C projects. Swift projects were not affected.
This issue has been fixed.
Device Binding SDK
Android
[CS0111558]-[MSS-6894] getDeviceFingerprint returns incorrect fingerprint
In some situations, when upgrading from an older version of the Device Binding SDK to version 5.0.2, the getDeviceFingerprint method returned an incorrect fingerprint.
This issue has been fixed.
DSAPP SDK
iOS
Fixed internal error conversion issues
Errors converted from Swift to Objective-C require the implementation of the CustomNSError protocol so that the resulting NSError object contains the correct error code, domain and user info. This implementation fixes the issues with integration of the SDK in Objective-C projects. Swift projects were not affected.
This issue has been fixed.
Image Scanner SDK
iOS
Fixed internal error conversion issues
Errors converted from Swift to Objective-C require the implementation of the CustomNSError protocol so that the resulting NSError object contains the correct error code, domain and user info. This implementation fixes the issues with integration of the SDK in Objective-C projects. Swift projects were not affected.
This issue has been fixed.
Notification SDK
iOS
Fixed internal error conversion issues
Errors converted from Swift to Objective-C require the implementation of the CustomNSError protocol so that the resulting NSError object contains the correct error code, domain and user info. This implementation fixes the issues with integration of the SDK in Objective-C projects. Swift projects were not affected.
This issue has been fixed.
Orchestration SDK
Android
[MSS-6688] Incorrect error message
The wrong error message displayed when the user attempted to enter a weak password.
This issue has been fixed.
[MSS-6806] PinPad digits are not updated
When users entered their PIN, only the first digit spot on the PinPad is highlighted as complete.
This issue has been fixed.
iOS
Fixed internal error conversion issues
Errors converted from Swift to Objective-C require the implementation of the CustomNSError protocol so that the resulting NSError object contains the correct error code, domain and user info. This implementation fixes the issues with integration of the SDK in Objective-C projects. Swift projects were not affected.
This issue has been fixed.
Secure Messaging SDK Client
iOS
Fixed internal error conversion issues
Errors converted from Swift to Objective-C require the implementation of the CustomNSError protocol so that the resulting NSError object contains the correct error code, domain and user info. This implementation fixes the issues with integration of the SDK in Objective-C projects. Swift projects were not affected.
This issue has been fixed.
Secure Storage SDK
iOS
Fixed internal error conversion issues
Errors converted from Swift to Objective-C require the implementation of the CustomNSError protocol so that the resulting NSError object contains the correct error code, domain and user info. This implementation fixes the issues with integration of the SDK in Objective-C projects. Swift projects were not affected.
This issue has been fixed.
WBC SDK
iOS
Fixed internal error conversion issues
Errors converted from Swift to Objective-C require the implementation of the CustomNSError protocol so that the resulting NSError object contains the correct error code, domain and user info. This implementation fixes the issues with integration of the SDK in Objective-C projects. Swift projects were not affected.
This issue has been fixed.
Version 4.32.0 (April 2022)
OneSpan Mobile Security Suite list of SDK versions
This section lists the current versions of the Mobile Security Suite SDKs. Items in bold indicate a version change in this release.
New features and enhancements
Biometric Sensor SDK
Android
The Biometric Sensor SDK is now delivered as an .aar file, consistent with other SDKs. The documentation and code samples have been updated accordingly.
iOS
API updates
In keeping with iOS best practices, error management in the Objective-C API has been enhanced. Methods no longer throw an exception but return an NSError object instead. The documentation and code samples have been updated accordingly.
Because of this error management update, the library is no longer backward compatible and the new error management must be implemented.
Client Device Data Collector SDK
iOS
API updates
In keeping with iOS best practices, error management in the Objective-C API has been enhanced. Methods no longer throw an exception but return an NSError object instead. The documentation and code samples have been updated accordingly.
Because of this error management update, the library is no longer backward compatible and the new error management must be implemented.
Device Binding SDK
Android
Android code rewritten in Kotlin
The Device Binding SDK Android code has been with rewritten in Kotlin. The code is compatible with Java. This allows the code to be more robust, subject to fewer bugs, and more easily maintained.
New technical documentation based on Kotlin APIs has been generated.
Public API updates
The Public API has been redefined. The new API uses instances instead of static methods. The old API has been deprecated.
Delivery in .aar
The Device Binding SDK is now delivered as an .aar file, consistent with other SDKs. The documentation and code samples have been updated accordingly.
iOS
iOS code rewritten in Swift
The Device Binding SDK iOS code has been rewritten in Swift. The code is compatible with Objective-C. This allows the code to be more robust, subject to fewer bugs, and more easily maintained.
Public API updates
The Public API has been redefined for both Swift and Objective-C. Instead of proposing static methods, the new API uses instances. The new API provides for easier mockup creation and code testing.
Key sharing
To provide more control on Keychain access, the Key sharing feature has been enhanced and redesigned. Integrators have more control over where critical information is stored.
Technical documentation presented in DocC archive
Technical documentation is now provided using a DocC archive. The Swift API is fully documented in a DocC archive. Additionally, a tutorial has been added to ensure the correct integration with a Swift or Objective-C application.
Viewing the DocC archives requires Xcode 13.2.1 or later.
API updates
In keeping with iOS best practices, error management in the Objective-C API has been enhanced. Methods no longer throw an exception but return an NSError object instead. The documentation and code samples have been updated accordingly.
Because of this error management update, the library is no longer backward compatible and the new error management must be implemented.
Digipass SDK
Android
The Digipass SDK is now delivered as an .aar file, consistent with other SDKs. The documentation and code sample have been updated accordingly. A new sample that demonstrates how to integrate Digipass SDK in an Android application has been created.
iOS
API updates
We recommend using the Objective-C or Swift API instead of the C++ API. The C++ API is still present in the SDK but will be removed in the future.
In keeping with iOS best practices, error management in the Objective-C API has been enhanced.
The documentation and code samples have been updated accordingly.
Password management
To increase the security of our solution, the way the Objective-C and Swift API manage passwords has been updated. Instead of using NSString and string objects, the API now uses byte arrays. Using these types of parameters allows integrators to reset the memory after usage.
Because of this update, the APIs are no longer backward compatible and the way passwords are managed in the application need to be updated. We recommend resetting the memory allocated to passwords after usage.
DSAPP SDK
Android
The DSAPP SDK is now delivered as an .aar file, consistent with our other SDKs. The documentation and code samples have been updated accordingly.
iOS
API updates
We recommend using the Objective-C or Swift API instead of the C++ API. The C++ API is still present in the SDK but will be removed in the future.
In keeping with iOS best practices, error management in the Objective-C API has been enhanced. Methods no longer throw an exception but return an NSError object instead.
The documentation and code samples have been updated accordingly.
Because of this error management update, the Objective-C library is no longer backward compatible and the new error management must be implemented. The C++ and Swift APIs remain backward compatible.
FIDO SDK
The FIDO SDK has been updated to be compatible with all the SDKs that are part of Mobile Security Suite 4.32.0.
Image Generator SDK
Java
The Image Generator SDK has been updated, making it possible to integrate with the changes made to the Utilities SDK.
Image Scanner SDK
iOS
API updates
In keeping with iOS best practices, error management in the Objective-C API has been enhanced. Methods no longer throw an exception but return an NSError object instead. The documentation and code samples have been updated accordingly.
Because of this error management update, the library is no longer backward compatible and the new error management must be implemented.
Notification SDK
iOS
API updates
In keeping with iOS best practices, error management in the Objective-C API has been enhanced. Methods no longer throw an exception but return an NSError object instead. The documentation and code samples have been updated accordingly.
Because of this error management update, the library is no longer backward compatible and the new error management must be implemented.
Orchestration SDK
Security enhancements
The iOS and Android libraries of the Orchestration SDK have new security enhancements regarding hard-coded strings.
Updated SDKs
The Orchestration SDK includes all of the SDKs that are part of Mobile Security Suite 4.32.0.
Android
Delivery change
To ease the integration and the maintenance of the solution, the fatAar binary is no longer included in the product package. The product package is delivered with only a maven repository. The documentation has been updated accordingly.
Fingerprint update
As of version 5.4.2 of the Orchestration SDK, delivered with Mobile Security Suite 4.31.0, an update is available for the way the fingerprint is generated to bind the storage and the OTP to the device. The permission READ_PHONE_STATE is no longer needed. The documentation and code sample have been updated accordingly.
Root Detection SDK
Android
The Root Detection SDK is now delivered as an .aar file, consistent with other SDKs. The documentation and code samples have been updated accordingly.
Secure Messaging SDK
Android
The Secure Messaging SDK is now delivered as an .aar file, consistent with other SDKs. The documentation and code samples have been updated accordingly.
iOS
API updates
We recommend using the Objective-C or Swift API instead of the C++ API. The C++ API is still present in the SDK but will be removed in the future.
In keeping with iOS best practices, error management in the Objective-C API has been enhanced. Methods no longer throw an exception but return an NSError object instead.
The documentation and code samples have been updated accordingly.
Because of this error management update, the Objective-C library is no longer backward compatible and the new error management must be implemented. The C++ and Swift APIs remain backward compatible.
Secure Storage SDK
With next release of the Secure Storage SDK, it will not be possible to update an application that integrates Secure Storage SDK 4.8 or below on Android (released Oct 2015) and Secure Storage SDK 4.17.5 or below (released Apr 2018) on iOS. If your application still uses these versions, we strongly recommend migrating to a more recent version.
iOS
API updates
In keeping with iOS best practices, error management in the Objective-C API has been enhanced. Methods no longer throw an exception but return an NSError object instead. The documentation and code samples have been updated accordingly.
Because of this error management update, the library is no longer backward compatible and the new error management must be implemented.
Utilities SDK
[CS0093611][MSS-6489] On Android, an error occurred during the activation process when the minify option was enabled.
This issue has been fixed.
WBC SDK
Android
The Utilities SDK is progressively modernized to include the latest security enhancements available in the last Android operating systems. To enable integration of the latest version of the Utilities SDK, the tables that contains the WBC key need to be regenerated.
iOS
API updates
We recommend using the Objective-C or Swift API instead of the C++ API. The C++ API is still present in the SDK but will be removed in the future.
In keeping with iOS best practices, error management in the Objective-C API has been enhanced. Methods no longer throw an exception but return an NSError object instead.
The documentation and code samples have been updated accordingly.
Because of this error management update, the Objective-C library is no longer backward compatible and the new error management must be implemented. The C++ and Swift APIs remain backward compatible.
Fixes and other updates
Biometric Sensor SDK
iOS
[MSS-5597] In order to fix some warnings that could occur when compiling an application integrating Biometric Sensor SDK client, the library has been renamed.
Other changes have been made to the Public API. For more information, see New features and enhancements.
Documentation
[MSS- 5807] This release contains some minor documentation updates.
CDDC SDK
Android
[MSS-5554] When targeting API 31, there was an issue retrieving Bluetooth permissions which resulted in an endless attempt at data collection. To resolve this issue, a new permission is required in the AndroidManifest.xml configuration file. The documentation and code sample have been updated to explain the required changes.
iOS
[MSS-5614] To fix some warnings that could occur when compiling an application integrating the CDDC SDK, the library has been renamed.
[MSS-5908] A crash that can occur in some specific cases during data collection has been fixed.
Documentation
[MSS-5114] This release contains some minor documentation updates.
Digipass SDK
iOS
[CS0082541][MSS-5745] When migrating from Digipass SDK 4.21.2 or earlier using the Swift API, a -4005 error occurred. This issue has been fixed.
[MSS-5616] To fix some warnings that could occur when compiling an application integrating the Digipass SDK client, the library has been renamed. If you are using the C++ API, then no action is required.
For the Objective-C or Swift APIs, changes have been made to the Public API. For more information, see New features and enhancements.
Documentation
[CS0071132][ MSS-5072] This release contains some minor documentation updates.
DSAPP SDK
iOS
[MSS-5605] To fix some warnings that could occur when compiling an application integrating DSAPP SDK client, the library has been renamed.
Other changes have been made to the Public API. For more information, see New features and enhancements.
Image Scanner SDK
iOS
[MSS-5146] An issue that occurred when using the system camera to scan a Cronto or QR code image has been fixed.
Notification SDK
iOS
[MSS-5620] To fix some warnings that could occur when compiling an application integrating Notification SDK client, the library has been renamed.
Other changes have been made to the Public API. For more information, see New features and enhancements.
Java Server
[MSS-6007] The Java version of the Notification SDK Server uses Log4J as an external dependency. This library contains a vulnerability, referred to as CVE-2021-44832. The Notification SDK Server Java has been updated to use Log4j Version 2.17.1, which fixes the vulnerability.
Orchestration SDK
Android
[MSS-5561] When trying to retrieve CDDC data while targeting API 31, there was an issue retrieving Bluetooth permissions. This resulted in an endless attempt at data collection. To resolve this issue, a new permission is required in the AndroidManifest.xml configuration file. The documentation and code sample have been updated to explain the required changes.
[CS0081026][MSS-5826] To fix an obfuscation issue that could occur with an open resource (Kryo library), the Orchestration SDK library has been updated.
[MSS-6043] Since Orchestration SDK Version 5.4.2 delivered with Mobile Security Suite 4.31.0, an error related to fingerprint generation occurred on phones running Android API 22 and below. This issue has been fixed.
iOS
Previously, when a user performed a backup and restore function using iTunes, the application was rendered unusable. Deleting and re-installing the application did not solve the issue. The problem was introduced with the 5.4.2 version of the Orchestration SDK included in Mobile Security Suite 4.31.0.
This issue has been fixed.
[MSS-5720] To fix storage exceptions when closing an application, the latest version of the Secure Storage SDK has been integrated inside of the Orchestration SDK.
[MSS-5609] To fix some warnings that could occur when compiling an application integrating Orchestration SDK client, the library has been renamed.
Other changes have been made to the Public API. For more information, see New features and enhancements.
[MSS-5907] There was an unexpected termination that occurred in some specific cases during data collection. This issue has been fixed.
Documentation
[MSS-5099] This release contains some minor documentation updates.
Secure Storage SDK
iOS
[CS0073299][MSS-5383] In rare cases, saving the Secure Storage SDK at the same time as the application can corrupt the Secure Storage SDK. This issue has been fixed.
[CS0079967][MSS-5667] The Secure Storage SDK error management has been enhanced to report internal issues more accurately.
[MSS-5597] To fix some warnings that could occur when compiling an application integrating Secure Storage SDK client, the library has been renamed.
Other changes have been made to the Public API. For more information, see New features and enhancements.
Documentation
[CS0084312][MSS- 5910] This release contains some minor documentation updates.
WBC SDK
iOS
[MSS-6252] Previously, it was not possible to pass WBC SDK tables as parameters of the Objective-C and Swift APIs. There were no issues when using C++ API. This is a minor issue since the operating system was able to link objects having same name during compilation. However, we strongly recommend updating the integration if you’re using the Swift or Objective-C API, where this issue is resolved.
Other changes have been made to the Public API. For more information, see New features and enhancements.