What's new in the Device Binding SDK

This section provides an overview of changes introduced in the Device Binding SDK to facilitate the integration of the SDK and provide information on backward compatibility.

Version 5.3.0

Android

Target API level increased to Android 14 (API 34)

The target version of the SDK has been increased to Android 14 with API level 34.

iOS

Privacy manifest file added

For the Device Binding SDK, a privacy manifest file has been added to MSSDeviceBinding.xcframework to describe the data the SDK uses to bind the device.

Previous versions

Version 5.2.0

iOS

Bitcode support has been eliminated

Following the deprecation of Bitcode by Apple, we no longer support and have removed all Bitcode from the SDK framework.

Version 5.1.0

Android

Biometric fingerprint protection added

The DeviceBindingWithBiometrics interface for generating fingerprints that are protected by device biometric credentials has been added to the Device Binding SDK. This provides a more secure fingerprint which is based on the user's registered biometric profile. For more information on how to use biometry-protected fingerprints, see Obtain the device fingerprint on Android on the Integration Guides page. Additional information is available in the sample application included in the product package.

Target API increased to Android 13 (API 33)

To meet the latest requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 13 with API level 33. This change is needed to avoid APK rejection caused by security issues found with older API versions. Additionally, this change leverages the latest Google libraries to facilitate biometry-protected device fingerprints.

iOS

Biometric protection added

A new Protection parameter has been added for creating fingerprints. With this, it is now possible to protect the fingerprint with the device passcode or biometry (Face ID, Touch ID). This parameter only applies to new fingerprints, any fingerprints created before the addition of this parameter will be returned without any biometry or passcode prompts.

Fingerprints saved with Protection.biometryCurrentSet will be locked if there are any changes to the currently-enrolled biometry set at the time of the fingerprint creation. These changes include adding, removing, or resetting a fingerprint or face ID. There is no guarantee from Apple that a major iOS update will not impact the Protection.currentBiometrySet.
For more information about the various protection methods, refer to the technical documentation and sample application provided in the product package.

Updates to technical documentation and sample

The technical documentation and the sample application included in the product package have been updated.

Version 5.0.5

iOS

New parameter to protect fingerprints on a device

A new parameter has been added to the API which provides the option of requiring a passcode or biometric authentication for any new fingerprints added to the device.

Version 5.0.4

Android

Target API increased to Android 12 (API 31)

To meet new requirements for apps published on the Google Play Store, the target version of the SDK has been increased to Android 12 with API 31. This change is needed to avoid APK rejection caused by security issues found with the older API versions.

Minimum supported version increased to Android 6 (API 23)

The minimum supported version has been increased to fully support new features and devices. Deprecated code has been replaced and simplified to be compatible with API 23 or higher.

iOS

Increased the minimum supported version to iOS 13

The minimum supported version has been increased to fully support all ARM64 devices and SwiftUI features. Deprecated code has been removed and replaced with code fully supporting iOS 13 or higher.

New error code: dataLocked

The dataLocked error code is displayed when a device is locked and it is not possible to access the keychain.

Version 5.0.2

Android

Delivering AAR file instead of JAR

AAR files are the current standard for Android libraries. For this reason, the JAR file has been replaced with an AAR file. For more information, see Integrate the OneSpan Device Binding SDK with Android or refer to the sample included in the product package.

Device Binding SDK rewritten in Kotlin

The SDK has been rewritten in Kotlin. To avoid compilation issues, you must add the Kotlin dependencies to the build.gradle file.

New API using instances instead of methods

A new API has been added that uses instances instead of static methods. Refer to the sample included in the product package to find out how to use the new API.

iOS

API updates

  • New accessGroup parameter added to the API: This allows sharing the generated fingerprints in AppGroup and KeychainSharingGroup, or keeping the fingerprints private in the app. Refer to the sample and the technical documentation included in the product package for an example of AccessGroup usage.
  • New API added that uses instances instead of static methods: Refer to the sample included in the product package for an example of how to use the new API.
  • Reducing potential errors: The number of potential error cases has been reduced.
  • NSErrors API support for Objective-C added: The Objective-C API points no longer throw an NSException. All API points that previously would throw such an NSException now require an NSError pointer. If an error occurs, it will be attached to the pointer that is provided as a parameter. Refer to the Objective-C sample included in the product package for full code examples.

Change of framework name to MSSDeviceBinding

The framework name has been changed from DeviceBindingSDK to MSSDeviceBinding. To use the new Objective-C API, change all imports to MSSDeviceBinding. For more information, refer to the sample and the tutorial included in the product package.