Release 23.R3 (11.52)

Upcoming deprecation of Equifax Canada: After September 6, 2023, when Senders specify a KBA authentication method for a transaction recipient, they will no longer be able to select Equifax – CA as the KBA provider. If after that date users access an incomplete transaction with Equifax – CA selected, they may experience an error. To avoid such errors, we recommend that you: (1) change the authentication method for any such transaction that has been sent; (2) not select Equifax – CA for new transactions. If you have any questions, please contact our Support Team.

What's New

External Archiving

• External Archiving: The documents from all of an account’s completed transactions can now be stored in the vaults of Arkhineo, a block-chain service for long-term document storage. To track this archival process, we’ve created the following statuses: (1) ARCHIVAL_PENDING; (2) ARCHIVAL_VALIDATING; (3) ARCHIVAL_INTERVENTION_REQUIRED; (4) ARCHIVAL_COMPLETE. To enable this feature, please contact our Support Team.

Senders

• Senders can configure more transaction settings: Senders can now configure the following transaction settings using Self-Service Account Configuration: (1) Allow document download for incomplete transactions; (2) Display document name on each page of the document; (3) Display signing progress; (4) Allow recipient to navigate across actionable fields in the document; (5) Include optional fields in navigation; (6) Limit number of files per attachment; (7) Font size.

• Senders can configure new system settings: Senders can now configure the following system settings using Self-Service Account Configuration: (1) Maximum login attempts for a sender; (2) Session expiry; (3) Session expiry warning.

• Senders can configure Enable Recipient History: Senders can now configure the feature Enable Recipient History using Self-Service Account Configuration. This feature determines if an account’s Senders will be able to see the account’s recipient history.

• Improved dependent settings: We improved the following aspect of the Self-Service Account Configuration’s User Experience. Previously, when one setting depended on another, a warning message appeared. Now, a dependent setting is: (1) indented under its parent; (2) automatically enabled or disabled based on the parent setting.

• Can duplicate Imprint Fields: Senders can now duplicate Imprint Fields – i.e., fields that transaction recipients can see, but cannot interact with in any other way. The duplication procedure is the same as for other fields — i.e., within the Designer: (1) select one or more Imprint Fields; (2) open the Field Settings pane, and click Duplicate.

• New types of Imprint Fields: Senders can now add the following types of Imprint Fields to documents: (1) TransactionID; (2) DocumentID. These fields are automatically populated, and their values cannot be changed.

• Rebranded colors: To reflect OneSpan’s new colors, we rebranded: (1) the checkboxes in the Sender part of the New User Experience; (2) "selected" radio buttons in the Designer.

Signer Experience

• Better placed Get Started button: We improved the visibility of the Get Started button on iPhones, so users wouldn’t think that they were "stuck" and thus unable to enter the Signer Experience.

• More granular control of duplicate signers: Before Release 11.47, a transaction's recipients could have: (a) the same full name OR the same email address, but not both simultaneously; (b) the same phone number. We call this the system's "legacy behavior” regarding duplicate signers.

• Release 11.47 introduced the BackOffice setting Allow Duplicate Signers. When enabled, this setting allowed a transaction's recipients to have: (a) the same full name AND the same email address simultaneously; (b) the same phone number.

  This release provides more granular control of such duplicated information via the following BackOffice settings: (1) Allow Duplicate Signer Email Address — Determines if a transaction's external recipients can have identical email addresses (default = enabled). (2) Allow Duplicate Signer Name — Determines if a transaction's recipients (external and internal) can have identical full names (default = disabled). (3) Allow Duplicate Signer Phone Number — Determines if a transaction's recipients (external and internal) can have identical phone numbers (default = enabled). (4) Allow Duplicate Signers — This setting is now a master switch (default = disabled). If it’s enabled, the previous three settings are honored. If it’s disabled: (a) the previous three settings are ignored; (b) the setting’s "legacy behavior" is restored.

  Caution: The "duplicate signers" feature does not work with Single Sign-On Authentication (SSO).

  Note: OneSpan Sign uses phone numbers only for SMS authentication and ID Verification.

Account Owners & Admins

• Can specify the language for redirect URLs: Account Owners and Account Admins can now specify the language of redirect URLs, so Senders and Signers can be redirected to pages in their preferred language. Such URLs include Sender Logout, Sender Session Timeout, and Signer Session Timeout. To configure this feature, please contact our Support Team.

Developers

• SDK can configure more settings: The SDK can now be used to configure the feature Enable Recipient History, and the following transaction settings: (1) Allow document download for incomplete transactions; (2) Display document name on each page of the document; (3) Display signing progress; (4) Allow recipient to navigate across actionable fields in the document; (5) Include optional fields in navigation; (6) Limit number of files per attachment; (7) Font size.

Remote Online Notarization

• RON supports five more U.S. States: We added the following States to the Jurisdiction drop-down list that the system presents to notaries when they register their Notary Commission: (1) Idaho; (2) New Hampshire; (3) New Jersey; (4) North Dakota; (5) Wyoming.

• Reminder for Notary Seal & RON Statement A reminder now appears when a Sender tries to send a Remote Online Notarization transaction without having added a Notary Seal and RON Statement to the transaction’s documents. The popup reminds the Sender that some U.S. States require these additions.

• System copies available signer information: This feature concerns Remote Online Notarization transactions in which a signer is assigned KBA authentication. To save Senders from having to enter a signer’s information twice, if the Sender enters Recipient Details about a signer when they create the transaction, the system now: (1) copies those details into the corresponding fields for KBA authentication; (2) permits Senders to edit the copied information (e.g., First Name, Last Name, City, State, Zip code).

Remote Online Notarization & Virtual Room

• Better interface for failed authentication attempts: If the recipient of a RON or Virtual Room transaction is using an Authentication Method that limits the number of failed attempts, now when an authentication attempt fails: (1) the system displays the number of remaining attempts; (2) a Retry Authentication button appears. If the user clicks that button, they can try to authenticate themselves again without affecting the number of remaining attempts.

Evidence Summary

• Enhanced Evidence Summary: To ensure compliance with KYC (Know Your Customer) regulations in multiple regions (Canada, EU, UK), we enhanced the Evidence Summary by making it include information about recipients’ attempts to authenticate themselves via ID Verification.

Bug Fixes

Senders

• PB-92738: Fixed an issue in which an invitation email failed to be sent because the recipient’s email address contained an ampersand (&). To fix this problem, if a Sender enters an address with an ampersand, an Invalid Email Address message will now appear. Senders will thus be blocked from using addresses that contain an ampersand.

• PB-93911: Fixed an issue in which Bulk Sending failed when Mutual TLS authentication (mTLS) was configured for the account.

• PB-94226: Fixed an issue in which some required fields were not correctly labeled in the Designer;

• PB-93669: Fixed an issue in which a Sender was able to create a transaction without an expiry date, even though default and maximum expiry values had been set at the account level.

• PB-93660: Fixed an issue in which a Sender could not configure an unlimited expiry time for a transaction, even though the account-level settings allowed it.

• PB-90113: Fixed an issue in which trying to configure a transaction’s expiry time in the Designer triggered an error.

• PB-95000: Fixed the following issue on the Designer page. If a Sender clicked the Accept Only button before a document had finished loading, it triggered an error.

• PB-94199: Fixed the following issue that occurred during transaction creation. When a Sender used the Chrome browser's Auto-fill feature, the transaction’s correct name was replaced by pre-filled user information.

• PB-93616: Fixed an issue that arose in the following situation. (1) In BackOffice, the feature Allow Duplicate Signer Email Address was disabled. (2) In the Designer, a Sender tried to add a recipient to a transaction using an email address that was already in use by another recipient. (3) This triggered an error message. (4) The Sender responded by changing the new recipient’s email address to a unique address. (5) At this point, the system should have added the new recipient to the transaction. Instead, it displayed another error message.

• PB-93805: Fixed an issue in which the banner Start your first transaction failed to extend to the edge of the page.

• PB-92455: Fixed an issue in which the text in transactions' Status column wrapped across two lines, and the second line contained only the last character of the last word.

• PB-94736: Fixed the following issue. Sometimes when delegates accessed their delegators’ Dashboard, it failed to indicate that their signature was required on a transaction.

• PB-92675: Fixed an issue in which the Designer page became unresponsive when a Sender: (1) clicked and dragged a field to a new position; (2) did not let go of the left mouse button; (3) pressed the Delete key.

• PB-94734: Fixed an issue in which accessing a trashed transaction from the Sender part of the New User Experience triggered an error.

• PB-93348: Fixed the following issue. A transaction was created and sent, then interrupted (e.g., Edit Transaction), then sent again. Both signers and reviewers should then have received an email reminder about the transaction, but the reviewers did not.

Signer Experience

• PB-94787: Fixed an issue that occurred after a Sender rejected a signer’s attachment, and sent the signer a notification about this. When the signer opened the notification email and clicked View documents, it triggered an error.

• PB-95818: Fixed the following issue. After all signers have signed, and a signer refreshes their browser on the Summary page (aka the Thank You page), the system should redisplay that page. Instead, it displayed the last signed document.

• PB-93797: Fixed an issue in which the system failed to display a proper error message when an account Sender tried to access the Signer Experience for a transaction in which they were not a recipient.

• PB-94572: Fixed an issue in which Zoom controls disappeared from the More Actions menu when the browser window was re-sized to 800 x 950 pixels or smaller.

New User Experience

• PB-91832, PB-88911: Fixed an issue in which: (1) fields were added to a document via the Designer; (2) in the signed document, those fields appeared two pixels away from their assigned positions.

• PB-95822: Fixed an issue that arose when recipients began reviewing the documents of a completed transaction that did not contain an Electronic Consent document. The system should have responded by displaying the transaction’s first document, but instead displayed its last document.

Developers

• PB-95776: Fixed an issue in which a PUT call to reorder a transaction’s documents created a blank placeholder, which in turn caused an Unhandled Server Error.

• PB-94030: Fixed the following issue that occurred in a transaction created via the API. After the transaction was sent for signing, having included two successive backslashes (\\) in a recipient's name caused an Invalid JSON error.

Account Owners

• PB-88113: Fixed an issue in which an error was triggered when an Account Owner clicked Admin on the top menu, and then selected Senders.

Accessibility

• PB-93324: Fixed an issue in which a Screen Reader failed to introduce a Capture Signature panel.

• PB-93326: Fixed an issue in which a user could not TAB into the signature-drawing part of a Capture Signature panel.

• PB-94282: Fixed an issue in which transactions with Accessibility Mode enabled triggered DOCUMENT_NAVIGATION and DOCUMENT_VIEW events for each field accessed. Now: (1) a DOCUMENT_VIEW event is triggered only when a user has viewed a document; (2) a DOCUMENT_NAVIGATION event is triggered only when a user has navigated to a document.

• PB-92456: Fixed an issue in which, upon opening the modal window Resend SMS?, the accessibility focus was on the Resend button rather than the Close[X] button.

Remote Online Notarization

• PB-94037: Fixed an issue in which some iPhone devices failed to correctly display pages during a Remote Online Notarization session.

• PB-93708: Fixed an issue in which the Thank You page for notaries displayed an incorrect message.

Virtual Room

• PB-95729: Fixed an issue in which some elements in a Firefox browser were incorrectly highlighted during a Virtual Room session.

In-App Reporting

• PB-92028: Fixed an issue in which exporting a Transaction Report to a CSV file caused issues if a transaction's name contained a comma. Each such comma is now replaced by a space.

Audit Trail

• PB-93000: Fixed an issue in which the Audit Trail didn’t provide a reason why an ID Verification attempt had failed.

Changed Behavior

• PB-92849: We improved the Signer Experience's validation of date-picker fields. For example, the system now: (1) automatically prepends a "0" if a single-digit value is input for the day or month; (2) instantly rejects out-of-bounds values (e.g., "13" for the month). These improvements resulted from upgrading the MUI X front-end library. For more information, click here.

• PB-94397: We changed the labels of the following Notary fields within the Designer: (1) NotaryLicenseNumber became Notary Commission Number; (2) NotaryLicenseExpirationDate became Notary Commission Expiration Date.

• PB-92028: When a Transaction Report is exported to a CSV file, any comma in a data field is now replaced by a space.

• PB-92561: To prepare for Release 23.R4’s addition of new supported languages: (1) we changed the name of the existing English language to English (United States); (2) we changed the name of the existing Spanish language to Spanish (Latin America). Their associated language codes have not changed.

• PB-95100: To reflect OneSpan’s new colors, we rebranded: (1) the checkboxes in the Sender part of the New User Experience; (2) "selected" radio buttons in the Designer.

Upcoming Changes

• PB-95735: In Release 23.R4 (11.53)., the Signer Experience’s Session Timeout warning message will be modified to display the relevant number of hours.

• Starting in Release 23.R4 (11.53), OneSpan Sign will support only the latest stable version of its supported browsers (Chrome, Firefox, Edge, Safari). This will apply to both the Signer Experience and the Sender part of the New User Experience.

• PB-93756: Starting in Release 23.R5 (11.54), the format of all Date fields in exported CSV files will be "yyyy-MM-dd HH:mm:ss". This applies to the following CSV files: (1) Notary Journal Export; (2) Transaction Usage Report; (3) Transactions Scheduled Report; (4) Account Scheduled Report.

Known Issues

• PB-95735: A known issue is affecting the Signer Experience’s Session Timeout warning message. If the parameter "esl.login.session.timeout.warning" is set to a value higher than 59 minutes, that message fails to display the number of hours. For example, if that parameter is set to 1 hour 2 minutes (3720000 milliseconds), that message incorrectly states that the timeout will occur in 2 minutes (instead of 1 hour 2 minutes). This issue will be fixed in Release 23.R4 (11.53).

• PB-97194: In Self-Service Account Configuration, the transaction setting Allow document download for incomplete transactions currently works with "reversed logic" — i.e., the functionality is allowed when unchecked, and not allowed when checked. This issue will be fixed in Release 23.R4 (11.53).

• PB-96940: When a transaction is being created via the API, a 500 error is thrown if Allow Duplicate Signers is enabled and Allow Duplicate Signer Phone Number is disabled. This issue will be fixed in Release 23.R4 (11.53).

• PB-89508: The system setting Transaction expiry warning (days) is not functional via Self-Service Account Configuration. It will be removed in Release 23.R4 (11.53).

• PB-95581: The BackOffice feature Allow Duplicate Signer Phone Number currently doesn’t work with “internal signers” (i.e., Senders who are also signers). This issue will be fixed in a future release.

• PB-94961: In the Designer, when a Sender tries to Select a Layout or Show Shared Layouts, nothing appears in the list of layouts. This issue will be fixed in a future release.