Login
    Contenu x
    Mobile Authenticator Studio—Version 5.2.0 (November 2024)
    • 15 Nov 2024
    • 3 Minutes à lire
    • Sombre
      Lumière
    • PDF
    Contenu

    Mobile Authenticator Studio—Version 5.2.0 (November 2024)

    • Mis à jour le 15 Nov 2024
    • 3 Minutes à lire
    • Sombre
      Lumière
    • PDF
    The content is currently unavailable in French. You are viewing the default English version.
    Résumé de l’article

    Introduction

    Welcome to OneSpan Mobile Authenticator Studio 5.2.0!

    For more information about configuring and using Mobile Authenticator Studio, see the Mobile Authenticator Studio product documentation.

    Supported platform versions

    Mobile Authenticator Studio 5.2.0 supports the following platforms:

    • Android 7.0 (API level 24) and later

    • iOS 15.0 and later

    Format of the installation files

    For the installation of Mobile Authenticator Studio, OneSpan will provide the installation files in the following formats:

    • IPA for iOS

    • APK and AAB for Android

    New features and other changes

    Biometric user authentication protection for encryption keys

    Mobile Authenticator Studio now protects encryption keys with biometric user authentication. The PIN is stored in encrypted form with a key that is bound to biometry, and the storage containing the PIN is created with biometric protection enabled. The underlying API only returns the encryption key to the application if the user successfully authenticates with biometry. This makes it impossible to retrieve the PIN value without biometry. According to the configured authentication method, the user is now additionally prompted either for biometric authentication or to enter a PIN in the following cases:

    • Activating an account offline in single-device licensing mode

    • Activating an authenticator instance in multi-device licensing mode

    • Changing the PIN

    • Migrating the PIN

    • Enabling biometric authentication

    Offline help

    You can now configure the Mobile Authenticator Studio app to also provide offline help via the app menu. If the app is configured to provide offline help, the user can access the helpSettings screen by taping the three dots, and selecting Help. The app will then display the help content.

    Enhanced multi-language support

    Mobile Authenticator Studio now offers enhanced multi-language support. You can add languages and/or remove any of the default languages except English as well as customize the default text strings.

    For the language and text customizations, OneSpan provides a CSV file. You update this file as required and return the updated CSV file to OneSpan. Your customizations will be implemented accordingly in the Mobile Authenticator Studio app.

    English is mandatory as in-app language and cannot be removed. If any text string values are missing, Mobile Authenticator Studio will use the corresponding English texts.

    For more information about the integration of this feature, see Integrate app customization.

    Facilitated account management

    To facilitate the user's orientation when managing accounts, sequence numbers have been added to the Manage account, Delete account, and Rename account screens.

    SSL pinning

    Mobile Authenticator Studio 5.2.0 supports supports SSL pinning. This is a security technique that ensures a client communicates only with a specified server by validating its public key, thereby preventing Man-in-the-middle attacks.

    To enable SSL pinning, you need to embed the public key of your server in your mobile application. Upon connection, the client compares the server's public key against the embedded one. If they match the connection is established; if they do not match the connection is terminated.

    You can export a PEM-encoded certificate from a keystore using keytool with this command:

    keytool -export -alias MyCertificateAlias -keystore MyKeyStore.keystore -rfc -file MyPEMCertificate.pem

    You can export a PEM-encoded certificate using OpenSSL with this command:

    openssl x509 -pubkey -noout -in MyPEMCertificate.pem

    Known issues

    (Issue MAS-5165) PIN no longer works after update

    Description: When a PIN was set on a device that has a keyboard which includes foreign characters instead of digits, e.g. an Arabic keyboard, the PIN no longer works after updating Mobile Authenticator Studio.

    Workaround: Mobile Authenticator Studio must be activated again to create a new PIN.

    (Issue MAS-5670) No fallback PIN on iOS

    Description: On iOS devices, when the user fails two consecutive attempts to provide the FaceID during authentication, the device prompts the user only to cancel the action and dismisses the activation flow.

    Workaround: The user can take the following steps as a workaround of this issue:

    1. Retry the authentication and provide the correct biometric method.

    2. Disable the biometrics from the Settings menu and retry to authenticate with PIN.

    3. If biometric authentication has become locked, the user can authenticate with their fallback PIN.

    Cet article vous a-t-il été utile ?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle