- 13 Nov 2024
- 6 Minutes à lire
- SombreLumière
Version 4.36.0 (November 2024)
- Mis à jour le 13 Nov 2024
- 6 Minutes à lire
- SombreLumière
Introduction
Welcome to OneSpan Mobile Security Suite 4.36.0!
This is a major release of OneSpan Mobile Security Suite. For information about new features and fixed defects, refer to the respective chapters in this document.
For more information about configuring and using OneSpan Mobile Security Suite, refer to the respective documentation.
As of version 4.18.1, DIGIPASS for APPS has been renamed to OneSpan Mobile Security Suite. If not explicitly stated otherwise, any information and references to DIGIPASS for APPS also apply to OneSpan Mobile Security Suite.
Other OneSpan products have also been renamed. For more information about name changes of the different products, refer to the respective product documentation.
OneSpan Mobile Security Suite list of SDK versions
This section lists the current versions of the Mobile Security Suite SDKs. Items in bold indicate a version change in this release.
Current versions of the Mobile Security Suite SDKs | |
SDK | Version |
---|---|
Biometric Sensor SDK | 4.30.0 |
CDDC SDK | 4.30.0 |
Device Binding SDK | 5.4.0 |
Digipass SDK | 4.35.0 |
DSAPP SDK | 4.33.0 |
FIDO SDK | 5.0.0 |
Image Generator SDK | 4.24.0 |
Image Scanner SDK | 4.32.0 |
Notification SDK | 4.34.0 |
Orchestration SDK | 5.10.0 |
Root Detection SDK | 4.29.0 |
Secure Messaging SDK Client | 4.31.0 |
Secure Messaging SDK Server | 4.31.0 |
Secure Storage SDK | 5.4.0 |
Utilities SDK | 4.31.0 |
WBC SDK | 4.31.0 |
Supported platforms
This section lists the supported platforms for Mobile Security Suite and the affiliated SDKs included in the product package.
Mobile operating systems
Android:
Minimum: Android 7 (API 23) or higher
Target: Android 14 (API 34)
The Image Scanner SDK does not support some Doogee devices.
iOS
Minimum: iOS 14 or higher
Swift 5.0 or higher
Xcode 15 or higher
Apple dropped bitcode support with Xcode 14. Therefore as of Mobile Security Suite 4.35.0, bitcode support is removed from all Mobile Security Suite SDKs. This will eliminate any bitcode warnings when uploading your app to the App Store.
For more information, refer to the Apple Developer documentation.
Mobile integration SDKs
The Digipass SDK and the other mobile integration SDKs support various platforms.
The mobile integration SDKs are:
Biometric Sensor SDK
Client Device Data Collector SDK (CDDC SDK)
Digipass SDK
Digipass Software Advanced Provisioning Protocol SDK (DSAPP SDK)
Device Binding SDK
FIDO UAF SDK
Image Generator SDK
Image Scanner SDK
Notification SDK
Orchestration SDK
Root Detection SDK
Secure Messaging SDK Client
Secure Messaging SDK Server
Secure Storage SDK
White-Box Cryptography SDK
Platforms supported by the server SDKs
The following table lists the platforms supported by the OneSpan Mobile Security Suite server SDKs.
Supported platforms – server SDKs | ||||
Supported platforms | Server SDKs | |||
---|---|---|---|---|
Secure Messaging SDK Server | Image Generator SDK | DSAPP Server SDK | Notification SDK Server | |
.NET 6(and higher) | ✓ | ✓ | ✓ | ✓ (from 4.5) |
Linux 64-bit |
|
| ✓ |
|
Windows 64-bit |
|
| ✓ |
|
JDK version 1.8 (and higher) | ✓ | ✓ | ✓ | ✓ |
Platforms supported by the mobile SDKs
The following tables list the platforms supported by the OneSpan Mobile Security Suite mobile SDKs.
Supported platforms – mobile SDKs (1) | |||||
Supported platforms | Mobile SDKs | ||||
---|---|---|---|---|---|
Device Binding SDK | Image Scanner SDK | Secure Messaging SDK Client | Root Detection SDK | Secure Storage SDK | |
Android 6.0 and higher (armeabi-v7a, arm64-v8a, x86, and x86_64) | ✓ | ✓ | ✓ | ✓ | ✓ |
iOS 13.0 and higher(BitCode support deprecated) with Swift 5.0 and Xcode 15 | ✓ | ✓ | ✓ | ✓ | ✓ |
iPadOS 13.0 | ✓ | ✓ | ✓ | ✓ | ✓ |
Supported platforms – mobile SDKs (2) | |||||
Supported platforms | Mobile SDKs | ||||
---|---|---|---|---|---|
WBC SDK | Biometric Sensor SDK | Digipass SDK | DSAPP Client SDK | Notification SDK | |
Android 6.0 and higher (armeabi-v7a, arm64-v8a, x86, and x86_64) | ✓ | ✓ | ✓ | ✓ | ✓ |
Android Native (armeabi-v7a, arm64-v8a, x86, and x86_64) |
|
| ✓ |
|
|
iOS 13.0 and higher (BitCode support deprecated) with Swift5.0 and Xcode 15 | ✓ | ✓ | ✓ | ✓ | ✓ |
iPadOS 13.0 | ✓ | ✓ | ✓ | ✓ | ✓ |
JDK version 1.8 (and higher) | ✓ |
|
|
|
|
Linux 64-bit |
|
| ✓ |
|
|
Max OS X |
|
| ✓ |
|
|
Windows 64-bit |
|
| ✓ |
|
|
Supported platforms – mobile SDKs (3) | |||
Supported platforms | Mobile SDKs | ||
---|---|---|---|
CDDC SDK | Orchestration SDK | FIDO UAF SDK | |
Android 6.0 and higher (armeabi-v7a, arm64-v8a, x86, and x86_64) | ✓ | ✓ | ✓ |
iOS 13.0 and higher (BitCode support deprecated) with Swift 5.0 and Xcode 15 | ✓ | ✓ | ✓ |
iPadOS 13.0 | ✓ | ✓ | ✓ |
New features and enhancements
For descriptions of new features and enhancements of the individual SDKs, refer to the respective release notes.
Fixes and other updates
For descriptions of fixes and other updates of the individual SDKs, refer to the respective release notes.
Known issues
This section lists issues that have not yet been resolved for the current OneSpan Mobile Security Suite version along with possible workarounds, if available.
Unexpected termination during Fingerprint generation on specific Android devices with Device Binding SDK
This issue affects devices with the following specifications:
Devices with Mediatek Chipset MT6737 (and variants) running Android 7
Xiaomi Redmi Note 8 Pro devices running Android 11
There is a known issue within Android that prevents the Device Binding SDK from properly generating the fingerprint and causes the system to crash. To resolve the issue, use the ANDROID_ID option to generate the fingerprint, rather than the recommended HARDWARE option.
Magisk Hide limitation for root detection with the Root Detection SDK
If Magisk Hide was used to prevent root detection on an Android device, the SDK is not able to detect that a device is rooted.
Unexpected termination occurs on devices running Android 7 using Mediatek chipset with Device Binding SDK
On devices running Android 7 with the Mediatek Chipset MT6737 (and variants), there is a known issue within Android that prevents the Device Binding SDK from properly generating the fingerprint and causes the system to terminate unexpectedly. We recommend upgrading the device to an operating system higher than Android 7, if available. If not, use the ANDROID_ID option to generate the fingerprint.
Incorrect error code on specific Samsung device with the Biometric Sensor SDK
When canceling the fingerprint authentication on the Samsung Galaxy Note 4 Edge (6.0.1), a timeout error code can be randomly returned instead of a cancel error code.
Unknown error popup in Orchestration SDK
On devices running Android 12, there is an issue when using the Orchestration SDK code sample with targetSDK:31 . An Unknown error popup displays during the new user registration.
No biometric information prompted on OnePlus devices
On some devices of the OnePlus familly (OnePlus 6T, 7 Pro, 7T, and 7T Pro), in cases where biometric authentication is required, only a fingerprint icon is displayed on screen, no other information. This is due to the native implementation of the biometric prompt API on these devices.
Storage lost on Asus Zenpad 7.0 when device has PIN enabled
On Asus Zenpad devices protected by a PIN, the device could crash after short usage of the storage (i.e. approximately 30 storage accesses), and the storage would be lost. This issue is due to an incorrect manufacturer implementation, and has been reproduced on an Asus Zenpad 7.0 Z370KL device.
Device fingerprint issue on Huawei devices with dual SIM
Some Huawei devices offering dual SIM capability expose a feature in their Settings app to dynamically change the slots of the SIM cards (“Dual card management” > “4G/3G slot”).
If this feature is enabled with two SIM cards installed on the mobile device, the Android API can be misled, and return an IMEI which may not correspond to the real IMEI related to the SIM card slot (e.g. request IMEI of the first SIM card slot to Android API, it returns the IMEI of the second SIM card slot). This can cause the generation of an incorrect device fingerprint.
This issue arises when using the getDeviceFingerprint method of the Device Binding SDK.
Device fingerprint migration issue on Huawei devices with dual SIM
Some Huawei devices offering dual SIM capability do not return the same value for the device fingerprint from DIGIPASS for APPS version 4.15.0.
This issue is due to an incorrect manufacturer implementation, and has been reproduced on a Huawei P8 Lite (ALE-L21) device.
This issue arises when using the getDeviceFingerprint method of the Device Binding SDK.
Migration of dynamic vectors created with SDK 4.0.0 or SDK 4.0.1
Dynamic vectors created with the C API of the Digipass SDK version 4.0.0 or 4.0.1 are rejected by SDK 4.0.2 with an error code –4006 (RETURN_CODE_DYNAMIC_VECTOR_INCORRECT_FORMAT).
This error is caused by the extension of the dynamic vector content by three additional bytes. After that extension, the dynamic vector version set in the first byte of the dynamic vector is updated from 0x01 to 0x02.
For dynamic vectors with version 0x01, the workaround consists in re-allocating the dynamic vector with three additional bytes.
For more information about migration implementation, refer to the migrateDynamicVector.c file in the sample folder of the C API.
For information on issues that have not yet been resolved in this release of Mobile Security Suite, see Known issues.
Third party licenses
For information on third party dependencies associated with Mobile Security Suite and the affiliated SDKs in this release, see Third party licenses.