Release Notes Version 1.0.0

To support our customers with challenges caused by changed threats such as the shift towards Authorized Push Payment (APP) fraud, where a victim is tricked into willingly transferring money to the attacker, OneSpan has added new products to our portfolio. Financial institutions must be able to counter new threats targeting mobile banking apps and implement mitigating measures, not least due to increasing regulatory requirements concerning the security of mobile banking apps from financial regulators.

The Network Security SDK is among the latest additions to OneSpan Mobile Security Suite. This client SDK detects whether the mobile device on which a mobile banking app resides is connected to an insecure network or is actively using a VPN connection.

Features of the SDK

Insecure Network Detection

On Android, the SDK uses the Android ConnectivityManager to obtain information about the network to which the device is connected. The device is considered to be connected to a secure network if it is connected via Ethernet or Cellular or any Wi-Fi network which uses the following encryption protocols:

• WPA2

• WPA3

This approach requires the ACCESS_WIFI_STATE permission.

On iOS, the SDK can obtain the network information but it is not possible to differentiate between WPA and WPA2 or WPA3, so WPA is included in the list of secure networks. The SDK requires authorization to use the device location and access to information about the connected network must be provided with with com.apple.developer.networking.wifi-info entitlement.

VPN connectivity detection

The presence of a VPN connection is detected by reading the network connection settings on the mobile device.

On Android, ConnectivityManager is an Android API used to manage network connections. It provides methods to check the availability and status of network connections and request and configure network connections. ConnectivityManager allows retrieving the network capabilities of a mobile device’s active network. Using these capabilities, it is possible to check whether the VPN transport protocol is being used.

On iOS, CFNetworkCopySystemProxySettings allows retrieving the current system-wide Internet proxy settings. This can be used to check whether any of the VPN tunnelling protocols (i.e., tap, tun, ppp, ipsec, utun) is in use.

For information how to integrate the SDK, see the Network Security SDK Integration Guide.

Supported platforms

The Network Security SDK can be used on a variety of devices and supports the following platforms:

Android devices:

• Minimum Android 7 (API level 24)

• Target Android 15 (API level 35)

• Support for 16 KB page sizes

  Beginning with Android 15, Android supports devices that are configured to use a page size of 16 KB (i.e., 16 KB devices). The SDK has been updated to work on these 16 KB devices. However, if your app uses any native libraries, you must ensure that these libraries are ready for 16 KB page sizes. For more information, refer to the Android Developer documentation.

iOS devices:

• iOS 15 or higher

• Swift 5 or higher

• Xcode 16 or higher

For information on the supported operating systems and platforms supported by Mobile Security Suite and the affiliated SDKs, see Supported platforms.

Third party licenses

For information on third party dependencies associated with Mobile Security Suite and the affiliated SDKs in this release, see Third party licenses.