Release 23.R4 (11.53)

What's New

Knowledge-Based Authentication

• Equifax US replaced by LexisNexis: Equifax US has been replaced by LexisNexis. Any account that had Equifax US enabled will now have LexisNexis enabled by default. Senders will be notified of these changes if they try to do either of the following: (1) send transactions with Equifax US as an authentication method; (2) update signers who have Equifax US as their authentication method. Signers who try to authenticate themselves via Equifax US will now: (1) be notified that they cannot access the associated transaction; (2) be asked to contact the transaction's sender. Important: In this release: (1) signers’ authentication status is not available with LexisNexis; (2) failure callbacks and emails are not supported with LexisNexis.

• Equifax Canada deprecated: Equifax Canada is no longer supported, and will not be replaced with another service.

ID Verification

• New APIs for ID Verification: Three new API's download the following items, respectively: (1) an Evidence Summary in JSON format that contains detailed ID Verification information; (2) one specified ID Verification image; (3) multiple ID Verification images that have been specified in a list.

Languages

• Support for three more languages: We added support for the following languages: (1) Polish; (2) Spanish (Spain); (3) English (United Kingdom). Note: (1) Due to certain Canadian SMS guidelines, SMS messages sent in Polish to Canadian phone numbers via Twilio's messaging service will be received in English. (2) Twilio does not support Spanish (Spain). Thus SMS messages sent in Spanish (Spain) via Twilio's messaging service will be received in Spanish (Latin America).

If you have any customized email templates that you would like to use with these newly added languages, please contact our Support Team. If you do not contact our Support Team, the default OneSpan Sign email templates will be used.

Senders

• Senders can configure Designer settings: Self-Service Account Configuration now has a group of Designer Settings that determine the functionality of the Designer page.

• Senders can configure upload settings: Self-Service Account Configuration now has Upload Settings that specify the file types that recipients can upload as attachments.

• Senders can configure email reminders: Self-Service Account Configuration now has Email Reminders that specify a schedule for email reminders that will be sent to all recipients who have not yet finished signing.

• Better Event Notification page: We redesigned the Event Notification page that senders use to configure event notifications for their listener services. The new design is more logical and less confusing.

Admins

• Can customize Electronic Consent’s Accept button: Admins can now specify the text on the Accept button in the bottom bar of the Electronic Consent document. This button no longer needs to be the same as the Accept button for Accept Only recipients. To customize this text, Admins will need to work with our Support Team.

Remote Online Notarization

• RON supports five more U.S. States: We added the following States to the Jurisdiction drop-down list that the system presents to notaries when they register their Notary Commission: (1) Michigan; (2) Missouri; (3) New Mexico; (4) Pennsylvania; (5) Wisconsin.

• Two main authentication options: When senders configure the Authentication Method for a participant in a RON transaction, they are now presented with the following two options: (1) Unknown Signer — in this case, the sender must specify the methods KBA Authentication (via LexisNexis) and ID Verification; (2) Personally Known Signer — in this case, the sender can specify any Authentication Method (or none at all).

• KBA respects the notary’s jurisdiction: The KBA Authentication Method used in a RON transaction is now customized to meet the requirements of the jurisdiction where the notary has their commission.

• Better Locked Out error page: When a user is locked out after an unsuccessful authentication attempt, the Locked Out error page now shows how much time remains until the user will be permitted to make their next authentication attempt.

• Notary Journal can record document dates: The Notary Journal now has a field that notaries can use to enter the date that appears on a document they are notarizing. This is useful because that date sometimes differs from the date when the notarization is performed.

• Can require participants to sign Notary Journal: A new feature enables senders to require that a RON transaction’s participants sign the Notary Journal. If a sender makes this requirement, during the transaction the notary can: (1) make their journal entries; (2) then pass control to the participants so they can sign the journal. To enable this feature, please contact our Support Team.

• New way to access the Thank You page: When a notary is reviewing a completed RON transaction, the Thank You page now opens after they click the Finish button on the last document. Note: That page has always opened — and it still does — when the notary clicks the Finish button in the Notary Journal.

• Reminders about Notary Commission expiry: Notaries will now get emails to remind them of the approaching expiration of their Notary Commission. These emails will be sent 90, 60, 30 and 7 days before expiration.

• Can set Notary Commission expiry to N/A: Notaries can now configure their commission’s expiration date as N/A (Not Applicable). This is useful because in some jurisdictions (e.g., Canada) commissions do not expire.

In-App Reporting

• New column in Transaction Reports: We added a Transaction Description column to Transaction Reports. Note: (1) This column will appear only for ongoing and future reports; (2) for ongoing reports, the column will be populated only if the transaction has been updated.

Bug Fixes

Free Trial

• PB-97466: Fixed an issue in which a link in the activation email for a Free Trial of OneSpan Sign failed to redirect users to the Account Registration page.

User Authentication

• PB-96316: Fixed an issue in which completing an ID Verification process triggered an Internal Server Error. This error was caused by the fact that a Redis key/value had not expired.

• PB-97838: Fixed the following issue. When a signer uses Client App credentials to generate a Signer Authentication Token, the system should not send an SMS OTP (one-time password) to their mobile phone. The problem was that the system did that.

• PB-92243: Fixed an issue in which the signer's authentication page appeared in English, but should have appeared in the transaction's language (French). This occurred when: (1) the transaction was created via the SDK; (2) the signer’s language was not specified.

Senders

• PB-97194: Fixed the following issue. In Self-Service Account Configuration, the transaction setting Allow document download for incomplete transactions was working with "reversed logic". In other words, the problem was that the functionality was allowed when unchecked, and not allowed when checked.

• PB-97570: Fixed the following issue. An account’s default language was set to a language other than English. A sender on the account then created a transaction via the API, but did not specify a language. In this situation, the transaction's language should have defaulted to the account’s default language. Instead, it defaulted to English.

• PB-94961: Fixed the following issue. In the Designer’s Apply Layout dialog box, if the toggle switch Show shared layouts is ON, the Select a layout drop-down list should display all shared layouts. The problem was that this list didn't display any of the existing shared layouts.

• PB-96940: Fixed an issue in which trying to create a transaction via the API failed when: (1) the feature Allow Duplicate Signers was enabled; (2) the feature Allow Duplicate Signer Phone Number was disabled.

• PB-94744: Fixed the following issue. The feature SSO Login was enabled, so senders had to log in to OneSpan Sign via Single Sign-On Authentication (SSO). The feature auto-provisioning was disabled, so an SSO login did not automatically create a new sender if one did yet not exist in the system. In this situation, after a user’s first successful SSO login, they were trapped in the state Pending. To fix this, we changed the API. Now, after a user’s first successful SSO login, their status is automatically set to Enabled (active). Note: This fix does not change anything for use cases where the Roles and Permissions feature is enabled.

• PB-96189: Fixed an issue in which using a Fast Track link to create a template triggered an error when the following features were enabled and used: (1) Delegation; (2) Roles and Permissions; (3) Sub Accounts.

Signer Experience

• PB-97932: Fixed an issue in which the logo failed to appear on the Signer Login page when the logo’s SVG file was missing the width attribute.

• PB-97442: Fixed an issue in which a captured signature sometimes appeared too small or was not visible before being confirmed.

• PB-96886: Fixed an issue in which the system failed to enforce a minimum length for captured signatures.

• PB-95644: Fixed an issue in which an error message appeared in English, but should have appeared in French. The error message appeared after a signer tried to decline a completed transaction.

• PB-93727: Fixed an issue that arose in the following situation. (1) Within a transaction, a signer delegated their signing responsibilities to a new signer (using More Actions > Reassign Recipient). (2) The original signer then finished reviewing the transaction’s documents, and clicked Finished. (3) The Thank You page that then appeared should have displayed the name of the original signer. Instead, it displayed the name of the new signer.

Admins

• PB-96415: Fixed an issue that occurred when the Roles and Permissions feature was enabled, then disabled, then enabled again in OneSpan Sign BackOffice. By this point, the system had made the mistake of adding default roles to users.

• PB-87067: Fixed a OneSpan Sign BackOffice issue in which trying to download an Electronic Consent document triggered an HTTP 500 error.

Remote Online Notarization

• PB-96361: Fixed an issue in which notaries couldn't return to the Overview page after starting a RON transaction. We fixed it by restoring the left sidebar’s Home button.

• PB-93258: Fixed an issue in which a RON transaction’s Thank You page did not display properly on certain mobile devices.

• PB-97304: Fixed an issue in which KBA error pages in RON transactions failed to match RON’s current design.

Accessibility

• PB-95925: Fixed an issue in which a Screen Reader failed to read the contents of a signed document's Date field.

Language

• PB-97202: Fixed an issue in which Japanese email notifications displayed expiry dates in English.

Changed Behavior

• When setting SMS authentication for a recipient, the country code will default to the country set for the Sender within their account profile. If their country is set to Other (which is the default), the SMS input country code will be set to International.

• Equifax US and Equifax Canada are no longer supported.

• When using LexisNexis KBA, signers are now authenticated each time they access the signing link, regardless of whether or not the signing has been completed.

• If a signer fails to authenticate using LexisNexis KBA, the sender will need to create a new transaction if they want to re-attempt KBA authentication.

• OneSpan Sign now supports only the latest stable version of its supported browsers (Chrome, Firefox, Edge, Safari). This applies to both the Signer Experience and the Sender part of the New User Experience.

• PB-97114, PB-95121: The Evidence Summary now records if the selfies and documents submitted during ID Verification are authentic.

• PB-97194: In Self-Service Account Configuration, the transaction setting Allow document download for incomplete transactions has been renamed Disable document download for incomplete transactions.

• PB-97112: In Self-Service Account Configuration, the system setting Transaction expiry warning (days) has been removed.

Upcoming Changes

• PB-93756: Starting in Release 23.R5 (11.54), the format of all Date fields in exported CSV files will be "yyyy-MM-dd HH:mm:ss". This applies to the following CSV files: (1) Notary Journal Export; (2) Transaction Usage Report; (3) Transactions Scheduled Report; (4) Account Scheduled Report.