Release 24.R3 (11.57)

For information on our current and upcoming deployments for this release, please see the Releases and Maintenances Calendar section of our Trust Center.

These Release Notes were last updated on June 18, 2024.

What's New

Here are some of the new features and enhancements we have made for this release.

OneSpan Integration Platform

We are introducing the OneSpan Integration Platform, which allows you to use a single solution to connect eSignatures to your favorite business applications in an easy, secure, and cost-efficient way.

OneSpan Integration Platform can deliver eSignature integration with multiple applications, such as Google Workspace, Salesforce, and Workday. In the future this platform will also support a self-serve marketplace as well as BYOI (Bring your own iPaaS [Integrations-platform-as-a-service]).

For more information, please contact our Sales Team or your Customer Success Manager.

Accessibility

• The Manage Delegation page is now accessible: The Manage Delegation page is now ADA compliant. (refs PB-102920)

Admins

• Self-service settings can now be configured using .NET SDK: Integrators can now configure Self-service account settings using .NET SDK. (refs PB-92764)

• You can now configure the order in which senders and signers are displayed: Using the Account Configuration page you can now configure the order in which names are displayed. For example, First name, Last name, versus Last name, First name. Note that for signers, the change will only apply to newly added signers within new or existing transactions. (refs PB-98949)

• We have added additional permissions for template management: Administrators can now add template access permissions to a role. For example, from the OneSpan Sign UI admins can now configure a role so that a user can see the Templates menu, and from there create, update, and delete templates. Integrators using our APIs can define whether a user can create, edit, or delete templates. (refs PB-101046)

• We have added the ability to configure the browser tab title for the Signer Login page: You can now customize the browser tab title for both the Signer Login page, and in the Signer Experience. To customize your browser tab, contact our Support Team. (refs PB-103181)

• System Log Reports are now available: You can now retrieve logs related to user management events, as user management reports. These reports are generated as .csv files. The following events can now be retrieved: (refs PB-103295)

  • When senders reset their password using the Forgot your password feature.

  • When an account owner resets a sender's password.

  • User events, such as:

    • A user has been locked or unlocked

    • The status of a user changes

    • The user's type changes

    • Any password changes

    • A user has been deleted

  • Auto-provisioning during SSO authentication

  • Role creation, deletion, or updates

External Archiving

• We have improved the error message displayed when attempting to access the e-Vault Manager console: The updated message now explicitly states that e-Vault Manager has been deprecated. (refs PB-103196)

• The eOriginal Pre-Verify step is now configurable per account: You can now configure your account so that the eOriginal pre-verify check - the sanity check performed when a transaction is created - can be skipped. If skipped, the transaction will only be checked during the vaulting process. To enable this feature, contact our Support Team. (refs PB-104324)

• We have improved eOriginal's Retry Mechanism for Unexpected Errors: The eOriginal retry mechanism will now treat all unexpected errors as "recoverable" errors and will retry the failed action for the configured number of times (the retry is every 4 minutes up to 144 attempts). This will reduce the number of "unrecoverable" errors. Note however, that the LOGIN_FAILED error will now be treated as an "unrecoverable" error. This means that the retry mechanism will not attempt to retry the login action after a failed login attempt. (refs PB-104326)

Notarization & Virtual Room

• We have added participant instructions to RON transactions: While conducting RON transactions additional information now appears on the screen to help participants with the transaction work flow. For example, a message may appear indicating that the participant needs to upload an attachment. (refs PB-103724)

Senders

• Standardized Reporting Colors: To improve the consistency of our UI, we have standardized the color shading that appears when various elements within a report a selected. (refs PB-95345)

Signers

• Signers can now download the Evidence Summary: The Evidence Summary can now be downloaded from the Signer Experience once all participants have completed the transaction. To enable this feature, contact our Support Team. (refs PB-102006)

• External Hyperlinks can now be followed in the Signer Experience: External hyperlinks in document transactions can now be opened up by recipients who are signing those documents. To enable this feature, contact our Support Team . (refs PB-103397)

User Authentication

• You can now unlock LexisNexis: Signers who have failed KBA authentication using LexisNexis will now be locked (they can be unlocked). This means that the transaction can continue without having to create a new one. (refs PB-100507)

• OFAC verification results can now be seen in the Evidence Summary: OFAC (Office of Foreign Assets Control) verifications, both successful and unsuccessful, can now be seen in the Evidence Summary. (refs PB-102983)

• The OTP field is now masked for SMS Authentication: The OTP password is now masked when logging in. (refs PB-103301)

• Enhanced usability of the Create oAuth Client page: We have added the Client ID to the Create oAuth Client page. This makes it easier for you to copy this ID for your records. (refs PB-103865)

• oAuth 2.0 clients are now filtered by sub-accounts: If sub-accounts have been enabled for your account, the list of oAuth 2.0 clients is filtered to display only those clients connected to the selected sub-account. (refs PB-104226)

Bug Fixes

The following issues were resolved in this release:

Accessibility

• Screen readers now correctly read the Close button on the Re-send SMS dialog. Before, screen readers would read the Close button as Cancel. (refs PB-93193)

• A message now appears in the Designer if the maximum character limit is reached for a field. (refs PB-98795)

• Screen readers can now read the hand off dialog in IPEN and RON transactions. (refs PB-102656, 103937)

• There is no longer an accessibility issue with the Expiry Date column in the Transactions List. (refs PB-103408)

• There is no longer an accessibility issue with the pagination of the Transactions List. (refs PB-103409)

• We have fixed various accessibility issues that were reported when creating client apps and oAuth 2.0 clients. (refs PB-103774, 103777)

• For ADA compliance, any page or form that contains required fields marked with an * must show a text that says "Fields marked with * are required." This text has now been added to our Create Client App pages. (refs PB-103787)

• Screen readers can now read the contents of a Vulnerable Adult Questionnaire. (refs PB-103837)

• When changing the Sender language the aria label for the environment label would not translate without first performing a refresh. The language of the environment label now updates immediately. (refs PB-104125)

Admins

• Items within the Admin menu would sometimes require a hard refresh to appear properly when switching languages. Without the refresh these items would continue to appear in the previously displayed language. (refs PB-103376)

• Vulnerable Adult Questionnaire responses are now visible in the Journal. (refs PB-104170)

Evidence Summary

• There is no longer an extra View event displayed in the Evidence Summary. This would sometimes occur after confirming a signature. (refs PB-95343)

External Archiving

• The EDEPOSIT_SUCCESS callback is no longer omitted for some transactions using eOriginal workflows. (refs PB-104550)

Notarization

• An error message no longer appears when you change an IPEN or RON transaction to another type of transaction, and then reset the transaction back to the original IPEN or RON type. (refs PB-103833)

Senders

• An issue where an incorrect expiry date was displayed on the Create Transaction dialog when creating a transaction from a template with an unlimited expiry and a system level maximum expiry is defined has been fixed. (refs PB-100317)

• The Fast Track button no longer appears in the Sender UI if this feature has not been enabled. (refs PB-101635)

• An error message sometimes appeared when attempting to reactive an expired transaction. Senders can now set the expiration date of a transaction to the future, thus reactivating it in a Draft state. (refs PB-103576)

• Document zoom level is now maintained even if you re-size your browser in the Designer. (refs PB-103706)

• The Send to Signbutton in the Designer no longer changes position when changing your language to either Dutch or German. (refs PB-103830)

• The list of possible languages no longer flows past the length of the browser page when certain resolutions have been set. (refs PB-104617)

• When attempting to access the Sender UI after the session in a previously closed browser tab has expired, you are no longer asked to login twice. (refs PB-105762)

Signer Experience

• The signature box now maintains its size when uploading an image for your signature. (refs PB-93014)

• If the More Actions menu is hidden on the Signer Login page, the branding logo is now properly aligned. (refs PB-104269)

• In certain scenarios Reviewer type signers were taken to different documents, depending on whether other signers have completed their signatures. This no longer happens. (refs PB-104408)

Changed Behavior

Here are some of the changes in behavior that you might want to be aware of.

• You can no longer add a sender from a different account to a group. (refs PB-98152)

• As part of the new LexisNexis signer lock/unlock functionality, the authentication explanation included in the failure email has been updated to read "Failed authentication - The recipient failed to answer knowledge-based authentication questions correctly. Please review the sent transaction and update the recipient information or choose another type of authentication for the recipient." (refs PB-100507)

• Authentication questions and answers are now masked when using the GET /api/packages call. (refs PB-100530)

• With the introduction of our new template permissions it is important to note that when creating a custom role via integration that you must now include your desired template permissions. You should no longer rely on your existing Transaction permissions to determine whether or not templates are allowed to be created, updated, or deleted. (refs PB-101225)

• You can no longer enter negative values for reminders. For example, in startInDaysDelay, repetitionsCount, and intervalInDays. (refs PB-102670)

• The parameter Update Date in the payload of /api/packages/<package_id>/roles/<role_id> will be ignored, and the system date will be used instead. (refs PB-102670)

• To improve the consistency of our UI across different pages we have renamed the Create button in the oAuth 2.0 page to Add, and moved it above the list of oAuth 2.0 Clients. (refs PB-103548)

• We have updated the default From email addresses of customized email templates, but only if the From address is set to an esignlive domain. If it has been modified, or set to a parameter, we will not change it. The following From email addresses will be added (refs PB-103871):

  • transaction-notifications@<domain>

  • account-notifications@<domain>

  • system-notifications@<domain>

    The <domain> value is dependent on the environment you are using.

• Signers who have been designated as Reviewers only will now be taken directly to the first non-econsent document in the package. As they are not required to provide any consent they will not be presented with the Electronic Consent Document. (refs PB-104408)

• Handwritten signatures can no longer be fetched using the GET /api/packages call. (refs PB-105322)

Known Issues

Here are some of the known issues that we are currently working on, and plan to have fixed in a future release.

• eOriginal callbacks are reset when Event Notifications are updated and saved using the Event Notifications page. (refs PB-105022)

• The grant type for event notifications with oAuth 2.0 authentication is not set correctly when configuring using the Event Notifications page. (refs PB-105028)

• When registering an account, or when resetting the new account’s password, if another browser tab is already open with another session the user registering a new account or resetting the password will be logged into the already open session. Refreshing your browser resolves this issue. (refs PB-105804)