Mobile Security Suite Known Issues
  • 15 Nov 2024
  • 4 Minutes à lire
  • Sombre
    Lumière

Mobile Security Suite Known Issues

  • Sombre
    Lumière

The content is currently unavailable in French. You are viewing the default English version.
Résumé de l’article

This section lists issues that have not yet been resolved for the current OneSpan Mobile Security Suite version along with possible workarounds, if available.

Image Scanner SDK: Cronto images not properly processed on DOOGEE devices

On certain DOOGEE devices, an issue prevents the  from properly scanning and decoding  images. Currently, the following devices are reported to be affected:

  • DOOGEE V Max EEA ( 12)

  • DOOGEE V30T

  • DOOGEE S100

Device Binding SDK: -4400 Internal error  with Samsung S24 Ultra due to StrongBoxUnavailableException

Recently an issue arose that is related to StrongBoxUnavailableException.

Please note that this is not an issue of our SDKs but is caused on the manufacturer's side and outside the control of OneSpan. There is the possibility that this may be fixed automatically in the future.

To provide a fallback mechanism, we have added a new error code, STRONGBOX_UNAVAILABLE and a new fingerprint type, HARDWARE_WITH_TEE.

The recommended flow to generate the fingerprint as follows:

  1. Call the APIs as before by creating the instance using HARDWARE as fingerprint type.

    DeviceBinding.createDeviceBinding(context, FingerprintType.HARDWARE).fingerprint(SALT)
  2. If this API returns an exception with the error code STRONGBOX_UNAVAILABLE create a new instance with the new fingerprint type HARDWARE_WITH_TEE:

    DeviceBinding.createDeviceBinding(context, FingerprintType.HARDWARE_WITH_TEE).fingerprint(SALT)

    The use of TEE can result in a different fingerprint being generated.

Image Scanner SDK: SDK returns error with Samsung Galaxy A23

Due to a known issue with the camera on Samsung Galaxy A23, Cronto codes are not decoded properly with the default resolution.

Workaround: The solution to this issue is to increase the resolution using the following code snippet:

var imageAnalysisBuilder = ImageAnalysis.Builder().setTargetRotation(rotation)
// Set Resolution property only for Samsung Galaxy A23 model
if(Build.MANUFACTURER.equals("Samsung", true) && Build.MODEL.contains("A23")) {
          imageAnalysisBuilder.setTargetResolution(Size(1080, 1920))
}
imageAnalysisBuilder.build().setAnalyzer(cameraExecutor, QrCodeAnalyzer())

Unexpected termination during Fingerprint generation on specific Android devices with Device Binding SDK

This issue affects devices with the following specifications:

  • Devices with Mediatek Chipset MT6737 (and variants) running Android 7

  • Xiaomi Redmi Note 8 Pro devices running Android 11

There is a known issue within Android that prevents the Device Binding SDK from properly generating the fingerprint and causes the system to crash. To resolve the issue, use the ANDROID_ID option to generate the fingerprint, rather than the recommended HARDWARE option.

Magisk Hide limitation for root detection with the Root Detection SDK

If Magisk Hide was used to prevent root detection on an Android device, the SDK is not able to detect that a device is rooted.

Unexpected termination occurs on devices running Android 7 using Mediatek chipset with Device Binding SDK

On devices running Android 7 with the Mediatek Chipset MT6737 (and variants), there is a known issue within Android that prevents the Device Binding SDK from properly generating the fingerprint and causes the system to terminate unexpectedly. We recommend upgrading the device to an operating system higher than Android 7, if available. If not, use the ANDROID_ID option to generate the fingerprint.

Incorrect error code on specific Samsung device with the Biometric Sensor SDK

When canceling the fingerprint authentication on the Samsung Galaxy Note 4 Edge (6.0.1), a timeout error code can be randomly returned instead of a cancel error code.

Unknown error popup in Orchestration SDK

On  devices running Android 12, there is an issue when using the Orchestration SDK code sample with targetSDK:31 . An Unknown error popup displays during the new user registration.

No biometric information prompted on OnePlus devices

On some devices of the OnePlus familly (OnePlus 6T, 7 Pro, 7T, and 7T Pro), in cases where biometric authentication is required, only a fingerprint icon is displayed on screen, no other information. This is due to the native implementation of the biometric prompt API on these devices.

Storage lost on Asus Zenpad 7.0 when device has PIN enabled

On Asus Zenpad devices protected by a PIN, the device could crash after short usage of the storage (i.e. approximately 30 storage accesses), and the storage would be lost. This issue is due to an incorrect manufacturer implementation, and has been reproduced on an Asus Zenpad 7.0 Z370KL device.

Device fingerprint issue on Huawei devices with dual SIM

Some Huawei devices offering dual SIM capability expose a feature in their Settings app to dynamically change the slots of the SIM cards (“Dual card management” > “4G/3G slot”).

If this feature is enabled with two SIM cards installed on the mobile device, the Android API can be misled, and return an IMEI which may not correspond to the real IMEI related to the SIM card slot (e.g. request IMEI of the first SIM card slot to Android API, it returns the IMEI of the second SIM card slot). This can cause the generation of an incorrect device fingerprint.

This issue arises when using the getDeviceFingerprint method of the Device Binding SDK.

Device fingerprint migration issue on Huawei devices with dual SIM

Some Huawei devices offering dual SIM capability do not return the same value for the device fingerprint from DIGIPASS for APPS version 4.15.0.

This issue is due to an incorrect manufacturer implementation, and has been reproduced on a Huawei P8 Lite (ALE-L21) device.

This issue arises when using the getDeviceFingerprint method of the Device Binding SDK.

Migration of dynamic vectors created with SDK 4.0.0 or SDK 4.0.1

Dynamic vectors created with the C API of the Digipass SDK version 4.0.0 or 4.0.1 are rejected by SDK 4.0.2 with an error code –4006 (RETURN_CODE_DYNAMIC_VECTOR_INCORRECT_FORMAT).

This error is caused by the extension of the dynamic vector content by three additional bytes. After that extension, the dynamic vector version set in the first byte of the dynamic vector is updated from 0x01 to 0x02.

For dynamic vectors with version 0x01, the workaround consists in re-allocating the dynamic vector with three additional bytes.

For more information about migration implementation, refer to the migrateDynamicVector.c file in the sample folder of the C API.


Cet article vous a-t-il été utile ?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle