Changelog
All notable changes will be documented in this file.
[15.10] - 2025-08-05 (RC2)
Fixed (KOBIL Shift Lite)
- Fixed an issue where detecting if the swk key is expired was not possible. KHC-6909
- Fixed issue with certificate pinning in REST. SDK-432
Changed
- MC 180.0, MCW-Android 179.0, KSSIDP 1.3, H-Bridge 12.5, H-Android 24.5
- Improved magisk detection.
Changed(KOBIL Shift Lite)
- Removed encryption certificate creation if AST Services are used as server backend. SDK-441
[15.9] - 2025-05-12
Fixed
- Fix "UNINTEDED CHANNEL" when using CertPinning Proxy. SDK-192
->
Note: This requires androidx.webkit:webkit minimum version 1.2.0 on application side (recommended 1.8.0)
Fixed (Digitanium)
- Fix GetUpdateInformationEvent behavior when no valid update information is configured on SSMS. DS-7710
Added
- Introduce tms timeout handling on client side to improve tms timeout signalling towards app. SDK-125, SDK-170
- Added timeout API for connection with PinningProxy. MB-969
Added (KOBIL Shift Lite)
- Introduced ssms to maverick migration and cleanup functionality during SetAuthorisationCodeEvent handling. SDK-152
- Add uuid to tracing of Start/Restart event and fix occasion in which it was not traced for SetAuthorisationCode event. SDK-87
- Added DeleteIamTokenByAudienceEvent which will allow to delete tokens acquired by ExchangeIamTokenEvent. SDK-23
- Added TCP: prefix to traceparent in logging. SDK-183
- Add traceparent to the log lines for received and propagated events. SDK-103
- Added Multiflow support in KSSIDP. MB-804, AK-106
Changed
- MC 174.2, MCW-Android 173.5, H-Bridge 12.3, H-Android 24.2, A-L 9.1, TWV Proxy 16.0, KSSIDP 1.1
- Hardening improvement. SDK-56
- Updated SSL Library. DS-8348
- Improved magisk detection. DPK-620
Changed (KOBIL Shift Lite)
- Changed Token expiration check logic to use iat/exp claims instead of local clock which should help with issues arising when clients time is off. SDK-90
[15.8] - 2025-02-01
Fixed (KOBIL Shift Lite)
- Resolved an issue where a transaction could not be accepted after an
OfflineLogin
if themaverick.useSEKeyForSigningTransactions
flag in the MC Config was set to "true". KHC-6211 - Fixed an issue where reactivating a user via
SetAuthorisationCode
— if they had already been activated on the given device—appeared as failed due to a lostActivationCode
. KHC-6197 - Addressed an issue preventing transactions from being triggered after access and refresh tokens expired. KHC-6229
- Fixed a possible crash during request execution(during deinitialisation). KHC-6151, KHC-6171
- Fixed an issue where transactions could not be signed. KHC-6350
- Fixed an issue under certain circumstances SetAuthCode failed for users that were activated for long time period. KHC-6253
Added (KOBIL Shift Lite)
- Introduced UUID as a tag for tracing in
SetAuthorisationCodeEvent
andExchangeIamTokenEvent
.
Added
- Enabled
HttpCommonRequest
to support custom timeouts and specify whether a new connection should be used. KHC-6270
Changed
- MC 171.0, MCW-Android 170.0, H-Bridge 11.3, H-Android 23.0, A-L 8.9, KSSIDP 1.0.7
- Support more HW keystore devices for BDDK use cases.
[15.6] - 2024-12-02 (RC1)
Added (KOBIL Digitanium / Digitanium+)
- 16KB page size support. KHC-5655
Added (KOBIL Shift Lite)
- Expanded the range of Android devices compatible with BDDK solutions in the Turkish market. KHC-5775
Details:
- 'minimumKeyProtection' mc configuration entry under 'maverick' section with allowed values ALLOW_VIRTUAL_SMART_CARD, ENFORCE_HARDWARE, ENFORCE_STRONG_HARDWARE
- Fallback mechanism for the android/ios devices with no hardware keystore support when one or both useMkex and useSeForSingingTransaction are set to true. In order for fallback to work 'minimumKeyProtection' value should be ALLOW_VIRTUAL_SMART_CARD
- 'mkex_key_protection' and 'tms_key_protection' parameters to SetAuthorisationCodeResultEvent which will determine the key protection levels used during SetAuthorisationCodeEvent flow.
- 'minimumKeyProtection' must NOT be switched while there is an already activated user.
Changed
- MC 169.0, MCW-Android 167.0, H-Bridge 11.0, H-Android 22.0, A-L 8.8, TWV Proxy 14.2, KSSIDP 1.0.6
- Enhancement of Webview Hardening for Android on some devices. CITY-173
- Further Tracing improvements
Changed (KOBIL Digitanium / Digitanium+)
- Removed 32 byte restriction for PIN when SSMS is used as Ast Server Backend. KHC-5727
Changed (KOBIL Shift Lite)
- Automatic certificate renewal for mTLS before expiration.
- Self-signed JWT tokens expiring within 28 days are now refreshed automatically.
- GetKeyStoreInfo handling to do key attestation so that devices not meeting the defined minimumKeyProtection can be detected during start
[15.5] - 2024-09-06 (RC1)
-
Fixed (KOBIL Shift Lite)
- Fixed a sporadic issue where TMS cannot be accepted after fresh activation if we don't have the TMS certificate yet. KHC-5102
- Fixed an issue where TMS notification(TriggerBannerEvent) cannot be sent or sent too late if there were multiple TMS SSE's received. KHC-5736
- Fixed an issue where TMS notification(TriggerBannerEvent) cannot be sent if TMS SSE received too early during login/activation, leading to invalid state. KHC-5102
- Fixed a sporadic issue with handling set property events when using maverick backend which leads to property encryption failure.
Added
- DisplayConfirmationResult and TransactionEnd events now propagate server error if there was one.
Changed
- MC 167.0, MCW-Android 164.0, H-Bridge 9.13, TWV Proxy 13.0
[15.4] - 2024-08-14 (RC1)
Fixed
- Moved the initialization of the logging before init of the sdk.
Fixed (KOBIL Shift Lite)
- Token exchange issue while using the refresh token mapped to audience after the exchanged token expires against idp5. KHC-5568
Added
- to-string functionality to invalid state event in order to print error message to logs.
Changed
- MC 165.0, MCW-Android 162.0
[15.3] - 2024-07-24 (RC1)
Fixed
- Performance issues on low-end and old devices which could lead to crashes. KHC-5543, KHC-5561
Fixed (Digitanium)
- A crash that happens after calling GenerateOtp when not logged in. MCSDK-1773
Added (KOBIL Shift Lite)
- Missing error code propagation for biometric authentication to LoginResult event.
- Handle certificate revocation. MCSDK-2285
- An incorrect sdk state issue after failed biometric authentication during SetAuthorizationCode event. MCSDK-2261, WIN-99
- Invalid state during OfflineLogin due to workspace switching.
- A condition where multiple restart events can be processed simultaneously.
- A condition where suspend is executed while a restart event is ongoing leading to a freeze. KHC-5227, KHC-4482
Changed
- MC 163.0, MCW-Android 160.0, H-Bridge 9.9, H-Android 20.5
[15.2] - 2024-07-12 (RC2)
Fixed (KOBIL Shift Lite)
- Transactions text can be delivered in default language
Added (KOBIL Shift Lite)
- IDP 5 error handling to KSSIDP library MCSDK-2038
Changed (KOBIL Shift Lite)
- MCSDK now supports both IDP 4 and IDP 5 MCSDK-2008
Changed
- MC 162.1, MCW-Android 159.2, H-Bridge 9.6, H-Android 20.4, A-L 8.7, KSSIDP 1.0.0
- Updated SSL library
- Updated sqlite KHC-5326
[15.1] - 2024-06-06 (RC1)
Fixed (KOBIL Digitanium / Digitanium+)
- Rare case of hanging SSMS Login. MCSDK-2209 KHC-5221
- Rare case of login failure when migrating from ASTSDK to MCSDK. DS-6464 DS-6440 DS-6468 DS-5696 KHC-5333 KHC-5310 KHC-5336 KHC-4714
Added
- (GettingStartedApp) Logic to open Biometric Settings Page, when Biometric is not set up on device but user wants to use it. MCSDK-2117
Added (KOBIL Shift Lite)
- (GettingStartedApp) Added one-time Auth-mode Password when Biometry is canceled MCSDK-2108
- Handle Client Disconnect event. KHC-3618 MCSDK-1596
Changed
- MC 161.0, MCW-Android 158.1, H-Bridge 9.4, H-Android 20.2, A-L 8.6
- New logging framework MCSDK-2123
[15.0] - 2024-05-23 (RC3)
Note (KOBIL Shift Lite)
- ExchangeIamToken does not allow requesting tokens for external services with same clientID/audience as the login MC token. Please check and change your external services that they don't need such a token. MCSDK-1192
Fixed
- Invalid state event conversion from cpp to java
Fixed (KOBIL Digitanium / Digitanium+)
- Rare case where LoginResultEvent was not received after upgrading from AST-SDK to MC-SDK. KHC-4714 MCSDK-1988
Fixed (KOBIL Shift Lite)
- Ability to obtain astClientId value after Login event KHC-5027 MCSDK-2097
Changed
- New error_message field into InvalidStateEvent
- Improve tracing to align to Open Telemetry specification MCSDK-1992
- Use one of the following ExternalFilesDir, FilesDir, CacheDir as a SDK log path from left to right based on availability(exists and writable) MCSDK-1949
- MC 159.0, MCW-Android 156.1, H-Bridge 9.4, H-Android 20.1, A-L 8.3
Changed (KOBIL Shift Lite)
- ExchangeIamToken does not allow requesting tokens for external services with same clientID/audience as the login MC token. It returns CannotAcquireTokenData result then. Please check and change your external services that they don't need such a token. MCSDK-1192
- Allow get/set property events during transaction in progress state
- Prevent unnecessary kex during get ast client data event handling by not doing kex if the event is used after login [beta; for specific customer projects only]
Added (KOBIL Shift Lite)
- JWT Authentication Grant (aka SignedJWT) login mode (as a optional replacement of Offline Token login mode) MCSDK-1776
- New 'EnableAuthModeEvent' event to be able to change authentication mode after login MCSDK-1979
- New 'SwitchWorkspaceEvent' event for switching of workspaces/tenants.
- Introduce getLogsPath function to SynchronousEventHandler which will return the logs path MCSDK-1949