Skip to main content

Changelog

All notable changes will be documented in this file.

[15.5] - 2024-09-06 (RC1)

  • Fixed (KOBIL Shift Lite)

  • Fixed a sporadic issue where TMS cannot be accepted after fresh activation if we don't have the TMS certificate yet. KHC-5102
  • Fixed an issue where TMS notification(TriggerBannerEvent) cannot be sent or sent too late if there were multiple TMS SSE's received. KHC-5736
  • Fixed an issue where TMS notification(TriggerBannerEvent) cannot be sent if TMS SSE received too early during login/activation, leading to invalid state. KHC-5102
  • Fixed a sporadic issue with handling set property events when using maverick backend which leads to property encryption failure.

Added

  • DisplayConfirmationResult and TransactionEnd events now propagate server error if there was one.

Changed

  • MC 167.0, MCW-Android 164.0, H-Bridge 9.13, TWV Proxy 13.0

[15.4] - 2024-08-14 (RC1)

Fixed

  • Moved the initialization of the logging before init of the sdk.

Fixed (KOBIL Shift Lite)

  • Token exchange issue while using the refresh token mapped to audience after the exchanged token expires against idp5. KHC-5568

Added

  • to-string functionality to invalid state event in order to print error message to logs.

Changed

  • MC 165.0, MCW-Android 162.0

[15.3] - 2024-07-24 (RC1)

Fixed

  • Performance issues on low-end and old devices which could lead to crashes. KHC-5543, KHC-5561

Fixed (Digitanium)

  • A crash that happens after calling GenerateOtp when not logged in. MCSDK-1773

Added (KOBIL Shift Lite)

  • Missing error code propagation for biometric authentication to LoginResult event.
  • Handle certificate revocation. MCSDK-2285
  • An incorrect sdk state issue after failed biometric authentication during SetAuthorizationCode event. MCSDK-2261, WIN-99
  • Invalid state during OfflineLogin due to workspace switching.
  • A condition where multiple restart events can be processed simultaneously.
  • A condition where suspend is executed while a restart event is ongoing leading to a freeze. KHC-5227, KHC-4482

Changed

  • MC 163.0, MCW-Android 160.0, H-Bridge 9.9, H-Android 20.5

[15.2] - 2024-07-12 (RC2)

Fixed (KOBIL Shift Lite)

  • Transactions text can be delivered in default language

Added (KOBIL Shift Lite)

  • IDP 5 error handling to KSSIDP library MCSDK-2038

Changed (KOBIL Shift Lite)

  • MCSDK now supports both IDP 4 and IDP 5 MCSDK-2008

Changed

  • MC 162.1, MCW-Android 159.2, H-Bridge 9.6, H-Android 20.4, A-L 8.7, KSSIDP 1.0.0
  • Updated SSL library
  • Updated sqlite KHC-5326

[15.1] - 2024-06-06 (RC1)

Fixed (KOBIL Digitanium / Digitanium+)

  • Rare case of hanging SSMS Login. MCSDK-2209 KHC-5221
  • Rare case of login failure when migrating from ASTSDK to MCSDK. DS-6464 DS-6440 DS-6468 DS-5696 KHC-5333 KHC-5310 KHC-5336 KHC-4714

Added

  • (GettingStartedApp) Logic to open Biometric Settings Page, when Biometric is not set up on device but user wants to use it. MCSDK-2117

Added (KOBIL Shift Lite)

  • (GettingStartedApp) Added one-time Auth-mode Password when Biometry is canceled MCSDK-2108
  • Handle Client Disconnect event. KHC-3618 MCSDK-1596

Changed

  • MC 161.0, MCW-Android 158.1, H-Bridge 9.4, H-Android 20.2, A-L 8.6
  • New logging framework MCSDK-2123

[15.0] - 2024-05-23 (RC3)

Note (KOBIL Shift Lite)

  • ExchangeIamToken does not allow requesting tokens for external services with same clientID/audience as the login MC token. Please check and change your external services that they don't need such a token. MCSDK-1192

Fixed

  • Invalid state event conversion from cpp to java

Fixed (KOBIL Digitanium / Digitanium+)

  • Rare case where LoginResultEvent was not received after upgrading from AST-SDK to MC-SDK. KHC-4714 MCSDK-1988

Fixed (KOBIL Shift Lite)

  • Ability to obtain astClientId value after Login event KHC-5027 MCSDK-2097

Changed

  • New error_message field into InvalidStateEvent
  • Improve tracing to align to Open Telemetry specification MCSDK-1992
  • Use one of the following ExternalFilesDir, FilesDir, CacheDir as a SDK log path from left to right based on availability(exists and writable) MCSDK-1949
  • MC 159.0, MCW-Android 156.1, H-Bridge 9.4, H-Android 20.1, A-L 8.3

Changed (KOBIL Shift Lite)

  • ExchangeIamToken does not allow requesting tokens for external services with same clientID/audience as the login MC token. It returns CannotAcquireTokenData result then. Please check and change your external services that they don't need such a token. MCSDK-1192
  • Allow get/set property events during transaction in progress state
  • Prevent unnecessary kex during get ast client data event handling by not doing kex if the event is used after login [beta; for specific customer projects only]

Added (KOBIL Shift Lite)

  • JWT Authentication Grant (aka SignedJWT) login mode (as a optional replacement of Offline Token login mode) MCSDK-1776
  • New 'EnableAuthModeEvent' event to be able to change authentication mode after login MCSDK-1979
  • New 'SwitchWorkspaceEvent' event for switching of workspaces/tenants.
  • Introduce getLogsPath function to SynchronousEventHandler which will return the logs path MCSDK-1949

[14.8] - 2024-02-27 (RC1)

Fixed

  • Reduced battery and cpu usage
  • TLS libary updated to fix CVE-2023-46218 and CVE-2024-0853 MCSDK-1904

Fixed (KOBIL Shift Lite)

  • Delete SSMS User in Shift Lite mode MCSDK-1902
  • Sporadic issue where responding to transaction fails with replay MCSDK-1898

Changed

  • MC 155.2, MCW-Android 152.7, H-Bridge 8.3, H-Android 19.18, TWV Proxy 12.12, A-L 8.2

Added (KOBIL Shift Lite)

  • Hardware backed keystorage [for specific customer projects only]

[14.6] - 2024-01-23 (RC5)

Fixed

  • ANR at Android 14 MCSDK-1792
  • Higher battery consumptions beginning with MC SDK 14.5 DS-5796

Changed

  • MC 153.8, MCW-Android 150.14, H-Bridge 7.21, H-Android 19.16, TWV Proxy 12.9, A-L 7.1

Changed (KOBIL Shift Lite)

  • New user device TMS certificates are generated with ECDSA instead of RSA. Old existing TMS certificates are unchanged. MCSDK-1812

Added (KOBIL Shift Lite)

  • New 'GetSsmsUserListEvent' and 'GetSsmsUserListResultEvent' events to allow clean up after migration from KOBIL Digitanium/Digitanium+ to KOBIL Shift [beta]
  • Configurable redirects and special commands in TWV MCSDK-1764 [beta; for specific customer projects only]
  • BDDK TMS flow use TMS signer certificate provided by AST CA service by CSR based on Secure Elements key pair [beta; for specific customer projects only]

[14.5] - 2023-12-05 (RC1)

Fixed

  • Security improvements MCSDK-1766
  • Java obfuscation issues with newer JDK and Gradle versions MCSDK-1766
  • Crash with 14.2/3/4 MCSDK-1766, DS-5587

Changed

  • Update to MC 153.3, MCW-Android 150.6, H-Bridge 7.11, H-Android 19.12, A-L 6.5

Added (KOBIL Shift Lite)

  • Optional 'server backend' parameter to override mc_config.json to allow switching server for migration from KOBIL Digitanium/Digitanium+ to KOBIL Shift [beta]

[14.4] - 2023-11-20 (RC2)

Note (KOBIL Shift Lite)

  • Support for Shift 0.143- will be removed in future, currently planned with next MC SDK release after 2024-11-30.

Fixed

  • (Android) Security improvements MCSDK-1716
  • Unnecessary H log entries MCSDK-1715

Fixed (KOBIL Digitanium, KOBIL Digitanium+)

  • Rare broken migration from MC SDK 14.2 because of Multi UDID MCSDK-1717

Changed

  • Update to MC 153.1, MCW-Android 150.4, H-Bridge 7.10, Common-H-Android 10.3, H-Android 19.11, A-L 6.3

Added (KOBIL Digitanium+, KOBIL Shift Lite)

  • Add IdpLoginRequiredEvent

Fixed (KOBIL Digitanium, KOBIL Digitanium+)

  • Digitanium Offline Function OTP MCSDK-1301 [beta]

Added (KOBIL Shift Lite)

  • mTLS, mKEX and BDDK flows [beta; for specific customer projects only]

[14.4] - 2023-11-20 (Changelog update)

  • Updated 14.0 changelog, section 'Added'
  • Updated 13.7 changelog, section 'Added (KOBIL Digitanium)'

[14.3] - 2023-10-31 (RC1)

Note

  • TLS connections to server using TLS 1.1 or sha1 certificates will be removed in future, currently planned with next MC SDK release after 2024-05-01. Please update your server side TLS endpoint configuration before.

Fixed

  • Security improvements (CVE-2023-38545) MCSDK-1653
  • Reduced size of MC library, improves load speed MCSDK-1657

Changed

  • Update to MC 152.1, MCW-Android 149.1

Added

  • TLS connections to server using TLS 1.1 or sha1 certificates. Server side TLS endpoint configuration is responsible for secure connections. Please use certificate pinning on client side if sha1 certificates still used. MCSDK-1591

[14.2] - 2023-10-13 (RC3)

Fixed

  • Multi UDID migration MCSDK-1595, MCSDK-1641
  • Get property issue after restart when restart happens during ongoing transaction MCSDK-1641
  • Start up time reduced in A-L
  • GettingStartedApp uses TWV thats compatible with Android System WebView 118.0+ MCSDK-1622

Fixed (KOBIL Digitanium, KOBIL Digitanium+)

  • Subsequent login fails with 34002006 after migration from mAST SDK 'MS8b' MCSDK-1575

Fixed (KOBIL Shift Lite)

  • In Shift unused sdk_config.xml file not needed any more MCSDK-1509
  • Redirect by GetIamAuthorisationCode response not followed MCSDK-1624

Changed

  • Updated to MC 149.0, MCW-Android 146.5, H-Android 19.10, H-Bridge 7.4, A-L 5.5
  • Code maintenance in H-Android and A-L MCSDK-1603

Added

  • Support for Android 14. Android 9 (Standard Support) / Android 7 (Extended Support) will be removed 2024-04-04.
  • Security improvements MCSDK-1639

[14.1] - 2023-09-05 (RC1b)

Fixed

  • Sometimes wrong StartEvent after wake up (e.g. push notification) MCSDK-1504, DS-4883, KHC-4168

Changed

  • Updated to MC 147.3, MCW-Android 145.6, H-Android 19.6, H-Bridge 6.8, A-L 5.3

Added

  • Security improvements MCSDK-1505, DS-4642

Added (KOBIL Shift Lite)

  • Temporary switch from App Auth mode PASSWORD to BIOMETRY MCSDK-1522, DS-5013, KHC-4258

[14.0] - 2023-09-27 (Changelog update)

  • Updated 14.0 changelog for KOBIL Digitanium+ customer
  • Updated 14.0 changelog for all customer and changes about "SSL library".

[14.0] - 2023-07-26 (RC4)

Note

  • Because apps with older MC SDK versions have on some devices noticeable lower performance on Android 14 Beta 4 we recommended to set a mandatory app update to an app with this MC SDK.
  • To prevent your app against some UI attacks (e.g. Overlay attacks), please use KOBIL's UI hardening https://developer.kobil.com/Mc-docs/14/hardening/android_ui_hardening
  • Please check all changes describe in "Changed ..."

Note (KOBIL Shift Lite)

Fixed

  • Noticable lower performance on some devices with Android 14 Beta 4 (all older MC SDK where effected) MCSDK-1451 DS-4554
  • Sporadic crashes with SDKExitReport: 58 MCSDK-1367
  • Presentation of risks bits MCSDK-1408
  • Some ARMv7 (32 Bit) devices crashes with false positive memory manipulation (188) of KOBIL's App Shielding protection. Issue introduced with MC SDK 13.8. MCSDK-1422

Fixed (KOBIL Shift Lite)

  • Error handling on certain IDP errors (to prevent unnecessary usage of token revoked on IDP side) MCSDK-1346
  • When user switches from App Auth mode NO to BIOMETRY and cancels biometric authentication they can proceed to login with Auth mode NO MCSDK-1394, MCSDK-1395

Changed

  • Updated to MC 147.2, MCW-Android 145.3, H-Android 19.4, H-Bridge 6.4, A-L 4.6
  • Used SSL library is updated to new major version, TLS connections to unsecure sha1 server and without secure renegotiation are not supported any longer MCSDK-1150
  • RestartResultEvent is now send for internal triggered restart MCSDK-1347, make sure your app can react to a RestartResultEvent at any time, see https://developer.kobil.com/Mc-docs/14/start

Changed (KOBIL Digitanium, KOBIL Digitanium+)

  • QA testing for unsupported SSMS versions removed, please use latest 2.12 or 3.7

Changed (KOBIL Shift Lite)

  • KOBIL Shift Lite 0.107 and lower is not working any more
  • KOBIL Shift Lite 0.116 and lower is not tested any more

Added

Added (KOBIL Digitanium)

Added (KOBIL Digitanium+)

Added (KOBIL Shift Lite)

[13.8] - 2023-04-28

Note

  • Additional libraries need to be used now: hardening, hardeningBridge. To include all libraries at once the included mcw_build.gradle can be used, by adding: apply from: '../artifacts/libs/mcw_build.gradle' in your :app:build.gradle

Fixed

  • Google Pixel 6a shows a false positive at root detection MCSDK-1143

Fixed (KOBIL Shift Lite)

  • Clean token when Offline Token is returned as invalid MCSDK-1193

Changed

  • Updated to MC 139.0, MCW-Android 137.0
  • Updated to H-Android 18.0 (using bridge)

[13.7] - 2023-04-11/26

Fixed (KOBIL Digitamium/Digitanium+)

  • Sporadic update issues from MC SDK 10.0 to MC SDK 13.x by implementing a failsafe mechanism for keystorage DS-4008

Changed

  • Updated to MC 137.0, MCW-Android 134.0

Added

  • Allow app to set Trace ID for MC calls MCSDK-1070

Added (KOBIL Digitanium)

  • Global PIN MCSDK-1145 [beta]

Added (KOBIL Shift Lite)

  • Device name can be set via SetDeviceNameEvent

[13.6] - 2023-04-03

Fixed

  • Some Suspend-Resume issues (seen as an exception in cloud based crash collectors) KPC-9 DS-2928
  • False positive of root detection DS-3943

Fixed (KOBIL Shift Lite)

  • Broken activation when aborting biometry because of not stored userId DS-3975

Fixed (KOBIL Digitanium/Digitanium+)

  • sdk_config.xml issues

Changed

  • Updated to MC 134.1 , MCW-Android 131.3, H-Android 17.9

Added

  • Allow root+cross certificates with same public key for TLS certificate pinning
  • Improved MC logging for TLS errors
  • Magisk root detection DS-3559

[13.5] - 2023-03-09

Fixed

  • Possible Deadlock on Restart KHC-3369 DS-3876

Changed

  • Updated to MC 131.2, MCW-Android 129.1

[13.4] - 2023-02-17

Fixed

  • GetProperty issue after sending RestartEvent KHC-3185 DS-3669
  • Get/Set Property issue after GetAstClientData with empty userID KHC-3236 DS-3730
  • ActivateEvent with AutoLogin issue after receiving status=WRONG_CREDENTIALS

Changed

  • Updated to MC 129.0, MCW-Android 128.2

[13.3] - 2023-01-30

Fixed

  • Device properties with KOBIL Shift KHC-3020 DS-3460 MCSDK-996
  • Slow Restart event KHC-3117 DS-3586 MCSDK-1006

Changed

  • Updated to MC 127.5, MCW-Android 126.5
  • Remove auth mode from ExchangeIamTokenEvent and use the one cached during the latest online login
  • Extend ExchangeIamTokenEvent to be able to request a force update of a stored IAM Token

[13.2] - 2023-01-10 - not released

Fixed

  • Device binding when upgrading app from AST-SDK to MC-SDK
  • Permission error with Android v7-v9

Changed

  • Updated to MC 126.0, MCW-Android 125.1, H-Android v17.3
  • Refactored integration tests in GettingStartedApp
  • Upgrade Gradle and other dependencies in GettingStartedApp

[13.1] - 2022-12-14

Fixed

  • Device architecture representation for KOBIL Shift (needed for AppIntegrityCheck)

Changed

  • Updated to MC 124.0, MCW-Android 123.0

[13.0] - 2022-12-02

Fixed

  • GettingStartedApp's delayed start event removed

Changed

  • Updated to MC 123.1, MCW-Android 122.1
  • Removed unneeded internal error code, for more usability according to customer feedback
  • GettingStartedApp cleanup to have a better code understanding
  • GettingStartedApp switched to one-step flows samples

Added

  • Support setting Push Notification Token and Locales for localized push notifications in KOBIL Shift
  • Enhanced SDK with one-step flows to satisfy customer feedback. We recommened to use those. Old flows are still available for backward compatibility
  • Enhancements in hardening components

[12.0] - 2022-07-27

Added

  • Shift support
  • Biometric Login
  • new improved root/Magisk detection

Fixed

  • Umlauts in sdk_config.xml (DS-2346)

Changed

  • Updated targetSDK and compileSDK to 32
  • Updated gradle structure to support gradle 7.3.3
  • Updated android dependencies
  • Updated to MC 116.0, MCW-Android 115.1
  • Updated CertPinningProxy to 10.1
  • fixed behavior bugs in example app
  • refactoring of asset usage

[11.0] - 2022-02-04

Changed

  • Updated dependencies MasterController 100.0 CertPinningProxy 9.7
  • switched from using scp_config.json to mc_config.json
  • Add parameter to set SmartScreen certificate chain via StartEvent/RestartEvent
  • fix connectionState issue (DS-1861)

[10.0] - 2022-01-14

Added

In SDK

  • Add ExchangeIamToken and ExchangeIamTokenResult events
  • New way of acquire DM key (CB-794)
  • Use Offline Token to acquire new Access Token and Refresh Token (CB-792)
  • New token handling (ssms part) (CB-830)
  • New DataModel and Token handling (CB-777)
  • New Flow for Request Token form Ui side (CB-793)

Changed

In SDK

  • Updated dependencies: MasterController 97.0, DataModel 63.0, ConnectionManager 57.0, hardening 16.0

  • Replace RestEndpointIdentifier::kMaverick with kMaverickPropertiesService, kMaverickCaService and kMaverickStreamService

  • Remove GetTokenCryptoKeyFromKeyStorageEvent, GetTokenCryptoKeyByBiometricDataEvent, GetTokenCryptoKeyResultEvent, StoreTokenCryptoKeyInKeyStorageEvent, StoreTokenCryptoKeyInKeyStorageResultEvent

[9.0] - NOT RELEASED

Added

In SDK

  • Add Maverick rest endpoint identifier
  • Introduce GetIamAccessTokenClaimsEvent, GetIamAccessTokenClaimsResultEvent
  • Add GetAstClientDataEvent, GetAstClientDataResultEvent, SetAuthorisationCodeEvent, SetAuthorisationCodeResultEvent, StartResultEvent, OfflineLoginEvent, OfflineLoginResultEvent
  • Add StatusType.OFFLINE_NOT_ACTIVATED
  • Add status to RestartResultEvent
  • Add SdkState enum
  • Add SdkState to StartResultEvent, RestartResultEvent
  • Add VerifyPushContentEvent and VerifyPushContentResultEvent
  • Add MessageFlag class
  • Add flags to Message object
  • Add new MessageStatus: DISCOUNT
  • Add TagType enum, MuteUserEvent, MuteUnmuteResultEvent, UnmuteUserEvent, MuteConversationEvent, UnmuteCoversationEvent. (CB-841)
  • Add GetIamAuthorizationCodeEvent, GetIamAuthorizationCodeResultEvent (CB-866)
  • Add ActivateEvent, ActivateWithTokenEvent, AddUserEvent, AddUserWithTokenEvent, ReactivationEvent, DeleteUserEvent for one-step flows (CB-805)

Changed

In SDK

  • Updated dependencies: MasterController 96.0, DataModel 63.0, ConnectionManager 57.0, Android L. 3.2, boost 8.1, MiMoSe 37.0, LoggingFramework 20.0, EventFramework 28.0, ETAdapter 39.0, curl 14.0, openssl 13.0, nghttp2 12.0, hardening 15.6, JniInterface 6.2, CertPinningProxy 9.3, PW 1.2

  • Make possible calls for GetSmartScreenSectionsEvent, GetSmartScreenServiceEvent, GetSmartScreenMediaEvent and SearchSmartScreenServicesEvent before login

  • Change SetPropertyResultEvent replace GetErrorCode by GetSetPropertyResultErrorCode and GetSubSystem by GetSetPropertyResultSubSystem

  • Remove old service events: GetServiceAttributes, GetServiceAttributesResult, ServiceAttributesModified, ServiceAttributesRemoved, GetServiceVersionEvent, GetServiceVersionResultEvent, GetServiceVersionsEvent, GetServiceVersionsResultEvent, ServiceVersionChangedEvent, GetServiceVersionDataEvent, GetServiceVersionDataResultEvent, GetServiceProviderVersionsEvent, GetServiceProviderVersionsResultEvent, GetServiceProviderUsersEvent, GetServiceProviderUsersResultEvent, ServiceVersionRemovedEvent, GetServiceProviderVersionsByFreeTextSearch, GetServiceProviderVersionsByFreeTextSearchResult, SetServiceUsage, SetServiceUsageResult, GetServicePicture, GetServicePictureResult, ServiceChangedEvent, ServiceRemovedEvent

  • Remove PushReceivedEvent

  • Extend SmartScreenService object to get conversation id. Allow chatting for smart screen services (CB-788)

  • Fix CreateHttpCommonRequestResultEvent to support HTTP response headers with the same key (CB-859)

  • Fix avoid dead lock with transaction and get pro (CB-862)

  • Fix Pixel 6/Android 12 support

In Getting Started App

  • added Proguard rules in Getting Started App
  • Changed Android min. SDK to 23 in Getting Started App
  • fixed update flow in Getting Started App (MCSDK-506, MCSDK-507, MCSDK-509, MCSDK-510)
  • fixed log export in Getting Started App(MCSDK-508)
  • fixed push when Getting Started App is in Background (MCSDK-505)

[8.0] - 2021-09-07

Added

  • Update function in the app

Changed

  • All forwardEvents converted to postEvents in the app (MCSDK-470)
  • Update to MC83.1
  • Security improvement in the MCSDK Lib