Skip to main content

Changelog

All notable changes will be documented in this file.

[15.7] - 2024-01-15

Fixed (KOBIL Shift Lite)

  • iOS Secure Enclave Device PIN issues

Changed

  • MC 170.2, MCW-iOS 173.2, H-Bridge 11.1

[15.6] - 2024-11-20

Fixed (KOBIL Shift Lite)

  • DeviceOwnerAuthenticationWithBiometrics policy is now evaluated when accessing keys in the keychain. WIN-225

Added (KOBIL Shift Lite)

  • Introduced a new minimumKeyProtection configuration in the 'maverick' section (KHC-5775), supporting:
    • ALLOW_VIRTUAL_SMART_CARD
    • ENFORCE_HARDWARE
    • ENFORCE_STRONG_HARDWARE.
  • Added a fallback mechanism for iOS/Android devices without hardware keystore support. This requires minimumKeyProtection configuration to be explicitly set to ALLOW_VIRTUAL_SMART_CARD along with the necessary flags enabled to permit this mode.
  • mkex_key_protection and tms_key_protection parameters added to SetAuthorisationCodeResultEvent for determining key protection levels during the flow.
  • minimumKeyProtection must NOT be switched while there is an already activated user.

Changed

  • MC 169.0, MCW-iOS 172.0, H-Bridge 11.0, KSSIDP 1.0.6

Changed (KOBIL Digitanium / Digitanium+)

  • Removed 32-byte PIN restriction when SSMS is used as the AST Server Backend. KHC-5727

Changed (KOBIL Shift Lite)

  • Automatic certificate renewal for mTLS before expiration.
  • Self-signed JWT tokens expiring within 28 days are now refreshed automatically.

[15.5] - 2024-09-06

Fixed (KOBIL Shift Lite)

  • Fixed a sporadic issue where TMS cannot be accepted after fresh activation if we don't have the TMS certificate yet.
  • Fixed an issue where TMS notification(TriggerBannerEvent) cannot be sent or sent too late if there were multiple TMS SSE's received. KHC-5736
  • Fixed an issue where TMS notification(TriggerBannerEvent) cannot be sent if TMS SSE received too early during login/activation, leading to invalid state. KHC-5102
  • Fixed a sporadic issue with handling set property events when using maverick backend whch leads to property encryption failure.

Added

  • DisplayConfirmationResult and TransactionEnd events now propagate server error if there was one.

Changed

  • MC 167.0, MCW-iOS 171.0, H-Bridge 9.13

[15.4] - 2024-08-19

Fixed (KOBIL Shift Lite)

  • Token exchange issue while using the refresh token mapped to audience after the exchanged token expires against idp5. KHC-5568

Added

  • to-string functionality to invalid state event to print error message to logs.

Changed

  • Improved jailbreak detection
  • MC 165.0, MCW-iOS 169.0, H-Bridge 9.9

[15.3] - 2024-07-23

Fixed (Digitanium)

  • A crash that happens after calling GenerateOtp when not logged in MCSDK-1720

Added (KOBIL Shift Lite)

  • Missing error code propagation for biometric authentication to LoginResult event
  • Handle certificate revocation MCSDK-2256
  • An incorrect sdk state issue after failed biometric authentication during SetAuthorizationCode event MCSDK-2261, WIN-99
  • Invalid state during OfflineLogin due to workspace switching
  • A condition where multiple restart events can be processed simultaneously.
  • A condition where suspend is executed while a restart event is ongoing leading to a freeze.

Changed

  • Improve digest calculation for third party frameworks KHC-4467
  • MC 163.0, MCW-iOS 167.0, H-Bridge 9.7

[15.2] - 2024-07-12

Fixed

  • A crash caused by HandleMcInternalEvent KHC-5357, KHC-5303

Fixed (KOBIL Shift Lite)

  • Transactions text can be delivered in default language

Added (KOBIL Shift Lite)

  • Added new IDP5 error handling to optional KSSIDP library MCSDK-2040

Changed (KOBIL Shift Lite)

  • MCSDK now supports both IDP 4 and IDP 5 MCSDK-2008

Changed

  • Update SSL library
  • Updated sqlite KHC-5326
  • MC 162.1, MCW-iOS 166.3, H-Bridge 9.6, KSSIDP 1.0.0

[15.1] - 2024-06-07

Fixed

  • Rare case of login failure when migrating from ASTSDK to MCSDK. DS-6464 DS-6440 DS-6468 DS-5696 KHC-5333 KHC-5310 KHC-5336 KHC-4714

Added

  • New logging framework based on spdlog. MCSDK-2123
  • Handle Client Disconnect event. KHC-3618 MCSDK-1596
  • Introduce websockets support in order to trigger a transaction
  • Added Logic to open Biometric Settings Page, when Biometric is not set up on device but user wants to use it.

Added (KOBIL Shift Lite)

  • Added one-time Auth-mode Password when Biometry is canceled

Changed

  • MC 161.0, MCW-iOS 165.1, H-Bridge 9.4

[15.0] - 2024-05-15

Note (KOBIL Shift Lite)

  • ExchangeIamToken does not allow requesting tokens for external services with same clientID/audience as the login MC token. Please check and change your external services that they don't need such a token. MCSDK-1192

Fixed (KOBIL Digitanium / Digitanium+)

  • Rare case where LoginResultEvent was not received after upgrading from AST-SDK to MC-SDK. KHC-4714 MCSDK-1988

Fixed (KOBIL Shift Lite)

  • Ability to obtain astClientId value after Login event KHC-5027 MCSDK-2097

Changed

  • New error_message field into InvalidStateEvent
  • Improve tracing to align to Open Telemetry specification MCSDK-1992
  • MC 159.0, MCW-iOS 163.0, H-Bridge 9.3

Changed (KOBIL Shift Lite)

  • ExchangeIamToken does not allow requesting tokens for external services with same clientID/audience as the login MC token. It returns CannotAcquireTokenData result then. Please check and change your external services that they don't need such a token. MCSDK-1192
  • Allow get/set property events during transaction in progress state
  • Prevent unnecessary kex during get ast client data event handling by not doing kex if the event is used after login [beta; for specific customer projects only]

Added (KOBIL Shift Lite)

  • JWT Authentication Grant (aka SignedJWT) login mode (as a optional replacement of Offline Token login mode) MCSDK-1776
  • New 'EnableAuthModeEvent' event to be able to change authentication mode after login MCSDK-1979
  • New 'SwitchWorkspaceEvent' event for switching of workspaces/tenants.

[14.9] - 2024-04-24 (RC1)

Fixed

  • App integrity check false positive failures KHC-5160 KHC-5170

Changed

  • H-Bridge 7.17

[14.8] - 2024-02-20 (RC1)

Fixed (KOBIL Shift Lite)

  • Delete SSMS User in Shift Lite Mode
  • Sporadic issue where responding to transaction fails with replay MCSDK-1898

Changed

  • Improve iOS App Integrity Check MCSDK-1900
  • MC 155.2, MCW-iOS 157.6, H-Bridge 8.2

[14.7] - 2024-02-12 (RC1)

Fixed

  • Potential LoginResultEvent not receiving. MCSDK-1877

Changed

  • MC 155.0, MCW-iOS 157.2, H-Bridge 8.1

[14.6] - 2024-01-22 (RC2)

Fixed

  • Undefined state error instead of request to activate user device after restoring app from iOS backup. Caused by not excluded device related files from iOS backup. MCSDK-1794

Changed

  • MC 153.8, MCW-iOS 155.13, H-Bridge 7.17

Changed (KOBIL Shift Lite)

  • New user device TMS certificates are generated with ECDSA instead of RSA. Old existing TMS certificates are unchanged. MCSDK-1812

Added (KOBIL Shift Lite)

  • Optional 'server backend' parameter to override mc_config.json to allow switching server for migration from KOBIL Digitanium/Digitanium+ to KOBIL Shift [beta]
  • New 'GetSsmsUserListEvent' and 'GetSsmsUserListResultEvent' events to allow clean up after migration from KOBIL Digitanium/Digitanium+ to KOBIL Shift [beta]
  • BDDK TMS flow use TMS signer certificate provided by AST CA service by CSR based on Secure Elements key pair [beta; for specific customer projects only]

[14.4] - 2023-11-20 (RC2)

Note (KOBIL Shift Lite)

  • Support for Shift 0.143- will be removed in future, currently planned with next MC SDK release after 2024-11-30.

Fixed

  • Unnecessary H log entries MCSDK-1715

Fixed (KOBIL Digitanium, KOBIL Digitanium+)

  • Rare broken migration from MC SDK 14.2 because of Multi UDID MCSDK-1717

Changed

  • Update to MC 153.1, MCW-iOS 155.0, H-Bridge 7.10, Common-H-iOS 10.3, H-iOS 22.5

Fixed (KOBIL Digitanium, KOBIL Digitanium+)

  • Digitanium Offline Function OTP MCSDK-1301 [beta]

Added (KOBIL Digitanium+, KOBIL Shift Lite)

  • Add IdpLoginRequiredEvent

Added (KOBIL Shift Lite)

  • mTLS, mKEX and BDDK flows [beta; for specific customer projects only]

[14.4] - 2023-11-20 (Changelog update)

  • Updated 14.0 changelog, section 'Added'
  • Updated 13.7 changelog, section 'Added (KOBIL Digitanium)'

[14.3] - 2023-10-31 (RC1)

Note

  • TLS connections to server using TLS 1.1 or sha1 certificates will be removed in future, currently planned with next MC SDK release after 2024-05-01. Please update your server side TLS endpoint configuration before.

Fixed

  • Security improvements (CVE-2023-38545) MCSDK-1653
  • Reduced size of MC library, improves load speed MCSDK-1657
  • Sporadic biometry error after app kill MCSDK-1606

Changed

  • Update to MC 152.1, MCW-iOS 154.2, H-Bridge 7.4, Common-H-iOS 10.2

Added

  • TLS connections to server using TLS 1.1 or sha1 certificates. Server side TLS endpoint configuration is responsible for secure connections. Please use certificate pinning on client side if sha1 certificates still used. MCSDK-1591

[14.2] - 2023-10-13 (RC1)

Fixed

  • Multi UDID migration MCSDK-1595, MCSDK-1641
  • Get property issue after restart when restart happens during ongoing transaction MCSDK-1641

Fixed (KOBIL Digitanium, KOBIL Digitanium+)

  • Subsequent login fails with 34002006 after migration from mAST SDK 'MS8b' MCSDK-1575

Fixed (KOBIL Shift Lite)

  • In Shift unused sdk_config.xml file not needed any more MCSDK-1509
  • Redirect by GetIamAuthorisationCode response not followed MCSDK-1624

Changed

  • Updated to MC 149.0, MCW-iOS 151.4, H-Bridge 7.3

[14.1] - 2023-09-07 (RC1b)

Fixed

  • Sometimes wrong StartEvent after wake up (e.g. push notification) MCSDK-1504, DS-4883, KHC-4168

Fixed (KOBIL Digitanium+)

  • Improved example code app "GettingStartedApp2"

Changed

  • Updated to MC 147.3, MCW-iOS 150.7, H-Bridge 6.7

Added

  • Support for iOS 17. iOS 15 (Standard Support) / iOS 14 (Extended Support) will be removed 2024-03-18.

Added (KOBIL Shift Lite)

  • Temporary switch from App Auth mode PASSWORD to BIOMETRY MCSDK-1522, DS-5013, KHC-4258

[14.0] - 2023-09-27 (Changelog update)

  • Updated 14.0 changelog for KOBIL Digitanium+ customer
  • Updated 14.0 changelog for all customer and changes about "SSL library".

[14.0] - 2023-08-03 (RC4b)

Note

  • Please check all changes describe in "Changed ..."

Note (KOBIL Shift Lite)

Fixed

  • Undefined symbols for TraceContext MCSDK-1223
  • Presentation of risks bits MCSDK-1408

Fixed (KOBIL Shift Lite)

  • Error handling on certain IDP errors (to prevent unnecessary usage of token revoked on IDP side) MCSDK-1346
  • When user switches from App Auth mode NO to BIOMETRY and cancels biometric authentication he can still login with token from NO mode MCSDK-1394, MCSDK-1395

Changed

  • Updated to MC 147.2, MCW-iOS 150.5, H-iOS 22.1, H-Bridge 6.4
  • Used SSL library is updated to new major version, TLS connections to unsecure sha1 server and without secure renegotiation are not supported any longer MCSDK-1150
  • RestartResultEvent is now send for internal triggered restart MCSDK-1347, make sure your app can react to a RestartResultEvent at any time, see https://developer.kobil.com/Mc-docs/14/start

Changed (KOBIL Digitanium, KOBIL Digitanium+)

  • QA testing for unsupported SSMS versions removed, please use latest 2.12 or 3.7

Changed (KOBIL Shift Lite)

  • KOBIL Shift Lite 0.107 and lower is not working any more
  • KOBIL Shift Lite 0.116 and lower is not tested any more

Added

  • Other Security improvements MCSDK-1288
  • Allow App UI to set the TraceHeader/TraceId used by MC (to combine all calls of a use case to one trace) MCSDK-1070
  • Setting log level for productive apps is better explained, see https://developer.kobil.com/Mc-docs/14/export-logs
  • Setting trace identifier by app MCSDK-1070 [beta]

Added (KOBIL Digitanium)

Added (KOBIL Digitanium+)

Added (KOBIL Shift Lite)

[13.8] - 2023-04-28

Note

  • Additional framework needs to be used now: hnb.xcframework

Fixed

  • Undefined symbol: OBJC_CLASS$_KsSmartScreenContentEntry DS-4008

Fixed (KOBIL Shift Lite)

  • Clean token when Offline Token is returned as invalid MCSDK-1193

Changed

  • Updated to MC 139.0, MCW-iOS 142.0, H-iOS 21.0 (using bridge)

[13.7] - 2023-04-11/26

Fixed (KOBIL Shift Lite)

  • Broken activation when aborting biometry because of not stored userId DS-3975

Fixed (Digitanium/Digitanium+)

  • Sporadic update issues from MC SDK 10.0 to MC SDK 13.x by implementing a failsafe mechanism for keystorage DS-4008
  • sdk_config.xml issues

Changed

  • Updated to MC 137.0, MCW-iOS 140.0, H-iOS 20.1

Added

  • Allow app to set Trace ID for MC calls MCSDK-1070
  • Allow root+cross certificates with same public key for TLS certificate pinning
  • Improved MC logging for TLS errors

Added (KOBIL Digitanium)

  • Global PIN MCSDK-1145 [beta]

Added (KOBIL Shift Lite)

  • Device name can be set via SetDeviceNameEvent

[13.6] - not released

[13.5] - 2023-03-09

Fixed

  • Deadlock when triggering RestartEvent KHC-3185 DS-3876

Changed

  • Updated to MC 131.2, MCW-iOS 135.1

[13.4] - 2023-02-18

Fixed

  • GetProperty issue after sending RestartEvent KHC-3185 DS-3669
  • Get/Set Property issue after GetAstClientData with empty userID KHC-3236 DS-3730
  • ActivateEvent with AutoLogin issue after receiving status=WRONG_CREDENTIALS

Changed

  • Updated to MC 129.0, MCW-iOS 134.2

[13.3] - 2023-01-30

Fixed

  • Device properties with KOBIL Shift KHC-3020 DS-3460 MCSDK-996
  • Slow RestartEvent KHC-3117 DS-3586 MCSDK-1006

Changed

  • Updated to MC 127.5, MCW-iOS 132.5
  • Remove auth mode from KSMExchangeIamTokenEvent and use the one cached during the latest online login
  • Extend KSMExchangeIamTokenEvent to be able to request a force update of a stored IAM Token

[13.2] - 2023-01-10 - not released

Changed

  • Updated to MC 126.0, MCW-iOS 131.0

Added

  • libs for testing with iOS simulator KHC-2972 DS-3405 KHC-2998 DS-3438

[13.0] - 2022-12-02

Fixed

  • GettingStartedApp's delayed start event removed

Changed

  • Updated to MC 122.0, MCW-iOS 128.0
  • Removed unneeded internal error code, for more usability according to customer feedback
  • GettingStartedApp cleanup to have a better code understanding
  • GettingStartedApp switched to one-step flows samples

Added

[12.0] - 2022-08-11

Added

  • Shift Support
  • Biometric Login with IDP-Token Login

Fixed

  • GettingStartedApp bugs
  • GettingStartedApp cleanup

Changed

  • Updated to MC 116.0, MCW-iOS 122.0
  • Refactoring of configuration usage in GettingStartedApp

[10.1.3] - 2022-04-25

Changed

  • Updated to MC 108.0, MCW-iOS 115.0
  • Removed deprecated event status

[10.1.2] - 2022-03-16

Changed

  • Updated to MC 105.0, MCW-iOS 111.0

[10.1.1] - 2022-02-04

Changed

  • Updated to MC 100.0, MCW-iOS 106.1
  • GettingStartedApp uses mc_config.json instead of scp_config.json

[10.0] - 2022-01-20

Changed

  • Updated to MCW-iOS 101.0
  • Also update IDP-Token Login handling flow. Remove all local storage of token & authorization code.
  • Changed to xcf framework [SM-553]

[9.0] - 2021-12-16

Added

  • Support for iOS 11 and 12
  • New test environments in GettingStartedApp

Changed

  • Updated to MC 94.1, MCW-iOS 99.2
  • Removed deprecated test environments in GettingStartedApp

[8.0] - 2021-09-07

Added

  • Update function in GettingStartedApp

Changed

  • All forwardEvents converted to postEvents in the app [MCSDK-470]
  • Updated to MC 84.0, MCW-iOS 89.1
  • Security improvement