# Changelog For a seamless SDK integration make sure to follow the section [getting started](https://docs.keyless.io/consumer/mobile-sdk-guide/getting-started). {% hint style="success" %} You can check all the prerequisites that your app must meet for a successsful SDK integration under the [prerequisites section](https://docs.keyless.io/consumer/mobile-sdk-guide/getting-started#prerequisites). {% endhint %} {% hint style="info" %} Please note releases marked as `release candidate - rc` are available to selected customers in advance of the official release via `partners-rc` cloudsmith repo. Please note regression tests and QA activity is incomplete and we strongly advise against shipping these versions into production environments. {% endhint %} *** ### 5.8.0 Android * **Added Kotlin 2 and Ktor 3 support** * **Potential breaking changes -** *The adoption of Ktor 3 might result in a breaking change for SDK consumers, with some changes required in specific setups. The last known Ktor 2 version is* [*v2.3.13*](https://github.com/ktorio/ktor/releases/tag/2.3.13)*, dated November 2024. Please follow the* [*official migration instructions*](https://ktor.io/docs/migrating-3.html)*.* ### 5.7.3 **Highlights** * **Live feedback** **for Authentication UI** * Instructions to guide the user to a successful authentication so that the user can address the liveness requirements in real time have now been added, as per the Enrollment UI. * **Lighter touch Enrollment or Recovery flows** * We introduced a [**PresentationStyle**](https://docs.keyless.io/consumer/mobile-sdk-guide/enrollment#presentation-style) configuration parameter for enrollment: it is now possible to perform an enrollment showing a UI that is similar to the authentication UI (acting as overlay on top of the customer application). * **Multiple Secret support** * We now support more than one [custom secret](https://docs.keyless.io/consumer/mobile-sdk-guide/enrollment#custom-secret). It is possible to provide an identifier for a secret and store multiple secrets in the Keyless SDK. * **Biometric Model update** * We continue to iterate on our biometric model with the goal of preventing malicious attacks. ### 5.5.0 **Anti-Inject variant** *Only for customers using the Keyless Anti-Inject SDK variant* * Biometric assets are now encrypted leveraging the Anti-Inject SDK signing functionalities. **Fixes** * Removed an issue where the SDK occasionally triggered a crash if the user tapped the "X" button at a specific point after the enrollment selfie had been captured. *** ### 5.4.1 **Deprecations** * We updated our liveness levels naming as follow | Before | After | | ---------------------------- | ----------- | | PASSIVE\_STANDALONE\_MEDIUM | DEVELOPMENT | | PASSIVE\_STANDALONE\_HIGH | LEVEL\_1 | | PASSIVE\_STANDALONE\_HIGHEST | LEVEL\_2 | The PASSIVE\_STANDALONE\_\* ones are now deprecated. The default is set to be `LEVEL_1`. For more details refet to [Liveness Settings](https://docs.keyless.io/consumer/mobile-sdk-reference/liveness-settings) section. **Fixes** * iOS: return pin error instead of generic error if the pin inserted by the user is the wrong pin. *** ### 5.4.0 **Breaking Change** * We updated the cloudsmith artifacts' naming convention, with a summary of the changes as follows: ``` Android: from keyless-android-sdk to keyless-mobile-sdk iOS (SPM): from keyless.KeylessSDK to keyless.mobile-sdk iOS (CocoaPods): from KeylessSDK to keyless-mobile-sdk ``` Please follow the [getting started](https://docs.keyless.io/consumer/mobile-sdk-guide/getting-started) to fetch the latest version. *** ### 5.3.3 **Highlights** * We have now switched the liveness environment aware configuration default to `livenessEnvironmentAware = false`. For more details in go to [Liveness Settings](https://docs.keyless.io/consumer/mobile-sdk-reference/liveness-settings) section. *** ### 5.3.2 **Anti-Inject variant** *Only for customers using the Keyless Anti-Inject SDK variant* * Fine-tune error `error code: 40002, error message: device might not be genuine` based on updated security level. ### 5.3.1 iOS **Fixes** * Avoid stripping debug symbols in order to run on iOS simulators. *** ### 5.3.0 **Highlights** * The existing lockout policy is now applied for enrollment using the client state. See the [lockout policy](https://docs.keyless.io/consumer/mobile-sdk-reference/lockout-policy#v-5.0.0-and-above) page for all details. **Fixes** * Improved Error Handling for Spoofing errors: the SDK will return a Rejected taking into consideration internal filters. The Rejected error will take precedence over the incorrect Spoofing error. **Anti-Inject variant** *Only for customers using the Keyless Anti-Inject SDK variant* * Upon calling `Keyless.configure` you will now get an error if we detect that device is not genuine. The error is `error code: 40002, error message: device might not be genuine`. You shall redirect your users through a different flow since Keyless configuration will fail and it won't not possible to enroll or authenticate. *** ### 5.2.1 **Highlights** * Introduced a **Client State** type for clearer Client State handling. * This change means that on the [Keyless dashboard](https://dash.keyless.io/), customers using this SDK version and above will be able to see the type of "Keyless Client Devices" on the individual user pages. * This clears up the confusion where "Devices" of the users were displayed but there was no way to distinguish bound client devices (now labelled 'Device Type: SDK) or client states stored or used by integrator to authenticate users in future using temporary or backup client states (Device Type: Temporary or Backup). **Deprecations** * **Temporary State** terminology is now deprecated in favor of **Client State**. * Flows such as Enroll from Temporary State, for example, will be deprecated having made Enroll from Client State available as a direct replacement. * This is to clean-up a legacy issue where the terms Temporary State and Client State were used interchangeably. * From now on Client State is the preferred term and has two types: `Temporary` and `Backup` , and represents the non-pii data stored or leveraged by customer to support future authentications on Mobile or Web SDK, such as a [new device activation](https://docs.keyless.io/consumer/mobile-sdk-use-cases/guide-account-recovery/new-device-activation) flow. *** ### 5.2.0 **Highlights** * UI: optionally display a chip to show a loader before an authentication. This has been added as in some instances integrators have found there is a slight delay for the camera preview to open. * Check the Authentication loading in the [Text UI customization](https://docs.keyless.io/consumer/mobile-sdk-reference/ui-customization#text) section for more details. **Fixes** * Fix: For the error xMinPercentage is not in valid range \[0.0..1.0] - Region of interest will be full screen in case we get inconsistent values. * Note we believe this error was particularly prevalent on foldable devices or tablets but should be largely resolved from this release onwards. * Fix: update tensorflow to resolve a [known issue](https://github.com/tensorflow/tensorflow/issues/75815) that was causing a crash in a very low % of cases on android devices. **Breaking changes** * Removed the deprecated configuration builders. We believe that all of our customers have npw already moved to the remaining configuration: `SeutpConfig`, `EnrollConfig`, `AuthConfig`, and `DeEnrollConfig` and therefore no action is required. * Removed deprecated `UserInfo` APIs. * Removed the possibility to specify a path to Keyless artifacts introduced in version [4.7.3](https://docs.keyless.io/consumer/mobile-sdk-changelog/changelog#id-4.7.3). *** ### 5.1.4 *Only for customers using the Networking module feature* **Fixes** * Fix (Android): camera deprecation issues on Samsung Galaxy A23. * Fix (iOS): off-load networking module lockout request from the main thread. *** ### 5.1.3 *Only for customers using the Networking module feature* **Fixes** * Fix: additional call on protocol level for information on rate limited requests. *** ### 5.1.2 Android **Highlights** * 16 KB page size support - [official docs](https://developer.android.com/guide/practices/page-sizes). *** ### 5.1.1 **Highlights** *Only for customers using the Keyless Anti-Inject variant for enhanced frames injection prevention* * Build variant is available for selected customers through `partners-rasp`. * Improved initialization performance for frames injection prevention to enhance the overall experience by reducing load times. **Fixes** * Fix (Android): camera resolution issues on Samsung Galaxy A23. *** ### 5.1.0 **Highlights** * **Enrollment Frame**: Integrators can specify whether or not to retrieve an enrollment frame, acquired during the user’s selfie capture during the enrollment or account recovery flow. See details in [Enrollment Frame](https://docs.keyless.io/consumer/mobile-sdk-guide/enrollment#enrollment-frame) section. * **Enhanced Anti-Inject**: this release introduces a new option for enhanced injection attack prevention. *** ### 5.0.5 iOS - 5.0.6 Android **Highlights** * **Environment-Aware Liveness Detection**: a new, optional check has been introduced to enhance liveness detection helping to ensure the user is in a suitable setting for verification. This feature is enabled by default. To disable it, set `livenessEnvironmentAware = false` in the configuration for enrollment, authentication, or de-enrollment. See details in [Liveness Settings](https://docs.keyless.io/consumer/mobile-sdk-reference/liveness-settings) section. * **Face Occlusion Detection for Enrollment**: during the enrollment process, the SDK now provides immediate feedback to the user if their face is partially covered. A message, "Make sure your face is clearly visible," will be displayed to guide them.. **Fixes** * Improved Error Handling for Temporary States: the SDK now returns a more specific internal error (`error code: 539`) if the maximum number of temporary states is reached during an operation. * Added a Cancellation Button to the Camera View: an "x" button has been added to the top-left corner of the camera screen during enrollment, allowing users to safely cancel the face scan process. *** ### 5.0.3 **Highlights** * **Enroll from photo preview**: This feature introduces the ability to enroll users using a photo provided from a trusted source. * Developer Responsibility: You are responsible for ensuring that the photo originates from a verified and trusted source (e.g., an official identity document). * Security Note: Exposing this functionality to your end-users without rigorous verification of the photo's origin may introduce vulnerabilities, such as a user enrolling with another individual's facial image. Please implement appropriate safeguards. **Enhancement: biometric processing** * Improved biometric performance through optimizations in frame timestamp processing. *** ### 5.0.1 **Highlights** * **New Enrollment UX**: a freshened up, new User Interface has been implemented and made available. * It now displays **real-time feedback** about the quality of the processed image, allowing users to address the issues based on the messages shown during face capture. * Note these messages are not customizable since they are tied to Keyless image processing. * The **temporary state now displays the enrollment UI**. The change means that users will experience an onboarding flow as for plain enrollment (withtout temporary state). * This change was made based on customer feedback in recognition of the fact that some users will be experiencing Keyless for the first time, specifically if they were enrolled via [IDV Bridge](https://docs.keyless.io/idv-bridge). * The UI differences are reported in the tab `SDK v5` from the [UI customization section](https://docs.keyless.io/consumer/mobile-sdk-reference/ui-customization). * **Fixes in this release** * Added `showScreenFailureFlow` for consistency with the happy path `showScreenSuccessFlow`. By default the SDK shows an error screen for unhappy paths but the caller app can opt-out from this default behavior. * Return an error if camera permission is not granted. Keyless prompts the user for camera permission and now also informs the caller app that permission was not granted returning the error `30009 - camera denied` . * See [user errors](https://docs.keyless.io/consumer/mobile-sdk-reference/error-handling#user-errors) for details of this and all other errors. **Improved error handling and information** Integrators familiar with our [error handling documentation](https://docs.keyless.io/consumer/mobile-sdk-reference/error-handling) will notice that we have: * Added more detailed insight and guidance for the different types of errors and the relevant error code ranges for integrators to be aware of. * More clearly laid out the different types of User Errors with their codes & descriptions. * **"Rejected" error -** we have split out instances where Liveness could not be established into a new "Rejected" error. Previously these were all labelled as "Spoofing" errors, however we recognized that in some instances these incorrectly added a framed the authentication attempt as more malicious than was fair.\ Please note, the guidance remains that all modelling is in some way predictive and thefore we would still advise that "Spoofing" does not guarantee that there was malicious intent and for various reasons it's still better to assume positive intent in how you handle these with users. **SDK Size Reduction** Following customer feedback, we have reduced the size of the biometric libraries which has reduced both the iOS and Android SDK integration and download size. Please note that integration size can vary significantly between customers so please contact us if you have questions in this area. **Support for iOS emulator** The Keyless iOS SDK can now be run on an iOS emulator on both Windows PC or Mac, allowing integrators to achieve faster develop and test cycles as they make changes. **Deprecations** * Liveness timeout no longer has effect and will be removed in future releases. * This change was made given a set of comprehensive improvements to the Liveness biometrics models. We plan to support configuration options to support both faster and slower authentication and enrollment experiences in upcoming releases. * The mobile SDK Lockout policy, which had some reported inconsistencies, is now managed on the backend so no longer has an effect and will be removed in future releases. * This change was implemented based on customer feedback and done in conjunction with other changes: * Client side errors (example Liveness failures) now are sent to the server side and will impact the server side policy. * The server side policy can now be configured per customer tenant (max failed attempts, time period, suspension period). Speak to the Keyless team if you would like to review and change your lockout policy. **Breaking changes** * With the new UI texts that are shown to the user have changed. If you are using text customization, please make sure to update to the identifiers from the tab `SDK v5` [text section](https://docs.keyless.io/consumer/mobile-sdk-reference/ui-customization#text). * The API `showScreenSuccessFaceCapture` is no longer available since enrollment no longer considers the successful face capture step. * The `successAnimationEnabled` and later `showScreenSuccessFlow` field has been renamed to `showSuccessFeedback`. * The `showScreenFailureFlow` field has been renamed to `showFailureFeedback`. * The `showScreenInstructions` field has been renamed to `showInstructionsScreen`. * The enrollment progress `onProgress` callback is no longer available since progress is not shown with the updated UX. *** ### 4.8.2 iOS - 4.8.3 Android **Highlights** * Improved biometric performance. * Improved error handling and information - [docs](https://docs.keyless.io/consumer/mobile-sdk-reference/error-handling) . * SDK Size Reduction. * Support for iOS emulator. * Fix (Android): addressed biometric performance on Pixel devices. * Fix (Android): on premise remove validate device before authenticate **Improved error handling and information** * **Introduced a new "Rejected" error -** we have split out instances where Liveness could not be established into a new "Rejected" error. Previously these were all labelled as "Spoofing" errors, however we recognized that in some instances these incorrectly added a framed the authentication attempt as more malicious than was fair.\ Please note, the guidance remains that all modelling is in some way predictive and thefore we would still advise that "Spoofing" does not guarantee that there was malicious intent and for various reasons it's still better to assume positive intent in how you handle these with users. **SDK Size Reduction** Following customer feedback, we have reduced the size of the biometric libraries which has reduced both the iOS and Android SDK integration and download size. Please note that integration size can vary significantly between customers so please contact us if you have questions in this area. **Support for iOS emulator** The Keyless iOS SDK can now be run on an iOS emulator on both Windows PC or Mac, allowing integrators to achieve faster develop and test cycles as they make changes. *** ### 4.7.5 iOS - 4.7.6 Android **Highlights** * Fix: fix client state retro compatibility with version >2.0.0 of the Keyless Agent *** ### 4.7.4 **Highlights** * UX: optional screens - it is now possible to opt-out the optional screens you don’t wish to show - [docs](https://docs.keyless.io/consumer/mobile-sdk-reference/ui-customization#optional-screens) * Enhancement: query remaining lockout time - [docs](https://docs.keyless.io/consumer/mobile-sdk-guide/user-and-device-management#lockout-management)\\ **UX: optional screens** We understand that the experience our customers create for their end users is of the utmost importance. To provide greater flexibility, we’ve made certain screens and steps in the Authentication and Enrollment flows optional. These screens will remain visible by default, but you now have the ability to opt out of displaying those that are not relevant to your workflow. For more details, please refer to the [documentation](https://docs.keyless.io/consumer/mobile-sdk-reference/ui-customization#optional-screens). Please note that the camera view and Step 2 (“Enrollment Progress”) will remain mandatory for now, as they are critical to ensuring liveness detection and security during the capture process. However, Step 2 is highly customizable in terms of text and color scheme to align with your branding. In upcoming releases, we will also be adding sample code and “User Flow” guides to further empower integrators and designers in tailoring their user experience. **Enhancement: query remaining lockout time** Customers can configure the maximum number of errors a user can make before being locked out for a 10-minute period. Based on customer feedback, we’ve enhanced this feature to allow querying the remaining lockout time (in seconds) after a user has been locked out. For implementation details, please refer to the [documentation](https://docs.keyless.io/consumer/mobile-sdk-guide/user-and-device-management#lockout-management). This enhancement enables customers to display the remaining lockout time to users at any given moment, improving transparency and user experience. **Bugs and Fixes** * **Fix (Android):** Resolved a compatibility issue between the Compose Material library and Flutter. *** ### 4.7.3 * UX: SDK Theme is customizable by customer - [docs](https://docs.keyless.io/consumer/mobile-sdk-reference/ui-customization#theme) * Feature: possibility to specify a path to Keyless artifacts. Artifacts are provided by Keyless by default. Artifacts path can be overridden by the customer. *** ### 4.7.2 * Feature: improved PSD2 compliance - [docs](https://docs.keyless.io/consumer/mobile-sdk-use-cases/guide-sca-dynamic-linking) * Feature: account recovery - [docs](https://docs.keyless.io/consumer/mobile-sdk-use-cases/guide-account-recovery) * Fix: remove lottie dependency * UX: remove success animation in favor of static image *** ### 4.7.0 * API Surface: deprecate builder pattern in favor of optional config constructor parameters (builders are deprecated) * Feature: expose SDK logs to customer app - [docs](https://docs.keyless.io/consumer/mobile-sdk-guide/getting-started#logging) * Feature: expose JWT signature compatible with core backend key pairs - [docs](https://docs.keyless.io/consumer/mobile-sdk-reference/jwt-signing) *** ### 4.6.7 * Bugfix: internal data cleanup * Performance improvements: avoid unnecessary assets extraction *** ### 4.6.6 Feature: Shared Circuits: integrators can now set the desired number of shared circuits when calling an sdk configure Fix: Liveness: update liveness setting for higher security *** ### 4.6.5 * Feature: enroll with Keyless from an Auth0 user’s IdToken *** ### 4.6.3 * Dynamic linking feature: new API exposing interface to choose one authentication method (BiomAuthConfig | PinAuthConfig) * UI customization: it is now possible to customize the font for Keyless SDK screens * UI customization: it is now possible to customize the brand color (primary accent color) for Keyless SDK screens *** --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.keyless.io/consumer/mobile-sdk-changelog/changelog.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.