Changelog
Last updated
Was this helpful?
Last updated
Was this helpful?
For a seamless SDK integration make sure to follow the section .
You can check all the prerequisites that your app must meet for a successsful SDK integration under the .
release candidateHighlights
Enroll from photo preview: This feature introduces the ability to enroll users using a photo provided from a trusted source.
Developer Responsibility: You are responsible for ensuring that the photo originates from a verified and trusted source (e.g., an official identity document).
Security Note: Exposing this functionality to your end-users without rigorous verification of the photo's origin may introduce vulnerabilities, such as a user enrolling with another individual's facial image. Please implement appropriate safeguards.
Enhancement: biometric processing
Improved biometric performance through optimizations in frame timestamp processing.
Highlights
New Enrollment UX: a freshened up, new User Interface has been implemented and made available.
It now displays real-time feedback about the quality of the processed image, allowing users to address the issues based on the messages shown during face capture.
Note these messages are not customizable since they are tied to Keyless image processing.
The temporary state now displays the enrollment UI. The change means that users will experience an onboarding flow as for plain enrollment (withtout temporary state).
This change was made based on customer feedback in recognition of the fact that some users will be experiencing Keyless for the first time, specifically if they were enrolled via .
The UI differences are reported in the tab SDK v5 from the .
Fixes in this release
Added showScreenFailureFlow for consistency with the happy path showScreenSuccessFlow. By default the SDK shows an error screen for unhappy paths but the caller app can opt-out from this default behavior.
Return an error if camera permission is not granted. Keyless prompts the user for camera permission and now also informs the caller app that permission was not granted returning the error 30009 - camera denied .
See for details of this and all other errors.
Improved error handling and information
Added more detailed insight and guidance for the different types of errors and the relevant error code ranges for integrators to be aware of.
More clearly laid out the different types of User Errors with their codes & descriptions.
"Rejected" error - we have split out instances where Liveness could not be established into a new "Rejected" error. Previously these were all labelled as "Spoofing" errors, however we recognized that in some instances these incorrectly added a framed the authentication attempt as more malicious than was fair. Please note, the guidance remains that all modelling is in some way predictive and thefore we would still advise that "Spoofing" does not guarantee that there was malicious intent and for various reasons it's still better to assume positive intent in how you handle these with users.
SDK Size Reduction
Following customer feedback, we have reduced the size of the biometric libraries which has reduced both the iOS and Android SDK integration and download size. Please note that integration size can vary significantly between customers so please contact us if you have questions in this area.
Support for iOS emulator
The Keyless iOS SDK can now be run on an iOS emulator on both Windows PC or Mac, allowing integrators to achieve faster develop and test cycles as they make changes.
Deprecations
Liveness timeout no longer has effect and will be removed in future releases.
This change was made given a set of comprehensive improvements to the Liveness biometrics models. We plan to support configuration options to support both faster and slower authentication and enrollment experiences in upcoming releases.
The mobile SDK Lockout policy, which had some reported inconsistencies, is now managed on the backend so no longer has an effect and will be removed in future releases.
This change was implemented based on customer feedback and done in conjunction with other changes:
Client side errors (example Liveness failures) now are sent to the server side and will impact the server side policy.
The server side policy can now be configured per customer tenant (max failed attempts, time period, suspension period). Speak to the Keyless team if you would like to review and change your lockout policy.
Breaking changes
The API showScreenSuccessFaceCapture is no longer available since enrollment no longer considers the successful face capture step.
The successAnimationEnabled and later showScreenSuccessFlow field has been renamed to showSuccessFeedback.
The showScreenFailureFlow field has been renamed to showFailureFeedback.
The showScreenInstructions field has been renamed to showInstructionsScreen.
The enrollment progress onProgress callback is no longer available since progress is not shown with the updated UX.
Highlights
Improved biometric performance.
SDK Size Reduction.
Support for iOS emulator.
Fix (Android): addressed biometric performance on Pixel devices.
Improved error handling and information
Introduced a new "Rejected" error - we have split out instances where Liveness could not be established into a new "Rejected" error. Previously these were all labelled as "Spoofing" errors, however we recognized that in some instances these incorrectly added a framed the authentication attempt as more malicious than was fair. Please note, the guidance remains that all modelling is in some way predictive and thefore we would still advise that "Spoofing" does not guarantee that there was malicious intent and for various reasons it's still better to assume positive intent in how you handle these with users.
SDK Size Reduction
Following customer feedback, we have reduced the size of the biometric libraries which has reduced both the iOS and Android SDK integration and download size. Please note that integration size can vary significantly between customers so please contact us if you have questions in this area.
Support for iOS emulator
The Keyless iOS SDK can now be run on an iOS emulator on both Windows PC or Mac, allowing integrators to achieve faster develop and test cycles as they make changes.
Highlights
Fix: fix client state retro compatibility with version >2.0.0 of the Keyless Agent
Highlights
UX: optional screens
Please note that the camera view and Step 2 (“Enrollment Progress”) will remain mandatory for now, as they are critical to ensuring liveness detection and security during the capture process. However, Step 2 is highly customizable in terms of text and color scheme to align with your branding.
In upcoming releases, we will also be adding sample code and “User Flow” guides to further empower integrators and designers in tailoring their user experience.
Enhancement: query remaining lockout time
Customers can configure the maximum number of errors a user can make before being locked out for a 10-minute period.
This enhancement enables customers to display the remaining lockout time to users at any given moment, improving transparency and user experience.
Bugs and Fixes
Fix (Android): Resolved a compatibility issue between the Compose Material library and Flutter.
Feature: possibility to specify a path to Keyless artifacts. Artifacts are provided by Keyless by default. Artifacts path can be overridden by the customer.
Fix: remove lottie dependency
UX: remove success animation in favor of static image
API Surface: deprecate builder pattern in favor of optional config constructor parameters (builders are deprecated)
Bugfix: internal data cleanup
Performance improvements: avoid unnecessary assets extraction
Feature: Shared Circuits: integrators can now set the desired number of shared circuits when calling an sdk configure Fix: Liveness: update liveness setting for higher security
Feature: enroll with Keyless from an Auth0 user’s IdToken
Dynamic linking feature: new API exposing interface to choose one authentication method (BiomAuthConfig | PinAuthConfig)
UI customization: it is now possible to customize the font for Keyless SDK screens
UI customization: it is now possible to customize the brand color (primary accent color) for Keyless SDK screens
Integrators familiar with our will notice that we have:
With the new UI texts that are shown to the user have changed. If you are using text customization, please make sure to update to the identifiers from the tab SDK v5 .
Improved error handling and information - .
UX: optional screens - it is now possible to opt-out the optional screens you don’t wish to show -
Enhancement: query remaining lockout time - \
We understand that the experience our customers create for their end users is of the utmost importance. To provide greater flexibility, we’ve made certain screens and steps in the Authentication and Enrollment flows optional. These screens will remain visible by default, but you now have the ability to opt out of displaying those that are not relevant to your workflow. For more details, please refer to the .
Based on customer feedback, we’ve enhanced this feature to allow querying the remaining lockout time (in seconds) after a user has been locked out. For implementation details, please refer to the .
UX: SDK Theme is customizable by customer -
Feature: improved PSD2 compliance -
Feature: account recovery -
Feature: expose SDK logs to customer app -
Feature: expose JWT signature compatible with core backend key pairs -