SMS OTP expiry time
In order to provide a consistent experience and level of security for end-customers using SMS OTPs, the validity of all SMS OTPs are now aligned to 5 minutes, whereas some actions previously had a longer validity. This applies to mobile verification and all step-up actions.
Please find here more details about our Step-up Documentation.
New step-up required after successful password change
As a measure to improve the security of information belonging to end-customers, we are introducing a new rule regarding token validity after a user changes their password.
When a user changes their password (reset password flow) /passwords/lost_password/start /passwords/lost_password/resume, they will now have to perform a step-up to view information that may have been previously covered by a step-up in the last 180 days. This is because the validity of the tokens will have been reset and requires a fresh step-up.
Please find here more details about our Step-up Documentation.
New dashboard field for end-customer “Fee Group”
The Consumers Overview and Corporates Overview dashboards can be used to monitor any new identities that are created, and their relevant details.
We have now introduced a “Fee Group” column within the Details tables; this can help you monitor which identities are linked to the plans that you support.