Overview​

The v3 release introduces a unified biometric enrolment and authentication process across platforms.

Note: Users who were previously enrolled using earlier SDK versions will be required to re-enrol due to changes in the token architecture introduced in v3.

All frameworks​

• A refresh of the Firebase JSON is required in sandbox (and production if applicable). The new firebase token will work with the v3 SDK. If you had previously provided a firebase token (to work with v1 or v2 SDK), this will no longer be displayed in the embedder portal, but it will still be applicable for that SDK.
  • Generate a new token (with the same configuration) from your Firebase Console
  • In the embedder portal, re-enable Biometric Authentication, and then Provide your Firebase Json file. Even if you had previously configured a firebase Json, a new one must be provided.
  • Re-enable Biometrics for user actions
  • Previously enrolled users will have to enrol again
• Changes to un-enrolment behaviour. Previously, a new user was allowed to enrol on a device that was already being used; and the old user would be unenrolled automatically. Now, the app must be uninstalled, or the user unlinked via multi-API, before a new user can enrol on the device. See iOS, android, and React Native sections of the docs.

iOS​

Minimum supported iOS version: 15.1​

Legacy compatibility support for iOS versions below 15.1 has been dropped.

Key changes​

• The biometrics user enrolment flow now requires an OTP. This is delivered via SMS, and input by the user into an integrated screen in the component.
• The ability to exchange tokens via the SDK has been removed. For the biometrics login flow, the auth token is shared via webhook only and must be exchanged for an access token via your backend to the Weavr multi API.
• New method UXComponents.setAppCheckToken
  • add AppCheck SDK. Use the same project setup as described in the All section
  • generate a token
  • UXComponents.setAppCheckToken(GENERATED_TOKEN)

Added​

• New initialisation method UXComponents.initialize(environment:, uiKey:, completion: @escaping ((Result<UXComponentsStatus, ErrorResponse>) -> Void))
  • added completion callback to handle initialisation error

Deprecated​

• UXComponents.initialize(env:, uiKey:, completion:) in favour of UXComponents.initialize(environment:, uiKey:, completion: @escaping ((Result<UXComponentsStatus, ErrorResponse>) -> Void))

Android​

To upgrade to SDK v3.0.0, update your Gradle dependency:

implementation 'io.weavr.components:secure-components:3.0.0'

In your settings.gradle file, remove the following repository entry:

maven {
    url "https://gitlab.okaythis.com/api/v4/projects/15/packages/maven"
    name "GitLab"
}

Key changes​

• The biometrics user enrolment flow now requires an OTP. This is delivered via SMS, and input by the user into an integrated screen in the component.
• The ability to exchange tokens via the SDK has been removed. For the biometrics login flow, the auth token is shared via webhook only and must be exchanged for an access token via your backend to the Weavr multi API.
• Moved ErrorResponse class to io.weavr.components.utils.ErrorResponse package. Update any custom error handling implementations to use the new package path
• Improved handling of the hardware back button on the Device Authorization screen in the enrolment flow that is launched via UXComponents.psa.startPSAEnrollment(). Pressing the back button now triggers the onFailed() callback, enabling client apps to handle user-initiated cancellations more effectively.

React Native​

Minimum supported iOS version: 15.1​

Legacy compatibility support for iOS versions below 15.1 has been dropped.

Android​

In your Android sources, remove the following repository reference:

maven {
    url "https://gitlab.okaythis.com/api/v4/projects/15/packages/maven"
    name "GitLab"
}

Key changes​

The iOS and android functionality have been unified

• The biometrics user enrolment flow now requires an OTP. This is delivered via SMS, and input by the user into an integrated screen in the component.
• The ability to exchange tokens via the SDK has been removed. For the biometrics login flow, the auth token is shared via webhook only and must be exchanged for an access token via your backend to the Weavr multi API.

iOS 1.6.6​

iOS 1.6.6 adds Swift Package Manager support without introducing any changes to the SDK itself since 1.6.5.

You can follow the Swift Package Manager installation guide for more information.

If you want to transition from Cocoapods to Swift Package Manager, we recommend to:

1. Remove the pod 'WeavrComponents' line from your Podfile, alongside the IdensicMobileSDK dependency.
2. If no more pod statements are present in your Podfile, you can get rid of the Cocoapods setup altogether.
3. Follow the Swift Package Manager installation guide.

These SDK releases were to backport the user-data collection fix from V2.0.1 to V1. This is so that embedders who do not use the Biometrics Authentication component, are not forced to adapt to the Safetynet removal breaking change.

Android V1.6.7​

Fix to remove user-data collection from the app to the identity-verification provider. Otherwise full disclosure would be required under android rules.

Other minor improvements to KYC component:

• Added support for per-level countries and territories restrictions.
• Added support for immutable Applicant Data fields.

React Native V1.7.1​

Fix to remove user-data collection from the app to the identity-verification provider. Otherwise full disclosure would be required under android rules.

Other minor improvements and fixes to KYC component:

• Added support for per-level countries and territories restrictions.
• Added support for immutable Applicant Data fields.
• Fixed an iOS/React Native compatibility issue with identity-verification provider's API.

Android V2.0.1​

Major changes to Biometrics Authentication Component​

Changes in Enrol a device flow

• Built in two factor authentication. The user must input an SMS OTP in a screen in the SDK as part of the enrolment.

Changes in enrolment and login flows:

• Removed the functionality to exchange an auth token for an access token in the SDK.
• The auth token is shared via webhook only and this must be exchanged for an access token via your backend to the Weavr multi API.

SafetyNet Deprecation

• Obtain integrity key id ( server key ) from your Google Cloud Account to use in biometric authentication. Process has changed slightly in v3.0.0

Version updates​

• Java Version Update: The SDK now requires Java 17 (previously Java 8). Ensure your project is configured to use Java 17.
• Gradle Version Update: The SDK now requires Gradle 8.7 (previously Gradle 7.5). Upgrade your project to this Gradle version to ensure compatibility.
• Kotlin Version Update: The SDK has been updated to use Kotlin 8.6.0 (previously 7.4.2). Ensure your project is configured to use Kotlin 8.6.0 or higher to avoid compatibility issues.

User-data collection fix​

Fix to remove user-data collection from the app to the identity-verification provider. Otherwise full disclosure would be required under android rules.

Other minor improvements to KYC component:

• Added support for per-level countries and territories restrictions.
• Added support for immutable Applicant Data fields.

React Native V2.0.1​

All the same changes as android V2.0.1.

Android V1.6.5​

SDK updated to target Android 14 (API Level 34). For full details of android configuration, please refer to the Get started with android SDK section.

React Native V1.6.5​

SDK updated to target Android 14 (API Level 34). For full details of android configuration, please refer to the Get started with React Native SDK section.

Migrated from JCenter Repository to MavenCentral.

iOS V1.6.3​

Added WeavrChallengeType to determine the type of challenge that the push notification received, is related to. See Initiate a challenge, Receive a push notification for more details.

Android V1.6.3​

Added broadcast receiver to determine the type of challenge that the push notification received, is related to. See Initiate a challenge, Receive a push notification for more details.

React Native V1.6.3​

Added WeavrChallengeType to determine the type of challenge that the push notification received, is related to. See Initiate a challenge, Receive a push notification for more details.

iOS V1.6.0​

• Support for 3DS
• Performance improvements for Biometrics & Login
• Bug fixed related to Apple Push Notification Service

Android V1.6.0​

• Support for 3DS
• Performance improvements for Biometrics & Login

React Native V1.6.0​

• Support for 3DS
• Performance improvements for Biometrics & Login
• Bug fixed related to Apple Push Notification Service (code change needed)
• Following two functions return type has been changed from string to boolean.
  • checkIsReadyForEnrollment
  • checkReadyForAuth

if (isIOS) {
  checkIsReadyForEnrollment()
    .then((res) => {
      dLog("enrolment ready: " + res);
      if (res) {
        startEnrollment(fcmToken!, globalToken!)
          .then((res) => {
            dLog(res);
            Toast.show(res, 1);
          })
          .catch((e) => {
            dLog(e);
            Toast.show(e.toString(), 1);
          });
      } else {
        Toast.show("You are not ready for Enrolment", 1);
      }
    })
    .catch((e) => {
      dLog(e);
      Toast.show(e.toString(), 1);
    });
} else {
  startEnrolment(fcmToken!, globalToken!)
    .then((res) => {
      dLog(res);
      Toast.show(res, 1);
    })
    .catch((e) => {
      dLog(e);
      Toast.show(e.toString(), 1);
    });
}

Update to latest SDK version​