Netcetera 3DS Server - Release Notes - Version 2.12.0.0

Overview

Published: 04.02.2025

Version 2.12.0.0 is a major release of the Netcetera 3DS Server.

For documentation about this release please refer to the documentation site.

Compatibility

This version has breaking changes and is not compatible with previous versions of the Netcetera 3DS Server.

Important notification

License format and validation update
This release changes the 3DS Server and Admin applications' licenses format and licenses validation mechanism. Old licenses are incompatible with this release. Be sure to receive new license before installing this version.

Removal of XML Configuration Support
In this release, we have removed support for XML configuration in the 3DS Server. All configurations are now managed exclusively through the database and the 3DS Server Admin UI application.

End-of-support for Java 17
Please note that we no longer support Java 17 and earlier versions of Java. Minimum supported Java version as of version 2.12.0.0 of the Netcetera 3DS Server is Java 21.

Protocol version changes
Please be informed that the latest option as preferredProtocolVersion is now removed. This option is removed due to variations in message formatting between EMV 3DS 2.3.1 and its predecessors, EMV 3DS 2.2.0 and EMV 3DS 2.1.0.

API changes
The following changes will take effect on the 3DS Server Authentication Request six (6) months after this announcement:

  • The preferredProtocolVersion field will become mandatory.
  • The enforcePreferredProtocolVersion field will be removed.

Upgrade Notes

  • The application framework is upgraded to Spring Boot 3.4. As part of this upgrade, there are breaking changes related to actuator endpoints. More specifically, management.endpoint.<id>.enabled properties are replaced with management.endpoint.<id>.access. See more information under the official Spring release notes.
  • The endpoint 'reload/license' has been removed. License change now requires an application restart.
  • Due to the removal of the XML configuration option, the following application properties are no longer needed and have been removed:
    • threedsserver.configuration.type
    • threedsserver.configuration.location
    • threedsserver.configuration.use-encrypted-passwords

Changes

New Features

  • Implemented American Express validation rules according to American Express SafeKey 2.0, Protocol Specification version 2.3.1.0.

Improvements

  • Removed Cardholder Name validations for Visa when a merchant submits non-English or multi-byte characters that do not comply with EMVCo specifications. The 3DS Server will no longer reject these transactions and will pass the value provided by the merchant to the Visa Directory Server.
  • Adapted uri tag to be none for http.client.requests metric in case the request is pushing Results Response to Requestor, the reason being the URL can be dynamic and can generate a lot of uri values.
  • Updated stored procedure that clears results data in MSSQL.
  • Updated sending of notificationURL field in the Authentication Request. It will only be sent when the deviceChannel is BROWSER.

Bug Fixes

  • Fixed a NullPointerException when resolving the threeDSRequestorSpcSupport in the Authentication Request when the ACS Information Indicator is null for the related card range data.
  • Updated the setting for deviceBindingStatusSource in the Authentication Request. Previously, if deviceBindingStatus was sent as null in the device object of the 3DS Server Authentication Request, deviceBindingStatusSource would still be set to "3DS Server". With this change, deviceBindingStatusSource is now set only when deviceBindingStatus is not null as part of the device object.
  • Applied validation on the merchant acquirers during merchant bulk import.