Netcetera 3DS Server - Release Notes - Version 2.5.3.0

Overview

Published: 30.06.2022

Version 2.5.3.0 is a minor release of the Netcetera 3DS Server.

For documentation about this release please refer to the documentation site.

Compatibility

This version is backwards compatible with previous 2.5.x.x versions of the Netcetera 3DS Server.

Important notification

Versioning changes

New Versioning V3 model is introduced for better visibility of schemes in which ranges the card account number was found and improving the scheme resolution logic. Old versioning model V1 and V2 will remain available until 15th of September 2022. On 15th of September Versioning V1 and V2 model will be depreciated, hence timely switching to the new Versioning model V3 is highly recommended.

Known issues

In 2.5.3.0 release, we have a known issue with Eureka Service Discovery that is arising from Eureka not being able to support Jersey 2. If you are using Eureka Service Discovery and you want to proceed with installing this release, please do the following steps:

  1. Disable the Eureka Service Discovery
  • Add the following application properties:
    • Admin Application Properties:
      • threedss.discovery-server.enable=false
      • eureka.client.enabled=false
    • Server Application Properties:
      • eureka.client.enabled=false
  1. Enable the scheduler that periodically checks for changes in the database configuration and automatically reloads it. (Introduced in 2.5.2.1)
  • Add the following application properties:
    • Server Application Properties:
      • threedsserver.configuration.auto-reload.enabled=true
      • threedsserver.configuration.auto-reload.interval=60 (this will run every 60 seconds, but you can change it as you wish)

To read more about the application properties visit the 3DS Server Configuration Properties and Admin Configuration Properties pages.

With these changes applied, each time you do a Validate and Reload of the configuration in the Admin UI you will get an error message "Failure. Unable to reload 3DS Server Configuration. There are no 3DS Server Instances available.". This is a normal behaviour and you can ignore the error message. You should still use the Validate and Reload button so the scheduler can pick up the changes of the configuration and automatically reload it.

Please note that after disabling Eureka Service Discovery, 3DS Server Statistics in Admin UI will not be available. Fix will be provided in the next major release according to already planed upgrades.

Changes

New Features

  • Versioning response model V3:
    • Extended to support returning multiple versioning response elements in case the card was found in multiple card ranges from different schemes.
    • Introduced field in the Versioning response Directory ServerID (RID) Registered Application Provider Identifier that is unique to the payment system.
    • Versioning V3 supports the upcoming EVM 3DS 2.3. protocol version.
  • Authentication Request scheme resolution logic is updated

Providing Scheme ID remains optional:

  • If Scheme ID is provided in the request then the resolving of the card ranges will be done for the specified Scheme.
  • If Scheme ID is not provided in the request then the resolving of the Scheme ID will be done by using the card account number sent in the request against all available Schemes. The possible outcomes of this search are:
    • The card account number is found in only one DS card range. In this case the Scheme ID will be resolved from the Scheme the card range belongs to.
    • The card account number is found in multiple DS card ranges. In this case the Scheme ID will be resolved from the international Scheme that the card range belongs to (Visa, Mastercard, American Express or Diners).

According to the scheme resolution logic, if the card range is found in the card ranges from multiple Schemes (eg. CB and Visa), then preference is given to the international schemes (e.g. Visa). In case the intention is to use the local scheme (e.g. CB), that schemeId must be provided in the Authentication Request.

To find out more about these changes visit the Versioning and Authentication pages.

  • Introduced a separate tab "Shared Configuration Update" within the Admin UI for on-premise customers using the multi-tenant setup. Such customers will now have the option to configure scheme -and certificate related updates across or for selected organizations. Organization specific data such as Acquirer or Merchant data will not be affected.
  • Search functionality:
    • Introduced a search bar/option within the 3DS Server technical documentation.

Improvements

  • Mitigated Spring4SHELL vulnerability.
  • Admin UI: Added alarming message for expired certificates or certificates expiring in the next three months.
  • Admin UI / Search Transactions:
    • Added new possibility to filter the transactions by acs operator ID.
    • Added new possibility to filter the transactions by merchant country code.
    • Added new possibility to filter the transactions by challenge cancellation indicator.
  • The ROLE_CONFIG_DIRECTORY_SERVER_VIEW and ROLE_CONFIG_DIRECTORY_SERVER_EDIT roles are no more present. The users who have ROLE_CONFIG_SCHEME_VIEW/ROLE_CONFIG_SCHEME_EDIT roles are able to view/edit the DS configuration. There is no need to create the two roles on the OIDC provider side in case when the 3DS Admin is run in external mode, i.e. external IAM provider is used.
  • Removed notification on tenant organizations in the Admin UI when default configuration is updated. From now on, the responsibility to reload the schemes configuration of the tenants is on the admin user of the default configuration.
  • Added possibility to push the metrics of 3DS Server / Admin with Prometheus Pushgateway. In order to use Prometheus Pushgateway you need to enable it through application properties. For detailed information, refer to management.metrics.export.prometheus.pushgateway. * properties inside 3DS Server Configuration Properties and Admin Configuration Properties.
  • Improve memory efficiency for caching card ranges when Redis is used as a caching storage type.
  • Added a spinner animation for better user experience on the "Validate And Reload Configuration" button in the Admin UI. It will notify the users that the configuration is reloading and validating until gets done.
  • Introduced a new metric app.3ds-server.3ds2.results-requests which gives the information of the number of received results requests per scheme.
  • In a multi-tenant setup, Preparation Requests are only scheduled for schemes in the default 3DS Server configuration and for that reason PReq jobs will be updated only in case the default 3DS Server configuration gets reloaded.
  • Improve memory efficiency for caching card ranges when Redis is used as a caching storage type.
  • Added a spinner animation for better user experience on the "Validate And Reload Configuration" button in the Admin UI. It will notify the users that the configuration is reloading and validating until gets done.
  • Introduced a new metric app.3ds-server.3ds2.results-requests which gives the information of the number of received results requests per scheme.

Bug Fixes

  • Changed the error message with a not found message when transaction with non existing ID is searched in 3DSS Admin UI.
  • Added null check for protocol version while exporting transactions logs to excel.