Netcetera 3DS Server - Release Notes - Version 2.7.0.0
Overview
Published: 14.02.2023
PLEASE DO NOT INSTALL THIS VERSION, DIRECTLY INSTALL THE NEXT PATCH RELEASE 2.7.0.1
Version 2.7.0.0 is a major release of the Netcetera 3DS Server.
Compatibility
This version is NOT backwards compatible with previous versions of the Netcetera 3DS Server.
Important notification
Versioning changes
New Versioning V3 model was introduced in 2.5.3.0 version as an improvement in the scheme resolution logic. Furthermore, this format will already support the EMV 3DS 2.3.1 versioning model. As announced in the release notes of the previous major version of the 3DS Server 2.6.0.0, V1 and V2 endpoints are no longer active from major version 2.7.0.0. Please find detailed information about V3 here.
End-of-support for Java 11
The Netcetera 3DS Server 2.7.0.0 supports Java 17. Java 11 is now deprecated and compatibility has been dropped with this release. Please ensure you have migrated your environment to Java 17 before installing this version.
Removal of 3DS Transaction CLI Tool
In this release we removed the 3DS Transaction CLI Tool. Please ensure that all transactions that are made with 3DS Server version lower than 2.5.x.x are migrated with the tool prior installing 2.7.0.0.
Changes
New Features
- Added option to configure the directoryServerId (RID - Registered Application Provider Identifier) as scheme specific value via the Admin UI application.
This new optional field is used to fetch the configured value for the
Directory Server IDfield in the Versioning Response V3 model. More info on the Versioning Response V3 model can be found here: 3DS Versioning. The fieldDirectory Server IDwill no longer be hardcoded in Versioning Response. If the value forDirectory Server IDis not configured, it will not be provided in the Versioning response. - Added an option to delete Merchants in bulk through the Admin UI application. To find out more about these changes visit the Manage Merchants in bulk page.
Improvements
- In reaction to the growing data in preparation responses from the schemes, we have improved the efficiency of the card range processing:
- Added configuration option to disable card ranges caching. Card ranges caching can now be disabled for 3DS Server instances that are only intended for sending Preparation Requests to the schemes and are not processing authentications. Find more information under
threedsserver.session.storage.cache.card-range-data.cache-update-check.enabledproperty in the 3DS Server configuration properties. - Improved startup time of 3DS Server by minimizing the amount of data cached from card range data on startup. After the 3DS Server is started, it will load rest of the data needed in background, while still being able to process transactions in the meantime.
- Improved memory consumption of 3DS Server while loading/storing card range data.
- Since the size of PRes continues to grow, it requires additional memory to log the message. Because of that, configuration option to disable logging of Preparation Response message is added.
Find more information under
threedss.logging.preparation-response.enabledproperty in the 3DS Server configuration properties. By default, logging is disabled.
- Added configuration option to disable card ranges caching. Card ranges caching can now be disabled for 3DS Server instances that are only intended for sending Preparation Requests to the schemes and are not processing authentications. Find more information under
- Introduced property
management.health.oidcProviders.enabledwhich indicates whether the actuator health endpoint should include or exclude OIDC providers related health indicators when external mode of authentication is used. See details about it in the 3DS Admin configuration properties. - Included 3DS Versioning V3 endpoint in OpenAPI definition documents.
- Removed the following unused columns in the following tables:
- directory_server (threeds_requestor_id and threeds_requestor_name)
- acquirer_bin (directory_server_id and ds_and_upop_server_cred_id)
- merchant_acquirer (directory_server_id and ds_and_upop_server_cred_id)
- Introduced private key pair check when importing a new signed certificate into an existing keystore.
- The framework built-in metrics http.client.requests and http.server.requests are extended with two additional tags:
- orgId, which identifies the ID of organization (useful in multi-tenant setup)
- flow, which identifies the flow of the incoming / outgoing requests. Possible values are: VERSIONING, AUTHENTICATION, RESULTS and PREPARATION.
Bug Fixes
- Fixed finding 17/18 Digit Mastercard PAN in longer digit card ranges.
- Fixed the XML configuration reload function in the 3DS Server control script (3dsctl.sh).
- Fixed AcsProtocolVersionData logging in the Versioning Response.
- Fixed NPE when there are multiple schemes configured with same DS URL. Supported schemes are prioritized if there is more than one scheme with same DS URL. List of supported schemes can be found here here.