Skip to main content
Skip table of contents

Overview

Version 3.4 comes with a layer of new functionalities over the security hardened intermediary version 3.3.1, which mainly targeted security improvements and hardening of the stack by updating all components to their most recent versions.
Here’s what’s new since previous public version (3.3.0):

Majors dependencies upgrades:

  • Cassandra driver from 3.x to 4.x

  • Tomcat related libraries from 8.x to 9.x

  • Spring latest 5.x (5.3.27)

  • Spring boot 2.7.11

  • Zookeeper client 3.8.1

In terms of functionality, both refinements and new additions are present in this release:

  • Veridium Admin users can now be connected to Active Directory permissions, offering support for central point user configurations in terms of access. Together with User Segregation feature present in Veridium Manager - Settings - Segregation tab, this allows granular access setup to features according to Active Directory users' permission set. For example, a Support role may be configured to only see users from a specific AD groups (“Branch users”), while an Admin role may be configured to access all AD groups found (other admins, end users and so on).

  • FIDO enrolments are available again for Android Platform authenticator and Windows 11 TPM authenticator with EC attestation.

  • Lost mode is now also available for users that don’t have any other Phone or Hardware Token enroled.

  • Improvements in Veridium Manager access permissions for GUI that clean up logs and browser console errors for limited permission accounts.

  • Email notifications now contain detailed authenticator names for all scenarios.

  • Improved elements' display in various GUI sections to increase readability, correct typos and mitigate overlapping graphics.

  • Audit Administrators column translates all SIDs in email addresses for improved readability and tracking.

  • URLs containing “-” in their last part are now treated correctly by websecadmin

  • Improved permission granularity for limited accounts by introducing View AD details , View location , View UBA info ,View history details, to better comply with privacy regulated scenarios. This is especially helpful in deciding which part of the admin team has access to sensitive data (i.e. Support role can be configured to hide Directory Service Info, Location, UBA or History if it’s not needed)

  • Emergency Push Notifications are now available in Veridium Manager - Messaging. This allows administrators to send push notifications to mobile app users on demand. The functionality supports filtering and the effect is instantaneous.

  • Emails sent from Veridium server can now be signed to improve security, with the configuration options present in Veridium Manager - Settings - Messaging - “Email Digital Signature”.

  • Administrator certificate passwords can now be sent separately from the certificate itself, via SMS (instead of both being sent in the same email). The password length can also be configured between 4 and 8 lowercase and numeric digits.

  • Support for MS-CHAP and MS-CHAPv2 has been added in Veridium server to increase the production usage scenarios' coverage for FreeRadius service flows.

  • Added a toggle in AD Enrollment step configuration to allow users to reset authentication method (i.e. PIN) from mobile devices with/out an invitation code.

  • “is-root-protection-enabled” parameter from mobileSettings.json has been deprecated. Mobile apps will not take its value into account anymore and instead react by default as if the parameter value is “TRUE”.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close