Overview

Key Highlights in This Release:

• Windows Biometric Foundation operation: This update significantly improves the user experience on Windows PCs by enabling seamless, secure, and passwordless or multi-factor authentication through WBF-compliant biometric devices like fingerprint readers on Windows systems

• Seamless API Domain Transition for Mobile Clients: Changing the enrollment domain no longer forces every user to re-enroll. Mobile clients automatically follow the new domain without manual intervention.

• Multitenancy support for Veridium Server: Starting with version 3.8.1 Veridium supports multi-tenancy, allowing organizations to manage multiple client environments from a single Veridium deployment.

• Direct download links for IdP Metadata files: Identity Provider metadata files for SSP and Admin SAML are now available as simple, downloadable XML files instead of embedded Base64 strings.

• WebAuthN level 3 and Passkeys: All mobile applications now support FIDO2 passkeys as a first-class factor, completing the Level 3 implementation.

• OIDC Enhancements improvements to support multiple integration user cases

Other New Features & Enhancements:

Administration & Dashboard:

• Improved User Search for Enrollment and Invitation Codes: We've enhanced the user search functionality for generating enrollment codes and invitations, particularly for environments with multiple LDAP directories and hybrid connections.

• Configure SSP and Admin IdP with a Metadata URL, simply by pasting a metadata URL.

• Added a link to brute force attacker list (Admin / Identities / Brute Force Attackers) in the Brute Force settings page (Admin / Settings / Brute Force).

• Version 3.8.1 moves on with the terminology refresh from UBA (User Behavior Analysis) to ILP (Intelligent Login Protection). Gradually in the documentation, former UBA references will be replaced with “ILP (formerly known as UBA)”, and eventually, only “ILP”. Similarly, inside the product, ILP and UBA abbreviations will coexist for now, but the latter will be phased out gradually.

• Improved search function in pages “Brute Force Attackers”, “Hardware auth devices management” and “Certificate PIN” by removing the simple search field when advanced search is used.

• SID can now be used when searching users, instead of only the username. This is especially helpful in multi-directory or hybrid LDAP setups.

• SSP and SAML configurations now accept a metadata URL, matching the behavior already present in Applications.

Server-Side:

• Configuration manager with setupagent: additional components can be configured directly from websecadmin—no Linux console access required.
  

Bug Fixes:

Administration:

• Kibana dashboards no longer empty out after applying filters..

• Editing Account Quota Limit or Device Limit email templates no longer throws an error.

• Deleting external administrators now works correctly after an upgrade.

Authentication:

• ILP (formerly known as UBA) email notification no longer contain unexpected line breaks.

• Cancelling a “passkey-only” enrollment flow no longer triggers an infinite loop.

• When a user has no phone number, the “Personal” delivery channel now shows a clear, helpful error message.

Server-Side:

• SSP no longer falls back to an external IdP after a service restart.