What's new

IBM® Safer Payments 6.5.0.00 includes new features and enhancements.

Release highlights

  • Data encryption keys can now be created and retrieved from external key management solutions by using the Key Management Interoperability Protocol (KMIP) version 1.1. Keys can be generated outside of IBM Safer Payments by using hardware or software that is designed and certified for that purpose. For performance reasons, the actual data encryption and decryption is still done in IBM Safer Payments. The data encryption key is retrieved from the KMIP server through a TLS-protected network connection. The key material is stored in a secure heap in the IBM Safer Payments memory. To retrieve a key from a KMIP server, a new KMIP master key must be created and activated in Administration > Key management > Encryption keys in the user interface. For more information, see the online help. IBM Safer Payments remains compatible with data encryption keys that were previously used. They are referred to as keygen master keys.
  • If PMML Random Forests are used, you can now add reason code outputs. Reason code outputs help explain the reason why a model made the decision that it did. For more information, see the online help.
  • Now, regular case classes use two sets of aggregation conditions instead of a single aggregation attribute. The improvement allows for finer control over the case aggregation mechanism by comparing the data of the target case on one side against the data of the new alarm on the other. For each case class, two sets of conditions can be configured. The first one is evaluated for target cases of that case class. The second one is evaluated for alarms of that case class. Both case classes must also enable case consolidation.
  • Configuration changes can now be written to journal files. These files can be used to transfer configuration changes from one IBM Safer Payments cluster to another. However, extra steps and scripts that are external to IBM Safer Payments are needed to import journal entries. For more information about transferring changes from one cluster to another, contact IBM Support or IBM Services for assistance. The journal files contain all configuration changes in plain text and might pose a security risk. Enable the configuration change journal only if necessary and protect the files from unauthorized access. If your deployment is already PCI DSS compliant, consult the PCI DSS assessors before you enable the feature. The new setting, Enable configuration change journal, is on Administration > System > Configuration > Misc > Miscellaneous.

Enhancements

  • Now, model responses can be configured to report the number of each type of model element that was run. The new setting is named Include profiling and component statistics in model responses and can be enabled per mandator.
  • Added saveWithUid endpoint to the API. It can be used with the export function when elements are transferred between environments. For more information, see the online help.
  • Introduced a cluster_id startup parameter. It can be used to allow the transfer of elements that are created in different environments. For more information, see the online help.
  • Added two new settings to the rule definition page. The first setting is a checkbox that is named Exclude from MCI responses. The setting controls whether the corresponding rule is hidden from MCI responses when it gets fired. By default, the setting is disabled and corresponds to the old behavior. The second setting is a drop down field. Use it to specify when a rule should be hidden from the Rules fired section on the case investigation page. Values are 'Never', 'Only for lower mandator investigators', and 'Always'. 'Never' is the default and corresponds to the old behavior. Since the pre-processing rules neither appear in MCI responses nor are they added to investigation cases, the new settings were not added there.
  • Now, conditions allow the following operators for text comparison: less than, less than or equals, greater than, and greater than or equals.
  • Now, IBM Safer Payments is officially supported on Red Hat® Enterprise Linux® 8.
  • External model components no longer forward attributes that are not present in the incoming transaction to an external system. However, attributes that are present in the incoming transaction but empty are still forwarded to an external system. IBM Safer Payments assigns default values to them based on the attribute's data type.
  • External model components now offer an option to capture IRIS and RulesFired metadata from a response and include them in the local response.
  • Persistent connection timeout settings are now configurable for each pair of IBM Safer Payments instance and message target address.
  • IBM Safer Payments can now dynamically select an outgoing channel configuration for an external model component based on an ID attribute. During the computation of a transaction, the external model component reads the value of the selected attribute from that transaction and tries to find a persistent connection with that ID value. If it fails, a log message is printed, and the external model component is skipped.
  • Added Forward all attributes to external model component definitions. When it is enabled, all input, output, and profiling output attributes are included in a request message. The mappings for those attributes are generated automatically during golive. They can be viewed and edited from a new tab on the Mappings page.
  • When user preferences are updated, only the changed preferences (delta) are written to FLI. Previously, the full user stream and all preferences were written to FLI to update user preferences on remote instances.
  • Added a global setting that disables download buttons in the user interface for all users. By default, the setting is not enabled (downloads are allowed). The setting is on System Configuration > Configuration > Interfaces > API.