Change log

IBM® Safer Payments 6.7.0.01 includes defect fixes, APARs, and changes.

Critical defects

The following critical defects were fixed:

  • None

Major defects and changes

The following major defects were fixed and major changes were made:

  • When you manually mark transactions as fraudulent or genuine, for example, on Investigation > Queries > Queries > [query] > Query results, the notification's file content might be wrong. Depending on the selected test data, the problem might also occur when you click Save and create test notification on Administration > External system integration > Notifications > [Notification]. Only notifications of type file are affected. The problem occurs when text attributes are used in the message template. On version 6.7.0.00, the output file contains the message text only up to the first text value. In versions before 6.7.0.00, the complete file is output. However, it contains one or more null characters after each value of a text attribute.
  • On Administration > System > URID namespaces, creating and deleting URID namespaces takes a long time if deferred writing is enabled.
  • Updated the elliptic, path-to-regexp, and dompurify packages to fix known security vulnerabilities.
  • On Cluster > System monitoring > Settings > Interfaces > Application Programming (API), added Fallback URL. Use it to specify, for example, a reauthorization page. If a request is answered with a 401 authorization error, you are redirected to the fallback URL after five seconds. A 401 authorization error might occur, for example, when IBM Safer Payments is used with a reverse proxy.
  • On Investigation > Queries > Masterdata query > [query] > Masterdata name, when you edit a masterdata value, only hexadecimal values are allowed. The problem occurs only if the attribute is encrypted in memory. It also occurs on Investigation > Investigation > Case selection > [case] > Masterdata name.
  • The end-of-day (EOD) job might stop when it archives cases if, at the same moment, a user closes the case investigation page (APAR PO10171).
  • On Model > [revision] > Data model > Inputs > [attribute] > Categories, an error occurs if you double-click a cell in the Encoding or Fraud column. The same problem occurs on Investigation > Queries > Queries in the Fraud column if direct fraud marking is used (Known Issue DT393963).
  • When a golive performs index changes that enable masterdata query conditions and you add new elements or users before it finishes, remote instances might be invalidated when they run the golive (Known Issue DT392260).
  • When you run a re-golive for a retired revision, the PMML model is empty and does not compute (APAR PO09886).
  • If SSL is enabled on MCI, a brief MCI connection might remain indefinitely open. A brief connection occurs if it is opened and immediately closed. A massive number of brief connections causes MCI to deactivate and print an error message in the logs (Known Issue DT394259).
  • On Investigation > Queries > Queries, calendar profile values might be zero after a golive is run or the system is restarted. The problem also occurs for cases and message responses that are processed by IBM MQ, MCI (message command interface), or BDI (batch data interface). It occurs if historical data is loaded or a timestamp in the future exists (Known Issue DT387020).
  • In rare situations, incorrect values are stored for events and device identifications. The result is then wrong output attribute values. The problem occurs if deferred writing is used. The values display on Investigation > Queries > Queries and other menu items (Known Issue DT392933).
  • If you import a configuration change journal that contains changes to mappings, the import stops. A DUPLICATE_MAPPINGS error message is printed to the log file.
  • On Investigation > Queries > Queries, a crash might occur if you repeatedly click the Save and execute icon. Now, the icon is disabled after the first click. The same problem occurs for Investigation > Queries > Group by queries, Reporting Queries, and Common point queries (Known Issue DT389924).
  • Now, you can define individual start times for the end-of-day job on an instance level. On Administration > System > Configuration > Misc > Miscellaneous, added Define EoD time per instance.
  • When many masterdata definitions are applied to transactions, performance slows down.
  • On Investigation > Investigation > Case search, the case table is not refreshed when the page opens. The same problem occurs on Investigation > Investigation > Case selection (Known Issue DT389975).
  • When you apply a filter in a table, if the filter includes text and spaces, the spaces are ignored.
  • On Cluster > System monitoring > Settings > Interfaces > Message Command Interface (MCI), an error log message is printed if an error in the TCP connection occurs. The error message text does not clearly describe the problem.
  • The application might stop responding if you click Dashboard while the end-of-day (EOD) job is running (Known Issue DT390790).
  • During a restore, the instance might shutdown when the recipient instance finishes deleting files. The restore process then stops. Contact IBM support immediately (APAR PO10167).
  • Backtrace files are hard to find and sometimes incomplete. Also, they are missing from the configuration export in Cluster > System monitoring > System internals > General information > Download IBM Safer Payments configuration.
  • An instance might stop if a modeling workflow starts the step of initializing the rule designer while a golive is running (APAR PO10078).
  • On Administration > System > Configuration > Interfaces > HTTP Requests, the Enable gzip for API requests setting is now disabled for new installations. If it is enabled, data for attributes that are encrypted in memory are visible in memory dumps. If such attributes are not used, the setting can be enabled. API performance might then improve.
  • On Model > [revision] > Data model > Inputs , the text information for memory-encrypted hexadecimal attributes is insufficient. The text for Universe and the tooltip for Length are both insufficient.
  • A crash might occur if you change the master key on a cluster that has masterdata that is encrypted in memory.
  • On Monitoring > Defined risk lists > Defined risk list entries, when you create a new entry, it can be enabled or disabled before it is saved.
  • On Model > [revision] > Modeling > Model factory > Model training > Generated Rules, the table does not show verification data when the Show generated conditions as popup option is enabled.

Minor defects and changes

The following minor defects were fixed and minor changes were made:

  • When a duplicate mapping is found, the log message omits the revision information. The revision information states whether it is a champion, challenger, or retired. Without it, debugging is more difficult.
  • On Administration > Dashboard settings > Status alarm indicators > [indicator] > Email, the application might stop responding when you enter email details. The problem might also occur on Administration > External system integration > Notifications. It might also occur on Administration > Case management > Case actions.
  • On Investigation > Queries > Reporting queries, a JSON validation error might occur for numbers that result in negative or positive infinite values (Known Issue DT390202).
  • On Monitoring > Compliance > Ad hoc check, strict matching is used when you search for values that contain hyphens and spaces. For example, if Hassan Al-Zumur is on the list and you search for Hassan Al Zumur, no match is returned. Now, you can influence the matching algorithm with the new Handle dashes as whitespace checkbox. It is located on Administration > System > Configuration > Investigation & queries > Monitoring > Compliance monitoring
  • Defined risk lists are not written to file in valid JSON format.
  • The online help is missing a statement that not all HTTP/1.1 features are supported. Specifically, chunked encoding is not supported.