Newsletter Q1 2025

IBM Trusteer Pinpoint

Updated intelligence in the Pinpoint API

  • Behavioral insights information

    behavioral_insights - The behavioral insights section in the API response has been enhanced and several new behavioral biometric insights have been added that can be consumed by downstream risk engines; such as, various keystroke and session duration anomalies. See Behavioral Insights.

  • Autonomous System Number (ASN)

    device_data.network.asn - The API response now contains the ASN to identify the network connection. See Device Data - Network Attributes.

  • Source port information

    device_data.source_ports - The new parameters are available for online sessions and they can help to enable local law enforcement agencies to identify devices that are using shared external IP addresses; for example, from behind a vNAT device. See Device Data - Source Ports Attributes.

  • Call in progress indication

    device_data.mobile_attributes.is_call_in_progress - We enhanced the active call-in-progress indication so that it doesn't depend on a user permission. The new logic uses alternative mobile device indications to determine if there is an active call during a session, which is efficient at detecting scams on the mobile channel. See Device Data - Mobile Attributes.

Performance

To ensure timely responses in API risk calculations, a new feature was introduced that stops risk assessment to prevent it from overrunning and blocking future requests. When this situation occurs, the assessment_status.assessment_details field contains the value policy_did_not_complete_partial_results. See Pinpoint Assessment - Assessment Status Parameters.

Transaction Data

  • Transaction feedback

    Pinpoint was enhanced to allow customers to provide feedback about transactions using the transaction_feedback parameter in the API. For example, whether the transaction was approved or declined. See 'data' or 'l_data' Parameters.

  • Source account identifier

    We added the ability to send information about the source account when providing transaction data in the API request. IBM® Trusteer® can use this information to improve scam detection with Pinpoint and to enhance mule detection. See 'data' or 'l_data' Parameters.

Consumability

To align Pinpoint to your business terminology in Trustboard as well as in the Pinpoint API response we added the ability to define and map custom activities to the default Pinpoint activities: login, transaction, and so on. The Pinpoint API response contains your custom activity in the message.custom_activity field. See pinpoint_eval Handler Response.

Efficacy

  • To help us identify real user devices, we updated the global device ID generation mechanism for Android devices that use apps based on Mobile SDK 5.9 and later.
  • Following on from the blocking detection feature that was added in Q4 2024, we made some improvements to the feature and it is now supported using the Pinpoint API fallback mechanism.

Data retention

For Pinpoint Assure customers, the period after which some collected data is hashed has been updated to 180 days.

Web and mobile malware detection

IBM Trusteer Mobile SDK

Release of IBM Trusteer Mobile SDK 5.12.

In this release, we made the following enhancements to Mobile SDK:

Security improvements

From Mobile SDK 5.12, we added Android Archive (AAR) signing to the package release process to ensure the integrity and authenticity of the downloaded AAR file.

Data collection

In this release, we added several new data collections:

  • Device age indication
  • Location spoofing indicators
  • Device orientation indicators
  • Device proximity indication
  • Malware app information

Mobile SDK supported platform and versions

  • Mobile SDK 5.8 and later are supported.

    From 24 November 2025, Mobile SDK 5.8 and all its minor versions will became unsupported.

    From 24 December 2025, Mobile SDK 5.9 and all its minor versions will became unsupported.

    For more information, see Support Lifecycle.

  • Supported platforms (in supported Mobile SDK versions)
    • iOS - supports iOS 15 and later. From this release, Mobile SDK will not compile your app for iOS 9 or earlier.
    • Android - supports Android 10 and later
  • Supported iOS development environments: Xcode 15.4 or later (aligned with Apple)
  • Supported Android development environments: Android Studio 3.1.1 or later

IBM Trustboard

Policy Manager updates:

  • Policy Manager is now available to all customers
  • For supported attributes, you can now use the "in" operator when you create your customer rules, which allows you to select multiple values for the attribute. For example, to select a list of country codes.
  • Ruleset evaluation - In addition to the existing ruleset evaluation, you can now evaluate the ruleset and get a list of sessions that are affected by the changes to the ruleset. The list of sessions is split into two sections:
    • Extra alerted sessions: Sessions in the selected time frame for which the draft ruleset would have generated an alert.
    • Previously alerted sessions: Sessions in the selected time frame that previously generated an alert, but that would not generate an alert with the draft ruleset.
  • Access use case: You can now use Policy Manager to create access rules; that is, rules that are used for risk-based access that do not generate an alert.
  • Custom recommendations: You can create custom recommendations in Policy Manager that you use in your custom rules. You can then use these custom recommendations in your deployment for your specific use cases.

Usage reports - We added a new Usage report to Trustboard that you can use to show the number of active users; that is, the number of distinct PUIDs seen in the channel per application, or the number of connections, which is equivalent for the number of sessions.