Newsletter Q2 2024

IBM Trusteer Pinpoint

Efficacy

  • To improve the collection of the customer session ID (CSID), Pinpoint has been enhanced to support running the unified callback function earlier in the user flow by default.
  • We enhanced Pinpoint such that it can now detect whether a web session ran in an Incognito or Private Browsing window.
  • We exposed a field to Trustboard from the Pinpoint API response to indicate whether the assessment completed fully, or the reason why it did not.

Feedback loop API

We added the ability to send the puid in requests to the feedback loop API, which can help to assist in mitigating cases where there is more than a one PUID for a given CSID.

Monitoring

We enhanced the monitoring capabilities to detect unexpected behavior or deployment issues.

Performance, stability, and compliance

We made changes in this quarter to improve several aspects in Pinpoint:

  • Improved the session reset process to make sure that every session uses the latest configuration.
  • To help reduce warnings in web browser consoles, Pinpoint now sets the SameSite parameter on all cookies by default.
  • Added internal caching to improve Pinpoint performance when running Pinpoint policies.
  • In accordance with Google's third-party cookies deprecation roadmap https://developers.google.com/privacy-sandbox/overview, IBM Trusteer have implemented the Cookies Having Independent Partitioned State (CHIPS) https://developers.google.com/privacy-sandbox/3pcd/chips solution for Pinpoint third-party cookies. All IBM third-party cookies now include the Partitioned header.
  • To improve the Pinpoint API response time, Pinpoint now enforces a 45-minute time limit for sessions with no new collections. Pinpoint API requests for non-active sessions that occur after the time limit will return CSID not found unless your deployment uses 'run without CSID'.

Web and mobile malware detection

Our web and mobile researchers detected and released notifications for the following new malware campaigns that attack several different regions:

IBM Trusteer Mobile SDK

Release of IBM Trusteer Mobile SDK 5.10.

In this release, we made the following enhancements to Mobile SDK:

Using React with Mobile SDK

Mobile SDK now uses an Android Archive (AAR) file for deployments that use React-Native.

PUID lifecycle behavior change

From Mobile SDK 5.10, TasFinalize, TasStop, and TasRaDestroySession reset the PUID. To include the PUID in the new session, you must call TasSetPUID.

Data collection

In this release, we added several new data collections:

  • Device risk indicators
  • Application information
  • Input information

Mobile SDK supported platform and versions

  • Mobile SDK 5.6 and above are supported.

    From 1 September 2024, Mobile SDK 5.6 and all its minor versions will become unsupported.

    For more information, see Support Lifecycle.

  • Supported platforms (in supported Mobile SDK versions)
    • iOS - supports iOS 15 and later
    • Android - supports Android 9 and later
  • Supported iOS development environments: Xcode 15.0 or later (aligned with Apple)
  • Supported Android development environments: Android Studio 3.1.1 or later

IBM Trustboard

  • TMA sunset - IBM Trusteer completed the migration of the feeds configuration functionality from Trusteer Management Application (TMA)
  • Saved reports - We added a new feature that you can use to save Alerts and System reports with specific filtering and visualization options.
  • Session Status - We added several new features to the Session Status page:
    • Added Mobile SDK collection indications for CSIDs from the mobile channel.
    • When a session includes Pinpoint API data, the policy response table now includes two new columns to indicate the policy invocation type and the assessment details.
    • The Session info tab on the session status page now contains an extra field that identifies the PUID collection method, when it is available.
  • Export to CSV - When you export the session or alert data, you can select in the Preferences menu whether to export all columns or only visible columns that appear in the table.
  • Alert rate report - The Alert rate report was moved from Alerts to System on the Reports page.
  • Transaction type filter - A new filter is available on both the Risks and Reports pages that you can use to filter by transaction type.
  • Search results changes - When you search in Trustboard, the search results now contain a Transactions tab that includes transaction information. This tab also contains target account information, which replaces the Target Accounts tab.