Netcetera 3DS Server - Release Notes - Version 2.9.0.0

Overview

Published: 20.12.2023

Version 2.9.0.0 is a major release of the Netcetera 3DS Server.

For documentation about this release please refer to the documentation site.

Compatibility

This version is NOT backwards compatible with previous versions of the Netcetera 3DS Server.

Important notification

Elasticsearch client will be removed in the major release planned for the end of Q2 2024. For customers using Elasticsearch as a storage for transactions data, it is highly recommended to migrate the data and traffic to OpenSearch prior to installing the above mentioned release version. Find more information on OpenSearch advantages, compatibility and migration in the OpenSearch documentation page.
In line with the sunset of 3DS 1.0 protocol version applied globally by all major Schemes (Card Networks), Netcetera 3DS Server will stop the support of this protocol version and 3DS 1.0 artifacts will be removed from the product in the next major version.
New Versioning V4 API endpoint was introduced in v2.8.1.0 for better visibility of Schemes in which ranges the card was found and easier integration. The /3ds/v3/versioning endpoint will be removed in the next major version.
The Eureka Service Discovery is removed in this release thus resulting in the 3DS Admin having no more the responsibility to notify the 3DS Server(s) about configuration changes. Starting from this release, the 3DS Admin only validates and updates the configuration in the underlying storage and it is the 3DS Server(s) themselves that take care of reloading their configuration. This is achieved by having a scheduler that, on a configurable interval of time (the default is each minute), checks if there are changes in the configuration in the underlying storage and reloads them. With that in place, once a user makes configuration changes in the 3DS Admin, the 3DS Server will reload them with the next interval reload. This feature was introduced in release 2.5.3.0, but now it is made a default behaviour. Customers do not have to explicitly enable this feature because from this release it is enabled by default.

As a result of the Eureka Service Discovery being removed, the Statistics tab is also removed. We believe that this tab didn't bring value since it was using actuator endpoints which shouldn't be publicly exposed out of security reasons. Both the 3DS Server and Admin expose quite rich metrics information that could be visualised in more advanced monitoring systems in more efficient and visually attractive way.

With this change, the validate and reload mechanism is much simplified, the 3DS Admin does not rely on an external library for this reason anymore and the 3DS Admin has no more the responsibility to notify the Server for configuration changes, thus its "work" is simplified.

The 3DS Admin actuator endpoint /reloadConfiguration that was used for validating the configuration, updating it in the underlying storage and notifying the 3DS Server instances to reload the updated configuration is now renamed to /validateAndUpdateConfiguration and is used only for validating the configuration and updating it in the underlying storage. This 3DS Admin no more notifies the 3DS Server instances to reload the configuration on this endpoint.
The deprecated 3DS Admin built-in users' authentication (i.e. internal mode of users' authentication) is removed and customers need to use external OIDC provider for authenticating their users. More information can be found under3DS Admin OIDC support.
Please note that we do no longer support IE11. Admin UI is based on Angular, and the supported browser versions are directly linked to the Angular versions. We regularly update our Angular versions to be up to date with the latest dependencies and minimize any potential risk for vulnerabilities.

Upgrade Notes

The Elasticsearch Java REST Client has been succeeded by the Java Client, with the current version being 8.7.1. The Elasticsearch Java Client is forward compatible; meaning that the client supports communicating with greater or equal minor versions of Elasticsearch Server.
A new property, springdoc.swagger-ui.enabled, has been introduced to enable or disable the default Swagger UI endpoint, which is /swagger-ui.html.

Renamed 3DS Server and 3DSS Admin UI configuration properties:

Old name New name
spring.elasticsearch.rest.* spring.elasticsearch.*
management.metrics.export.cloudwatch.* management.cloudwatch.metrics.export.*
management.metrics.export.prometheus.* management.prometheus.metrics.export.*
management.prometheus.metrics.export.pushgateway.enabled sb-auto.ama.prometheus.enabled
management.prometheus.metrics.export.pushgateway.push-rate sb-auto.ama.prometheus.push-rate
management.prometheus.metrics.export.pushgateway.base-url sb-auto.ama.prometheus.endpoint1, sb-auto.ama.prometheus.endpoint2
management.prometheus.metrics.export.pushgateway.job sb-auto.ama.grouping-key.job
spring.redis.* spring.data.redis.*

The following configuration properties are deprecated:
- management.prometheus.metrics.export.pushgateway.shutdown-operation
Property spring.datasource.driver-class-name is removed, the driver is automatically registered via the SPI and manual loading of the driver class is generally unnecessary. See details about the properties in the 3DS Server Configuration Properties.

Old name	New name
spring.elasticsearch.rest.*	spring.elasticsearch.*
management.metrics.export.cloudwatch.*	management.cloudwatch.metrics.export.*
management.metrics.export.prometheus.*	management.prometheus.metrics.export.*
management.prometheus.metrics.export.pushgateway.enabled	sb-auto.ama.prometheus.enabled
management.prometheus.metrics.export.pushgateway.push-rate	sb-auto.ama.prometheus.push-rate
management.prometheus.metrics.export.pushgateway.base-url	sb-auto.ama.prometheus.endpoint1, sb-auto.ama.prometheus.endpoint2
management.prometheus.metrics.export.pushgateway.job	sb-auto.ama.grouping-key.job
spring.redis.*	spring.data.redis.*

Version-specific and spatial-specific dialects are deprecated

As of Hibernate 6.0, dialects can detect and adapt to the version of the database in use and its spatial capabilities. As a result, version-specific dialects (e.g. org.hibernate.dialect.PostgreSQL95Dialect) or spatial-specific dialects (e.g. org.hibernate.spatial.dialect.postgis.PostgisPG94Dialect) should no longer be used. Use these dialects instead, and ignore their deprecated subclasses:

- org.hibernate.dialect.PostgreSQLDialect
- org.hibernate.dialect.MySQLDialect
- org.hibernate.dialect.OracleDialect
- org.hibernate.dialect.SQLServerDialect

Changes

New Features

The existing method initiateSPCAuthentication from the Netcetera 3DS Web SDK now include an automatic timeout of 60 seconds for handling SPC authentication, preventing incomplete transactions due to abandoned or neglected authentication processes. For more information, check this page.
Introduced OpenSearch as transactions log storage. 3DS Server and 3DS Server Admin application can be configured to use OpenSearch to store and search transaction logs history. Using OpenSearch as a log storage instead of SQL is advised in case of high number of incoming transactions. Find more information in the OpenSearch documentation page.

Improvements

Extended the manual preparation request execution endpoint to receive a new forceFullCardRangeUpdate parameter which will determine on whether a full update of the card ranges should be enforced.
The method initiateSPCAuthenticationWithProvidedPurchaseCurrency has been removed from the Netcetera 3DS Web SDK, as the latest EMVCo 2.3.1.1 standard will be universally adopted, rendering this method obsolete.
Improved the OpenAPI files with marked required fields.
Admin UI / Organization Management: OIDC Issuer URL has to comply with OpenID Connect 1.0. You can read more on the Different OIDC providers in a multi tenant setup page.
3DS Server Dashboard has been removed and most of the information from the Dashboard have been added in the corresponding actuator endpoints. The configuration actuator endpoint /admin/dashboard/actuator/configurations has been extended with tenant configuration. The licence actuator endpoint /admin/dashboard/actuator/license-usage has been extended with more info like licence valid until, licence holder, etc.
Removed actuator endpoint /transactions from 3DS Admin UI. The number of transactions can be collected by monitoring systems that collect metrics from 3DS Server without adding additional load to the transaction storage service.
There are no changes in Mada Specification version 1.5 and 1.5.1 related to the 3DS Server. Netcetera 3DS Server is compliant with Mada specification version 1.5.1.

Bug Fixes

The issue with the default value for checkbox filters on Transaction Search in the Admin UI has been resolved, ensuring that false is now correctly sent in the search request when the checkbox is not selected, replacing the previous behavior of sending a null value.
Fixed Admin UI issue where the message indicating no results would inaccurately appear despite finding transactions when users search by Transaction ID.
Fixed the validation for the eci field within the Results Requests for JCB scheme. This validation will now activate specifically when the message category is Payment, and the transaction status in the Results Request is either Yes or Unavailable.
Fixed Admin UI issue where information regarding VReq messages was not displayed when searching transactions by ID, for transactions where VReq was sent.
Fixed protocol messages logging in case there is an 'Erro' message without threeDSServerTransId present.
Removed the blank spaces from the iFrame attributes in the nca-3ds-web-sdk causing DOMException when iFrame is created.