Hardware OTP Token Support

We’ve introduced support for HOTP-based authentication using hardware tokens. This event-driven authentication method generates unique one-time passwords only when triggered by user action, making it ideal for environments where time synchronization may be challenging.

Key benefits:

  • Reliable authentication without time dependency
  • Enhanced security for offline environments
  • Simple, scalable solution for secure access

Enhanced SAML Security

SAML applications now support assertion encryption in addition to signing. Administrators can configure encryption settings under Advanced Options when setting up or modifying SAML applications.

Supported encryption:

  • RSA and AES 256 CBC encryption algorithms
  • RSA OAEP key transport algorithm

Accessibility Improvements

WCAG Compliance for ID Verification

Our ID Proofing Templates now meet Web Content Accessibility Guidelines (WCAG) standards, making identity verification more accessible to users with disabilities.

What’s improved:

  • Enhanced screen reader support with voiceover functionality
  • Better keyboard navigation throughout the verification process
  • Clearer visual indicators and improved button designs
  • Updated language selection display for better localization

Notable changes:

  • Selfie capture now uses a “Take Selfie” button instead of an overlapping icon to improve screen reader access
  • Consent notices are displayed as standalone links for better accessibility
  • Enhanced instruction messages for passport scanning

Security Enhancements

reCAPTCHA Integration

To prevent automated attacks, we’ve added reCAPTCHA verification to key areas:

  • Self-service passwordless onboarding for enterprise users
  • Verification journey creation when sending text to users

API Security Updates</h4?
Added protection against automated email invitation abuse through reCAPTCHA integration on user invitation processes.

Platform Improvements

Improved User Experience

  • Updated color schemes and visual design for improved accessibility
  • Enhanced language support with proper localization
  • Streamlined verification workflows

Developer & Integration Updates

  • New API endpoints for enhanced reCAPTCHA configuration
  • Improved logging structure for better troubleshooting
  • Enhanced OTP template language support for international users

Need help with these new features? Contact our support team or check out our updated documentation for implementation guides and best practices.

Orion Desktop Authenticator

Security fixes

  • Fixed an issue where sensitive user data and internal system information were being displayed in the logs of the Orion Authenticator.
  • Fixed an issue where sensitive device information was displayed when accessing the /systeminfo API, potentially leading to unauthorized access.

Mobile App Improvements

Streamlined Authentication Experience

The mobile app login screen now intelligently displays only your enrolled authentication methods. If you have both PIN and TouchID/FaceID enrolled, both options appear. If only one method is enrolled, only that option is shown.

Enhanced Home Screen Design

  • Multi-account support: Both primary and secondary accounts are now visible on the home screen
  • Improved layout: Account actions like Reset Password and Remove Account are displayed in an easy-to-access card format
  • Account switching: Tap any secondary account to set it as your primary account
  • Better organization: Workstation OTP is now displayed in a card layout below your account OTP

Smarter User Experience

  • Authentication memory: The app remembers your preferred authentication method (PIN or Touch/Face ID) for 1 minute
  • Better error messaging: Clear guidance when scanning QR codes for accounts that aren’t onboarded
  • Self-service support: New Issue Resolution Screen helps you troubleshoot common problems before contacting support

iOS-Specific Enhancements

Automatic Biometric Re-enrollment: The app now detects when your device’s TouchID or FaceID settings have changed and prompts you to re-enroll your biometrics to maintain security.

Document Verification Updates

New session status tracking for document uploads:

  • Expired: Session was never started by the user
  • Abandoned: Session was started but not completed within the time limit

Users will be notified if their verification session expires and guided to start a new one.
 

Platform Support

  • Android compatibility: Now supports Android 14 and Android 15
  • Enhanced security: Password visibility toggle during onboarding and authentication to reduce input errors
  • Developer improvements: Updated Flutter and React Native plugin support