Hardware OTP Token Support
We’ve introduced support for HOTP-based authentication using hardware tokens. This event-driven authentication method generates unique one-time passwords only when triggered by user action, making it ideal for environments where time synchronization may be challenging.
Key benefits:
Reliable authentication without time dependency
Enhanced security for offline environments
Simple, scalable solution for secure access
Enhanced SAML Security
SAML applications now support assertion encryption in addition to signing. Administrators can configure encryption settings under Advanced Options when setting up or modifying SAML applications.
Supported encryption:
RSA and AES 256 CBC encryption algorithms
RSA OAEP key transport algorithm
Accessibility Improvements
WCAG Compliance for ID Verification
Our ID Proofing Templates now meet Web Content Accessibility Guidelines (WCAG) standards, making identity verification more accessible to users with disabilities.
What’s improved:
Enhanced screen reader support with voiceover functionality
Better keyboard navigation throughout the verification process
Clearer visual indicators and improved button designs
Updated language selection display for better localization
Notable changes:
Selfie capture now uses a “Take Selfie” button instead of an overlapping icon to improve screen reader access
Consent notices are displayed as standalone links for better accessibility
Enhanced instruction messages for passport scanning
Security Enhancements
reCAPTCHA Integration
To prevent automated attacks, we’ve added reCAPTCHA verification to key areas:
Self-service passwordless onboarding for enterprise users
Verification journey creation when sending text to users
API Security Updates
Added protection against automated email invitation abuse through reCAPTCHA integration on user invitation processes.
Platform Improvements
Improved User Experience
Updated color schemes and visual design for improved accessibility
Enhanced language support with proper localization
Streamlined verification workflows
Developer & Integration Updates
New API endpoints for enhanced reCAPTCHA configuration
Improved logging structure for better troubleshooting
Enhanced OTP template language support for international users
Need help with these new features? Contact our support team or check out our updated documentation for implementation guides and best practices.
Orion Desktop Authenticator
Security fixes
Fixed an issue where sensitive user data and internal system information were being displayed in the logs of the Orion Authenticator.
Fixed an issue where sensitive device information was displayed when accessing the /systeminfo API, potentially leading to unauthorized access.
Mobile App Improvements
Streamlined Authentication Experience
The mobile app login screen now intelligently displays only your enrolled authentication methods. If you have both PIN and TouchID/FaceID enrolled, both options appear. If only one method is enrolled, only that option is shown.
Enhanced Home Screen Design
Multi-account support: Both primary and secondary accounts are now visible on the home screen
Improved layout: Account actions like Reset Password and Remove Account are displayed in an easy-to-access card format
Account switching: Tap any secondary account to set it as your primary account
Better organization: Workstation OTP is now displayed in a card layout below your account OTP
Smarter User Experience
Authentication memory: The app remembers your preferred authentication method (PIN or Touch/Face ID) for 1 minute
Better error messaging: Clear guidance when scanning QR codes for accounts that aren’t onboarded
Self-service support: New Issue Resolution Screen helps you troubleshoot common problems before contacting support
iOS-Specific Enhancements
Automatic Biometric Re-enrollment: The app now detects when your device’s TouchID or FaceID settings have changed and prompts you to re-enroll your biometrics to maintain security.
Document Verification Updates
New session status tracking for document uploads:
Expired: Session was never started by the user
Abandoned: Session was started but not completed within the time limit
Users will be notified if their verification session expires and guided to start a new one.
Platform Support
Android compatibility: Now supports Android 14 and Android 15
Enhanced security: Password visibility toggle during onboarding and authentication to reduce input errors
Developer improvements: Updated Flutter and React Native plugin support
