Release Notes RSA® Adaptive Authentication (On-Premise) Version 14.0.2.1 Release Notes March 2019 This document lists what's new and changed in RSA Adaptive Authentication (On- Premise) 14.0.2.1, as well as workarounds for known issues. These Release Notes can be updated. The most current version is available on RSA Link. l What's New in RSA Adaptive Authentication 14.0.2.1............................................. 2 l Supported Platforms.............................................................................................. 4 l Supported Browsers and Operating Systems......................................................... 5 l Fixed Issues............................................................................................................ 8 l Fixed Documentation Issues.................................................................................. 12 l Known Issues.........................................................................................................14 l RSA Adaptive Authentication Documentation........................................................17 l Support and Service..............................................................................................19 Release Notes What's New in RSA Adaptive Authentication 14.0.2.1 RSA Adaptive Authentication (On-Premise) 14.0.2.1 includes these new features, enhancements, and changes. Changes in Version 14.0.2.1 (March 2019) New feature support for omnichannel fraud protection: RSA Adaptive Authentication (On-Premise) 14.0.2.1 now includes omnichannel fraud protection, which enables the application to provide centralized fraud detection and prevention across channels, such as Web, Mobile, ATM, IVR, Call Center, and Branch. This feature uniquely blends multiple RSA Adaptive Authentication components to provide omnichannel protection. With omnichannel protection, customers can send traffic from different channels and RSA provides fraud detection and prevention for each channel. This includes cross channel correlation and analysis providing a holistic view of user activities across the different channels used. Transactions from new channels are integrated into RSA Adaptive Authentication using the existing API fields to send the common data elements, such as user account and payee, and the custom facts fields to send the channel specific data. This feature provides: l API integration through the different channel types in the applicable method (see Web Service API Methods in the API Reference Guide). l Risk-based decisioning powered by the RSA Risk Engine, which provides risk assessment for the additional channels with cross-channel analysis. l For channel specific data to be included in the risk assessment, customers can use Risk Score Custom Facts that are associated with the different channel types (see Custom Fact Parameters in the Back Office User Guide). l Flexible rules-based policy management, which is channel oriented in the rule creation (see Managing Policies in the Back Office User Guide). n New channel indicator mechanism when creating a rule: When creating a rule in the Policy Management application, the channel indicator is now set in the Manage Rules > New > New Rule > General page as opposed to the Conditions page. This change implements new channel indicator logic. After upgrading to the current RSA Adaptive Authentication (On- Premise) 14.0.2.1 version, all existing rules that were created before the upgrade will automatically have their channel type set to MOBILE and WEB. In addition, rules created using the previous channel indicator mechanism before the upgrade will not be editable. To edit an existing rule, created using the previous channel indicator mechanism, you can delete the old rule and create a new one with the new channel indicator mechanism. For more information, see the Channel Types, Add a Rule, Edit a Rule, and General Rule Parameters sections in the Back Office User Guide. 2 RSA Adaptive Authentication (On-Premise) 14.0.2.1 Release Notes Release Notes Note When upgrading, you must run the rsa-rule-channel-migration utility to disable any rules that contain a condition associated to a channel indicator based on the previous channel indicator logic. For more information about the upgrade and utility, see the Upgrading Adaptive Authentication chapter and Run the rsa-rule-channel-migration Utility section in the Installation and Upgrade Guide. l Ability to investigate omnichannel cases leveraging the channel indicators in the Case Management application (see the Device Details Fields and Advanced Tab Fields sections in Managing Cases in the Back Office User Guide). n New support for omnichannel filtering in the Research Activities page in the Case Management application: It is now possible to filter the user activities by Channel Indicator in the Filters Activities section in the Research Activities page of the Case Management application. Once the filter is applied, the results are listed in a table in the Activities section of the page, where a new column called Channel has been added to the table. For more information, see Research Activity Filters in the Back Office User Guide. l Ability to view the particular channel used to conduct the transaction, in the end-user activities for the past 90 days, using the Customer Service application (see User Activity History in the Back Office User Guide). l Reports including omnichannel metrics. For more information on these reports, see the Raw Data Reports Guide and Managing Reports in the Back Office User Guide. n New support for omnichannel metrics in the Billing Report: RSA Adaptive Authentication (On-Premise) now includes, in the Reports application of the Back Office, omnichannel metrics in the Billing Report. The Transactions section of the Billing Report now displays the number of transactions per channel, the monthly transactions trend by channel, and the transactions by organization per channel. In addition, the Active Users section of the Billing Report includes a break down of the number of active users per channel, the monthly active users trend by channel, and the number of active users by organization per channel for the selected month. These new omnichannel metrics are also included when the Billing Report is exported to a CSV file. For more information about the Billing Report and these changes, see Billing Report in the Back Office User Guide. New Single Sign-on (SSO) support with the SHA-256 algorithm: RSA Adaptive Authentication (On-Premise) now supports the SHA-256 algorithm for Single Sign-on (SSO). For more information about integrating Single Sign-on with the Back Office applications, see Single Sign-On Integration in the Integration Guide and Single Sign-on (SSO) in the Back Office User Guide. Enhanced sorting capabilities in the Case Management application: The enhancements related to sorting in the Case Management application include: l Research Activities sorted by date: The activities listed in the Research Activities page in the Case Management application are now sorted by date What's New in RSA Adaptive Authentication 14.0.2.1 3 Release Notes from most recent. For more information, see Research Activities in the Back Note Office User Guide. l View the Queue page columns can be sorted: It is now possible to sort various columns, such as Date Modified and User ID, for the case details displayed in the View the Queue page in the Case Management application. For more information, see View the Queue Page in the Back Office User Guide. Enhancement to Policy Management list values: List values added to a list, in the List Content section of the Manage Lists page in the Policy Management application, are now sorted by the Value column in alphabetical order. For more information about adding a value to a list, see Add a Single Value to a List in the Back Office User Guide. New Back button added to the View Case page in the Case Management application: A Back button has been added to the View Case page in the Case Management application. This enables users to navigate back to the list of results that were originally retrieved from either the Research Activities or View the Queue pages. For more information on this page, see View Case Page in the Back Office User Guide. New Enable Device Manager Audit checkbox added to the Device Management section of the Administration Console: Using a superAdmin role in the Administration Console, Device Management section, you can now set whether audit data for a device is collected to help debug the device manager flow by selecting the Enable Device Manager Audit checkbox. For more information, see Device Management Parameters in the Back Office User Guide. Supported Platforms There are different hardware, operating system, and work environment requirements to install RSA Adaptive Authentication (On-Premise) 14.0.2.1. All components should be installed on a Linux environment, and only the MSSQL Server should be installed on a Windows machine. Operating Systems RSA Adaptive Authentication (On-Premise) 14.0.2.1 supports these operating systems using a x86-64 architecture: l Microsoft Windows Server 2012 R2 Datacenter 64-bit Some versions of Microsoft Windows have a vulnerability in HTTP.sys that can allow remote code execution. For more information about the vulnerability, see Microsoft Security Bulletin MS15-034. RSA recommends that, if you use one of the affected operating systems, you apply the patch released by Microsoft. For more information about the patch, see Microsoft Knowledge Base Article