Release Notes

Version 2.0

New Features:

  • New SDK architecture allowing dynamic updates of runtime app threat analysis
  • Various security enhancements in the SDKs and facilities for gathering of threat analysis from live installations
  • Changes to SDK interfaces to create more consistency between the iOS and Android versions
  • Improved error reporting and status logging from Approov token fetching
  • Optimization of SDK network access to reduce number of transactions and size of data transmitted
  • New dynamic pinning approach leveraging standard public key pinning, allowing easier app integration and availability of pins on app startup without network access
  • Range of administration tool features to gather and manage public key pins
  • Over the air secure updates to pins and Approov networking rules
  • Migration to a new command line tool for administration of accounts
  • Support for registration of iOS and Android apps across all OS platforms (no dependency on Android Studio or iOS Xcode installation)
  • Option for single command deletion of multiple unused app registrations
  • Direct user adminstration of security policies
  • Per device setting of security policies and pinning modes, including blacklisting and whitelisting specific devices
  • Access to latest SDKs via administration tool with upgrade messages when new versions available
  • Facilities for creating example Approov tokens for testing
  • Facilities to check the validity of particular Approov tokens
  • Facilities for generating customized long lived Approov tokens
  • User issuance and revocation of management tokens to administrate the account
  • Option for user initiated update of Approov token secret
  • Support for encrypted (JWE) Approov tokens
  • New offline measurement mode functionality to allow attestation of app to a remote device when neither is Internet connected

Version 1.12

New Features:

  • Added payload capability to add your content to the generated token

Fixes:

  • Change Android APK registration to avoid the v2 signing block while generating the app signature. This makes new registrations work with the soon-to-be-released Google Play signing behaviour

Version 1.11

New Features:

  • Architecture banning
  • Emulator detection
  • SDK hardening

Version 1.10

New Features:

  • Man in the Middle detection
  • Improved rooted device detection
  • Detect function hooking frameworks
  • Android 8 (Oreo) support
  • New ‘did’ token claim containing device ID.

Deprecations:

  • The fetchApproovToken() and fetchApproovTokenandWait() interfaces without URL/hostname parameters are deprecated on all platforms. You should now supply a valid hostname string or null when fetching a token.
  • The ‘ad’ token claim is now obscolete.

Version 1.9

New Features:

  • Internal SDK library improvements

Version 1.8

New Features:

  • Time limited registrations
  • Removed dependency on external tools for registration
  • Admin Portal support for Safari browsers on macOS/OSX
  • Bug fixes for Admin Portal on Microsoft Edge browsers
  • Deprecation of app-repackaging support in Android and iOS SDKs
  • Client side bug fixes and stability improvements

Version 1.7

New Features:

  • Failover mechanism on both server and client side enabling more robust service
  • Client side bug fixes and stability improvements

Version 1.6

New Features:

  • Breaking change: New callback-based API for Approov token fetch notifications in Android and iOS clients
  • Synchronous Approov token fetch API in Android and iOS clients
  • Client-side iOS support for iOS 10, Xcode 8 and Swift 3

Version 1.5

New Features:

  • Server-side bug fixes, stability and performance improvements

Version 1.4

New Features:

Improve Android notification mechanism, alter registration mechanism so that registration of BroadcastReceiver is done via the ApproovAttestation class Server-side bug fixes, stability and performance improvements Known Issues:

Version 1.2

New Features:

  • Health Check API added
  • Server-side bug fixes, stability and performance improvements

Known Issues:

  • Token Intents are broadcast globally

Version 1.0

Initial version