Security by Sweden

Latest posts

PAS 5.1.2

Introducing PAS 5.1.2: Key updates to boost your digital security

We are excited to announce the release of PAS 5.1.2, which brings a range of enhancements designed to improve your security and integration capabilities. This update focuses on expanding support for Microsoft Entra ID’s new External Authentication Methods (EAM), introducing risk indication features for BankID integrations, and simplifying migrations from old authenticators to our new protocol-agnostic system.

Among the highlights, PAS 5.1.2 includes new SAML Assertion Profiles, improvements in PDF signing options, and several bug fixes to enhance overall stability and security. Important note: if you are using an external database for event logging with BankID, make sure to update your database schema to include the new riskLevel parameter for full compatibility.

This release is designed to help your organisation stay secure, efficient, and ahead in the ever-evolving landscape of digital authentication. To learn more about all the new features and technical details, check out the full release notes here.

Stay secure with PAS 5.1.2!


Maintenance release PAS 4.7.4 thumb

This release brings a host of significant improvements, focusing on security, performance, and functionality. Key highlights include enhanced QR code synchronization, critical security updates, and improved SAML support. These changes reflect our ongoing commitment to providing a secure, efficient, and user-friendly platform.

Highlights:

  1. Improved QR Code Synchronization (PHX-3475): We have completely revamped the QR code sync implementation, allowing for flexible polling intervals. This ensures that BankID QR codes remain in sync, providing a seamless authentication process.
  2. Security Enhancements (PHX-3481, PHX-3674): We have addressesd and mitigated several security vulnerabilities (CVE-2020-23064, CVE-2020-11022, CVE-2020-11023, CVE-2019-11358, CVE-2021-23337, CVE-2020-28500, CVE-2024-34342 and CVE-2024-4367). These updates significantly bolster the security of our platform, ensuring a safer environment for our users.
  3. Enhanced SAML Support (PHX-3494, PHX-3495, PHX-3496, PHX-3497): We have resolved several issues related to SAML bindings and signatures. Our SAML Service Provider (SP) and Identity Provider (IdP) can now handle inbound Redirect-binding for deflated requests, verify detached signatures, and ensure valid signatures on SAMLResponses. These enhancements improve the reliability and security of our SAML integrations.

 

For a detailed list of all changes and improvements, please read more on our release notes page.

Read full release notes


PAS 5.1.1

PhenixID is proud to announce the new release of PhenixID Authentication Services (PAS) 5.1.1. This new release includes defect fixes and addition of minor functions for the 5.1 release, and is recommended for all 5.1 installations.

Read full release notes


Bug fixes

 

The 5.1.1 release includes 21 important bug fixes for the 5.1 release, including: 

  • LDAP connections can leak upon reconfiguration
  • SAML SP will not verify detached signatures
  • Vulnerabilities mitigation
  • BankID issues

New/updated features

The 5.1.1 version also includes 15 improvements adding value to your solution. Improvements includes for example:

  • Possibility for the administrator to decide behavior when visible signature cannot be added
  • Signature assignements in PhenixID OneTouch
  • NiAS, SITHs and FIDO2 protocol agnostic authenticators

    PAS 5.1.0

    PhenixID is proud to announce the new release of PhenixID Authentication Services (PAS) 5.1.0. The new release improves the stability, compatibility, and security of your solution, and is recommended for all installations.

    Read full release notes


    HIGHLIGHTS

     

    The 5.1.0 version introduces a new way of configurating Authenticators, exceptionally simplifying for administrators by giving more control of authentication flows. In addition to this, increased built in support for SAML and OIDC protocols and updated guides for configuration makes this 5.1.0 release something that will not just make PAS more secure but also reduce complexity. 

    Authenticators architecture

    Clear separation of protocols versus authentication methods, new simplified configuration guides to support easier and faster configuration. Read more about how this will make the administrators life easier here.

     

    OpenID Connect support

    Significantly more OIDC functionality now available “out-of-the-box” in code instead of via manual configuration. Also some new OIDC support not previously possible, e.g Hybrid Flow support. Link to documentation here.

     

    SIGN transaction for BankID and Freja EID

    Force a SIGN request to BankID or Freja eID with clear information to the user on the intention of signing.


      © 2024 PhenixID AB. All Rights Reserved.