Announcement for our VERISEC mobile token customers

We would like to inform you about the upcoming changes in the VERISEC Mobile Token. We will release a new version on Google Play and App Store in early February. Please be ready to notify your end users that the application will need to be updated when the new versions become available.

The application communicates with our backend servers known as MDS. As an additional security measure to protect against malicious attacks a certificate pinning is performed during the TLS handshake. On February 19th, the certificate used in the pinning process will expire. We will update the certificate with this release to avoid any negative customer impact.

Customer Impact

On February 14th, we will renew our MDS certificate. Once the certificate is renewed, the customers with the old library version will experience the following:

  • New users provisioning/registration will not be possible
  • Existing users will not be able to renew their certificate renewal on your MASS servers

Timeline:

  • January 26th – New version of VERISEC Mobile Token Application with the new certificate will be released for both Android and iOS.
  • February 14th – Certificate will be changed on the MDS service to the new one.
  • February 18th – The previous certificate expires.