Release Date: 15-Oct-2020
Firstly, welcome to the new form release note for the Frankie Financial service. Instead of sending out a PDF file, we decided to move the release information closer to our customer support and service portal. We've also made some changes for developers too, read on for more...
This release updates the following modules:
- Service Core: v5.6.0
- Portal: v5.6.0
- Smart UI v2.5.0
New Developer Hub
We're extremely pleased to announce the general availability of our new developer hub at:
This new service combines the OpenAPI definition along with the developer guides that used to be found here in our Zendesk portal into a single point of contact for our customers. It also has a Q&A forum where you can ask questions and leave feedback too. We hope you'll find it useful. Check in regularly too as we're always adding new content.
If you have any suggestions on further content you would like to see please let us know.
Service Core Changes
Support for verification via bank accounts
You can now supply a link to an entity's third-party bank account and we can use that to verify name and address details. This is especially useful for our lending customers.
You enable this by adding a new document with the type: BANK_ACCOUNT
You'll also supply access keys (which we delete after use) for us to contact your banking service to query the account holder details.
NOTE: We do NOT, under any circumstances query account transaction information, only the personal details to verify they match the details supplied or existing on file. Once we have verified this data, we securely delete the access keys and never store them in our service.
This feature is via the Basiq service - contact your account manager if you want to enable this.
We've not made any major changes to the portal in this release, apart from some bug fixes (we've been working on some major new changes though, watch this space in upcoming releases).
Smart UI Changes
Full Onfido IDV Capture Support
The Smart UI now fully supports capturing Australian drivers licences and all country passports for document validation and facial matching. See the Smart UI documentation here for details on how to set this up.
In the cases where KYC/AML checks fail such that you cannot progress without the intervention of customer service, there is a new configuration that allows you to customise text, calls to action and other features. See the Smart UI configuration documentation for more details.
"Lazy" ID Check
If you don't actually require an ID check, you can prevent the Smart UI from asking for an ID unless we're unable to get a KYC match on non-government ID sources. See the Smart UI configuration documentation for more details.
If your service doesn't require an address check, you can switch off the address input section.
See the Smart UI configuration documentation for more details.
We've updated the API to v1.5.0
There are no backwards compatibility issues.
New Document Type
We added the new BANK_ACCOUNT document type to support checking your name and address against a 3rd party bank account (see above)
New KVP Types
We've added a new KVP type called "transient.string". You can use this new type to send us data that will only be available for the life of the API call. After that, it is deleted and never saved to the database.
We've also updated the documentation embedded in the specification as part of the move to our new developer hub.
Bugs / Issues Addressed
Under some circumstances, user password history was not being properly checked, allowing for repeat passwords. This has now been fixed.
Password Reset Limit
In order to prevent password reset spamming, we've limited the number of reset emails per hour to 5 per user.
Remove the Date of Birth edit lock
When we originally built the portal we would lock "known-good" details in the portal from editing. This was mainly a protection measure to stop people trying to modify details to force an entity to pass with mismatched credentials.
However the service has long since dealt with this by simply invalidating any past check results when an entity's attributes are changed. We've removed this lock from the portal to give back control to our customers to be able to handle the occasional cases where date of birth mismatches have occured.
- There are no known negative performance impacts to the system as a result of this release.
- There are no known security impacts to the service through the introduction of these changes, only security improvements.