This new version of Enrollment & Provisioning Server (EPS) brings the following improvements:
• More choice: Banks can now choose the perfect HSM for their needs, as EPS now supports the following, on top of the HSMs it already supported previously: Thales nShield, SafeNet Luna Network (models 5 & 6), and SafeNet Cryptovisor/DPoD.
• Enhanced security:
o The new version of EPS no longer uses PANs/PSNs in CAP token IDs, thereby avoiding unnecessary disclosure of this sensitive information in APIs and logs.
o Token metadata in the database is now encrypted for better protection.
• Better monitoring:
o This version includes new APIs to monitor the server status, enabling banks to get better information of potential issues once the server is live.
o Banks can now easily build reports and get statistics – such as the number of tokens provisioned. – thanks to new structured logs showing all operations processed by the server.
• More flexibility: Do two banks use the same virtual PAN? Does one bank need two domains for the same customer, so that, for example, the help desk can log in as the customer, but with a different key? The technical difficulties that these situations posed previously (for banks using the CAP algorithm) have now vanished, as this new version of EPS allows the same PAN/PSN to be used in multiple domains.
Feel free to contact your support team or account manager to find out more.
ProtectServer 2 firmware version 5.01.02 has completed NIST FIPS 140-2 Level 3 certification.
The certificate can be viewed at the following NIST website URL: https://csrc.nist.gov/projects/cryptographic-module-validation-program/Certificate/3231
As part of our ongoing product communications, we are announcing End-of-Sale for the following Mobile PKI products:
- SafeNet Reader CT1100
- SafeNet Reader K1100
- Bluegiga BLED112-V1 USB-BLE dongle
- Gemalto Bluetooth Device Manager (GBDM)
- SafeNet Core 8030
- SafeNet Prime 8840
- IDGo 800 Mobile
- SafeNet MobilePKI for BlackBerry (ex SafeNet MobilePKI for Good)
Mobile PKI Products - End-of-Sale Key Dates
December 30, 2018
Last ordering date
December 31, 2018
Due to the limited availability of hardware components, Gemalto will fulfill LTB orders as follows:
· Gemalto will make every effort to fulfill all orders placed during the LTB period.
· Orders placed during the LTB period will be processed on a first-come first-served basis
· Orders will not be accepted after the LTB end date
December 31, 2019
December 31, 2020
For replacement products and additional details please refer to the End-of-Sale announcement
This is to announce the upcoming end-of-sale and end-of-support dates for SafeNet ProtectV™ 1.x, 2.x and 3.x, the industry's first comprehensive high-availability solution for protecting data across bare metal, virtual and cloud infrastructures. Customers are encouraged to transition to the latest version of SafeNet ProtectV™ v.4.5.0 for continued full disk encryption of physical servers, virtual machines, and cloud instances to securely run sensitive workloads.
Table 1 of this announcement describes the end-of-life milestones, definitions, and dates for the affected product(s).
Table 2 lists the product part numbers affected by this announcement (alternative products are listed thereafter).
Table 1 - End-of-Life Milestones:
|ProtectV 1.x End of Support||23-Jul-2018||Product is no longer available for purchase and will no longer be supported; there will be no additional development, bug or security fixes; there is no repair or replacement support (customers are required to upgrade to a current product version to obtain support). Technical Support may be limited to online knowledge-base and downloads.|
|ProtectV 2.x & 3.x End of Sale||23-Jul-2018||The product is no longer available for purchase, but E&C will continue to provide support per maintenance agreements|
|Good Faith Support||13-Jan-2019||Normal support may diminish during this period due to unavailability of material. Additionally, lead times for repair services may be extended. E&C will make commercially reasonable efforts (also known as best efforts) to uphold normal service levels during this phase.|
|End Of Support||13-Jul-2019||The product is no longer available for purchase and will no longer be supported; there will be no additional development, bug or security fixes; there is no repair or replacement support (customers are required to upgrade to a current product version to obtain support). Technical Support may be limited to online knowledge-base and downloads.|
Table 2 - Affected Products:
The following is a list of SafeNet ProtectV™ part numbers affected by this announcement:
|947-000483-001||PROTECTV CLIENT,V3.X,TERM LIMITED,1 YEAR,PLUS SUPPORT|
|947-000483-401||PROTECTV CLIENT,V3.X,TERM LIMITED,1 YEAR,PLUS SUPPORT,NON-PRODUCTION|
|947-000484-001||PROTECTV CLIENT,V3.X,TERM LIMITED,2 YEAR,PLUS SUPPORT|
|947-000484-401||PROTECTV CLIENT,V3.X,TERM LIMITED,2 YEAR,PLUS SUPPORT,NON-PRODUCTION|
|947-000485-001||PROTECTV CLIENT,V3.X,TERM LIMITED,3 YEAR,PLUS SUPPORT|
|947-000485-401||PROTECTV CLIENT,V3.X,TERM LIMITED,3 YEAR,PLUS SUPPORT,NON-PRODUCTION|
|947-000486-001||PROTECTV CLIENT,V3.X,TERM LIMITED,1 YEAR,STANDARD SUPPORT|
|947-000486-401||PROTECTV CLIENT,V3.X,TERM LIMITED,1 YEAR,STANDARD SUPPORT,NON-PRODUCTION|
|947-000487-001||PROTECTV CLIENT,V3.X,TERM LIMITED,2 YEAR,STANDARD SUPPORT|
|947-000487-401||PROTECTV CLIENT,V3.X,TERM LIMITED,2 YEAR,STANDARD SUPPORT,NON-PRODUCTION|
|947-000488-001||PROTECTV CLIENT,V3.X,TERM LIMITED,3 YEAR,STANDARD SUPPORT|
|947-000488-401||PROTECTV CLIENT,V3.X,TERM LIMITED,3 YEAR,STANDARD SUPPORT,NON-PRODUCTION|
|947-000489-001||PROTECTV CLIENT,V3.X,PERPETUAL LICENSE|
|947-000489-401||PROTECTV CLIENT,V3.X,PERPETUAL LICENSE,NON-PRODUCTION|
|947-000377-001||PROTECTV CLIENT,V2.X,TERM LIMITED,1 YEAR,STANDARD SUPPORT|
|947-000380-401||PROTECTV CLIENT,V2.X,PERPETUAL LICENSE,NON-PRODUCTION|
|947-000376-001||PROTECTV CLIENT,V2.X,TERM LIMITED,3 YEAR,PLUS SUPPORT|
|947-000378-001||PROTECTV CLIENT,V2.X,TERM LIMITED,2 YEAR,STANDARD SUPPORT|
|947-000380-001||PROTECTV CLIENT,V2.X,PERPETUAL LICENSE|
|947-000377-401||PROTECTV CLIENT,V2.X,TERM LIMITED,1 YEAR,STANDARD SUPPORT,NON-PRODUCTION|
|947-000379-401||PROTECTV CLIENT,V2.X,TERM LIMITED,3 YEAR,STANDARD SUPPORT,NON-PRODUCTION|
|947-000374-401||PROTECTV CLIENT,V2.X,TERM LIMITED,1 YEAR,PLUS SUPPORT,NON-PRODUCTION|
|947-000375-001||PROTECTV CLIENT,V2.X,TERM LIMITED,2 YEAR,PLUS SUPPORT|
|947-000375-401||PROTECTV CLIENT,V2.X,TERM LIMITED,2 YEAR,PLUS SUPPORT,NON-PRODUCTION|
|947-000376-401||PROTECTV CLIENT,V2.X,TERM LIMITED,3 YEAR,PLUS SUPPORT,NON-PRODUCTION|
|947-000379-001||PROTECTV CLIENT,V2.X,TERM LIMITED,3 YEAR,STANDARD SUPPORT|
|947-000378-401||PROTECTV CLIENT,V2.X,TERM LIMITED,2 YEAR,STANDARD SUPPORT,NON-PRODUCTION|
|947-000374-001||PROTECTV CLIENT,V2.X,TERM LIMITED,1 YEAR,PLUS SUPPORT|
|947-000262-001||SAFENET PROTECTV: 5 NODES,V1.6 (HOURLY)|
|947-000263-001||SAFENET PROTECTV: 25 NODES,V1.6 (HOURLY)|
|947-000264-001||SAFENET PROTECTV: 100 NODES,V1.6 (HOURLY)|
|947-000265-001||SAFENET PROTECTV: 5 NODES,V1.6 (MONTHLY)|
|947-000266-001||SAFENET PROTECTV: 25 NODES,V1.6 (MONTHLY)|
|947-000267-001||SAFENET PROTECTV: 100 NODES,V1.6 (MONTHLY)|
|947-000268-001||SAFENET PROTECTV: 5 NODES,V1.6 (ANNUAL)|
|947-000269-001||SAFENET PROTECTV: 25 NODES,V1.6 (ANNUAL)|
|947-000270-001||SAFENET PROTECTV: 100 NODES,V1.6 (ANNUAL)|
|947-000256-001||SAFENET PROTECTV: 5 NODES|
|947-000257-001||SAFENET PROTECTV: 25 NODES|
|947-000258-001||SAFENET PROTECTV: 100 NODES|
Customers using these products are encouraged to migrate to the latest version of SafeNet ProtectV™. Existing customers with a Technical Support Customer Portal account can log in to view complete migration instructions, get the latest software upgrades, and access the Gemalto Knowledge Base.
For more information, please contact your Gemalto Sales representative.
This new version of Gemalto Mobile Secure Messenger brings the following improvements:
• Enhanced security: This new version can reject registration requests coming from potentially malicious devices. It does this by offering a mechanism to reject requests coming from devices that have not created a valid session before making the registration request. This requires collaboration with an intermediate network entity (typically a web application firewall) that can then instruct the application, through proprietary http headers, to reject registration if pre-requisites are not fulfilled.
• Wider reach of enhanced communication with iPhones: The previous version of Mobile Secure Messenger enabled enhanced push notifications that support the latest iOS push format, but only for customers who host the server-side part of Mobile Secure Messenger on the Tomcat application server. This benefit is now also available to customers hosting it on the Websphere application server.
You may contact your salesperson if you wish to benefit from the enhancements that come with this release.
This release is a maintenance release with some bug fixes for the Mac version, enabling more flexibility and security on Mac computers.
• More flexibility: Web Signer 1.2.1 can now be used smoothly on both Mac and Windows. A limit that previously existed on Mac computers has now been removed.
• Enhanced security: Web Signer 1.2.1 is now more accurate in its detection of potentially malicious software by supporting the high-resolution Retina display in the SWYS function. This enables users to make sure that there is no malicious overlay in the application before they sign a transaction – meaning that what they see is really what they sign.
Feel free to contact your support team or Account Manager if you have any questions.
We are pleased to inform you that SafeNet Authentication Service Agent for Windows Logon (WLA) 2.2.7 is now available.
This is a maintenance release that resolves known issues.
Installation and configuration instructions, along with the agent itself, can be downloaded from the Gemalto Customer Portal KB0017750
Customer release notes for SafeNet ProtectFile v8.9 for Windows and Linux are now available for download. These releases include the following enhancements:
SafeNet ProtectFile Windows v8.9
- Improved Communication with SafeNet KeySecure: File server configuration and logs
- Ability to Check Access Status of Encrypted Paths
- Database IO Optimization
SafeNet ProtectFile Linux v8.9
- Improved Communication with SafeNet KeySecure: File server configuration and logs
- Netlink Improvements
- Ability to Check Access Status of Encrypted Paths
Please review the Advisory Notes and the Resolved and Known Issues sections of the release notes for any limitations and/or restrictions.
*Note: Registered users may access the documents via the Gemalto Support Portal. Should you need assistance logging in, please contact the SafeNet Support team at 800-545-6608 (US customers) or +1 410-931-7520 (International customers).
This is a maintenance release with some critical fixes and minor security feature improvements for both Android and iOS.
- Enhanced security on iOS: The iOS version is now obfuscated, to protect the most sensitive functions from reverse engineering. This is done using Gemalto’s proprietary obfuscation tool, Zcrambler.
- Greater assurance with external tests:
o The iOS version has passed a third-party crowd test, where it was tested on 100 iOS devices covering iOS versions 9-11, with no issues found.
o The Android version has passed penetration testing by security experts MWR (now part of F-Secure). It resisted 20 days of intensive investigation from hackers with full access to the physical device, who were unable to uncover the seed. The report confirms that “Protections applied are of a high standard and are in line with industry best practices.”
- Greater efficiency and enhanced security on both Android and iOS: Thanks to the support of custom http headers in Out-of-Band request APIs, banks using Gemalto Mobile Secure Messenger can now identify the kind of message they are receiving, enabling better network traffic flow and also enhanced monitoring and security by detecting suspicious amounts of specific kinds of messages.
This version also includes critical fixes such as:
• Android: Fixed an issue to enable testing for integrators (FaceID NT wrapper Debug version activation)
• Android: Ensure proper root status detection (even when some native library is removed or replaced)
• iOS: Provide greater stability during retry on FaceID enrollment.
• iOS: Detect incorrect seed lengths during dual-seed provisioning, and report an error.
As part of our continuing support for existing SAM customers , we would like to announce the availability of SafeNet Authentication Manager (SAM) 9.0 (SP2).
This version resolves known issues and features the following:
- Security enhancements: Various optimizations implemented to improve security
- Refreshed UX/UI: Enhanced look and feel of SAM Manage, SAM Service and SAM Rescue portals to provide better user experience
This new release is now available for download from the Gemalto Support Portal KB0017712
The upgrade installer is also available for download from the Gemalto Support Portal KB0017713
Select a product category:
Enrollment & Provisioning Server 2.9.2 is now available!
Silvia Candido | July 19, 2018, 06:33 am
ProtectServer Firmware 5.01.02 Gains FIPS 140-2 Certification
Paul Hampton | July 19, 2018, 04:40 am
Gemalto Authentication Products: Mobile PKI Products End-of-Sale Notification
Lorna Ayoun-Berdugo | July 17, 2018, 12:24 pm
SafeNet ProtectV™ v1.x, 2.x & 3.x End-of-Sale and End-of-Support Dates
SafeNet | July 16, 2018, 03:43 pm
Gemalto Mobile Secure Messenger 2.1 is now available!
Silvia Candido | July 16, 2018, 05:05 am