New 9.3.503 Release – Important Android Push Notifications
IMPORTANT – Android Push Notifications
SecurEnvoy is proud to release the latest version, v9.3.503 (available here), of our SecurAccess MFA solution that addresses an update to the Google Cloud Messaging (GCM) platform to maintain continuity with Android push notifications. Google is migrating to a new cloud messaging platform and is introducing new improvements to delivery and reliability. Most GCM services will begin to shut down in April of 2019 and our latest release is compatible with the new Firebase Cloud Messaging (FCM) from Google. We have addressed many common questions in our FAQs below.
Additionally, as part of our commitment to security with our products, we regularly check for known threats with every release and this release, v9.3.503 is no exception. As a result of these routine practices, we have categorised our v9.3.503 release as a Basic Release (our classifications are listed here). We recommend that all customers utilising Google Push notifications now, or that may have plans to do so in the future, upgrade to v9.3.503.
What does this mean for you and your SecurAccess solution?
Firstly, if you are not using the SecurEnvoy Mobile Authenticator for Android, enabled with Push notifications then it will not affect you and you will not need to upgrade your server. Secondly, push notifications for Android will not stop after April 11, 2019 as some of the GCM services will continue to operate for a period of time (time unknown).
What SecurAccess Server version do I need?
To continue to use Android Push notifications on the SecurEnvoy Mobile Authenticator uninterrupted, you will need to upgrade your SecurAccess server to 9.3.503.
Will my current version of the SecurEnvoy Mobile Authenticator work with the new Google Firebase servers?
No, on or before April 11th 2019, SecurEnvoy will publish a new Firebase supporting software build to the Google Play Store. Android phones that have auto update enabled will automatically download the latest Firebase supported Mobile Authenticator App.
What will happen if my Android phone does not update to the latest software release and I don’t have 9.3.503 server software installed.
Push notifications for Android will stop working, but it will not prevent users logging into their applications or VPN connections. They will be required to manually type the 6-digit token displayed on their Mobile Authenticator screen.
What if I use an MDM (Mobile Device Management) to deploy my mobile applications?
If a copy of the Android Firebase version is required, please get in contact with firstname.lastname@example.org and link to an advance copy of the Mobile Authenticator will be provided.