RC 537

User-Facing Improvements

• One Account: Implement redesigned SMS messages for One Account (#12745)

Bug Fixes

• Personal Key: Fix redirect to account page instead of an unsafe redirect to SP (#12739)

Internal

• Analytics: Add events for IPP verify info Update CTAs (#12746)
• Attempts API: Add idv_phone_verified event (#12646)
• TMX: Add fields to TMX event logs (#12744)
• Vectors of Trust: Removing VoT from AuthnContextResolver and other references (#12741)

RC 536

User-Facing Improvements

• Doc Auth: Update choose how to verify page content (#12743)

Internal

• Passkeys: Add a log to frontend when a user initiates a call (#12731)
• Vectors of Trust: Removing VoT from SAML flow (#12721)

RC 535

Bug Fixes

• Event disavowal: Make sure to pass only token (#12732) (#12732)

Internal

• Devenv: Ensure chromedriver and google-chrome always match (#12734)
• IPP: Removing legacy code for ipp date configs (#12723) (#12723)
• MFA: Validate and clear OTP in a transaction
• PIVCAC: Adding current sp for user to find active uses (#12700)
• Reporting: Add BCC Functionality to IRS report (#12705)
• Review Apps: Remove extra config for Review Apps that is no longer used. (#12729)

RC 534

User-Facing Improvements

• PIV/CAC: Update "Federal employee ID" to "Government employee ID" (#12719)

Internal

• Default Config: Make non-production data clear to prevent bug bounty false-positives. (#12726)
• Identity Verification: Record the state id check in the session to prevent redundant checks. (#12716)
• In-Person Proofing: Reverting #12652 (#12720)
• Review Apps: Make it clear that the review apps are not using real secrets that a bug bounty could be called on. (#12722)
• Service Provider: Move display name determination to correct class (#12469)
• Vectors of Trust: Removing VoT from OIDC flow (#12718)

RC 533

User-Facing Improvements

• Doc Auth: Display error when socure transaction token is missing. (#12699)

Bug Fixes

• Attempts API: Add browser_id cookie that will always be populated (#12708)

Internal

• Identity Verification: Reduce usage of doc_auth_passports_enabled flag to only control passport selection on Choose ID Type screen (#12698)
• Logging: Log expiration date from Socure document authentication. (#12707)
• Reporting: Tracking for Fraud Ops (Team Data-1174) (#12682)
• Socure PhoneRisk: Address result errors contain reason codes (#12710)
• reporting: Billing report v2 updates (#12684)

Upcoming Features

• Identity Verification: Phone precheck enablement for a percentage of proofs (#12712)

RC 532

Bug Fixes

• Attempts API: Format SSN in idv_verification_submitted event (#12695) (#12695)
• Attempts API: Move logout-initiated event to later in the request so GA exists (#12696)
• One-Account: Realigning badges on duplicate account page (#12702)

Internal

• Logging: Log the socureId and sourceAttribution on Socure KYC events. (#12692)
• Reporting: Ignore good_jobs table (#12672)
• Reporting: Spec Fix (#12703) (#12703)

Upcoming Features

• Identity Verification: Phone pre-check during proofing (#12683)
• Identity Verification: Logging precheck phone number attributes (#12697)
• In-person proofing: Add AAMVA verification before SSN step (#12652)

RC 531

Internal

• IdV: Update proofing component address check to include socure (#12680)
• Pinpoint Supported Countries: Fix failing spec (#12686)
• Reporting: Monthly credential report logic and layout updates (#12644)
• tech debt: Remove references to Webauth Platform A/B test (#12691)

RC 530.1

User-Facing Improvements

• Account Management: Update "Federal employee ID" to "Government employee ID" (#12677)
• Attempts API: Small documentation updates (#12654) (#12654)

Internal

• Doc Auth: Adding docv transaction token to socure error log (#12665)
• Identity Verification: Require AAMVA check for state IDs before SSN step (#12659)
• Upcoming Feature: Add event logs to AAMVA plugin for IdV doc auth. (#12657)

!!! Invalid Changelog Entries !!!
[LG-16889] 508 improvements (#12673)

RC 530

User-Facing Improvements

• Attempts API: Add emails to forget_password_new_password_submitted (#12655)
• Authentication: Add phone expiration interval notice (#12553)

Internal

• NPM Packages: Update package-lock.json dependency security issue (#12668) (#12668)
• One Account: Remove unused duplicate SSN report (#12663)

Upcoming Features

• Doc Auth: Add aamva check to socure doc auth (#12656)
• Identity Verification: Primary and secondary address proofing vendors (#12651)

RC 529.1

Internal

• Reporting: Ensure GoodJob passes function parameters to perform class (#12658)