Mobile SDKs
2026
15.04.2026
Patch: Improved performance and ANR prevention for biometric operations
Overview
3.20.12
This patch enhances the stability and performance of biometric operations on Android.
To prevent potential Application Not Responding (ANR) errors, heavy cryptographic tasks are now processed on a background thread. This change ensures that client applications can now safely initiate biometric operations from either the Main thread or an I/O thread without risking UI freezes or StrictMode violations.
For integrations using the androidx.biometric library, the SDK is now lifecycle-aware. This ensures that the biometric prompt is automatically and safely cancelled in response to application lifecycle changes.
Affected versions
If your app uses an affected version of the SDK, then you should upgrade it to use the latest, patched version:
| Affected versions | Patched version |
|---|---|
| 3.20.10 and earlier | 3.20.12 |
12.03.2026
Patch: Fixed start after deactivate and BiometricPrompt callback issues
Overview
3.21.7, 3.20.10
- Fixed an issue where
AsyncCallbackforfinishAuthenticationsends the result more than once for AndroidX BiometricPrompt. - Fixed the race conditions in the BiometricPrompt cancellation logic.
- Fixed a crashing issue that would happen when running any start operation quickly after calling
deactivate().
If you are using state EncapController.State.PROCESSING_DEACTIVATION, then this update introduces a breaking change and you need to replace all occurrences with the following in your code:
EncapController.State.PROCESSING_START_DEACTIVATIONEncapController.State.PROCESSING_FINISH_DEACTIVATION
3.21.7
- Fixed an issue where
isActivated(DEVICE_ANDROID_BIOMETRIC_PROMPT)was true after removing all fingers.
Affected versions
If your app uses an affected version of the SDK, then you should upgrade it to use the latest, patched version:
| Affected versions | Patched version |
|---|---|
| 3.21.6 and earlier | 3.21.7 |
| 3.20.9 and earlier | 3.20.10 |
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
20.02.2026
Patch: Fixed operation in progress error for AndroidX BiometricPrompt authentications
Overview
3.20.9, 3.21.6
Fixed an issue where the API could return clientErrorOperationInProgress for an AndroidX BiometricPrompt authentication, where the BiometricPrompt dialog had become dismissed due to app switching.
Affected versions
If your app uses an affected version of the SDK, then you should upgrade it to use the latest, patched version:
| Affected versions | Patched version |
|---|---|
| 3.21.5 and earlier | 3.21.6 |
| 3.20.8 and earlier | 3.20.9 |
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
19.01.2026
Patch: Fixed operations failing on Android 11 and below
Overview
3.21.5
Fixed an issue that caused SDK operations to fail on devices running Android 11 (API 30) and below, with the error WifiService: Neither user … nor current process has android.permission.ACCESS_WIFI_STATE.
This error was present on apps lacking the permission required for collecting Wi-Fi information (SSID and BSSID), even if these risk parameters were disabled in the server configuration.
Previous Android SDK 3.21 releases were removed from our Nexus partner repository.
Affected versions
If your app uses an affected version of the SDK, then you should upgrade it to use the latest, patched version:
| Affected versions | Patched version |
|---|---|
| 3.21.4 and earlier | 3.21.5 |
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
14.01.2026
Patch: Prevent SDK location update requests
Overview
3.19.11, 3.20.8, 3.21.4
Introduced locationEnabled flag in EncapConfig. If you set this flag to false, then you prevent the SDK from requesting location updates.
To learn more, see our Location feature documentation.
Affected versions
If your app both:
- Requests location permission.
- Has location, geofencing, and SSID/BSSID features disabled.
Then you can upgrade it to use the latest, patched version and set the locationEnabled flag to false:
| Affected versions | Patched version |
|---|---|
| 3.21.2 and earlier | 3.21.4 |
| 3.20.6 and earlier | 3.20.8 |
| 3.19.9 and earlier | 3.19.11 |
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
2025
08.12.2025
Patch: Swift Protobuf linking fix
Overview
3.21.2
Fixed an issue that caused duplicate symbol errors during linking when Swift Protobuf was included as a dependency.
Affected versions
If your app both:
- Has Swift Protobuf as dependency.
- Uses an affected version of the SDK.
Then you should upgrade it to use the latest, patched version:
| Affected versions | Patched version |
|---|---|
| 3.21.1 | 3.21.2 |
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
19.11.2025
Patch: Location improvements
Overview
3.21.3
Fixed an issue where the location was being sent in Encap SDK operations, even if the location was disabled in the device's system settings.
Affected versions
If your app has either location or geofencing features enabled, then you should upgrade it to use the latest, patched version:
| Affected versions | Patched version |
|---|---|
| 3.21.2 and earlier | 3.21.3 |
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
31.10.2025
Release: SDK 3.21
Overview
3.21
We have released version 3.21 of our SDK for Android and iOS. For an overview of the changes, see the version notes for each platform:
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
30.10.2025
Patch: Location permission prompt not triggered in startActivation
Overview
3.20.4
Fixed an issue where the finishActivation operation or the startAuthentication operation terminated the app due to an uncaught exception.
Affected versions
If your app both:
- Has either location, geofencing or app attestation features enabled.
- Uses an affected version of the SDK.
Then you should upgrade it to use the latest, patched version:
| Affected versions | Patched version |
|---|---|
| 3.20.2 and 3.20.3 | 3.20.4 |
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
10.10.2025
Patch: Location permission prompt not triggered in startActivation
Overview
3.20.3
Fixed an issue where the startActivation operation does not trigger the location permission prompt. This patch also resolves a related bug that could cause subsequent operations to hang when location is disabled and enabled again.
Affected versions
If your app both:
- Has the location or geofencing feature enabled.
- Uses an affected version of the SDK.
Then you should upgrade it to use the latest, patched version:
| Affected versions | Patched version |
|---|---|
| 3.20.2 | 3.20.3 |
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
06.10.2025
Patch: Fixed clientErrorDowngradeDetected unexpected behaviour issue
Overview
3.19.9, 3.20.6
Fixed an issue where clientErrorDowngradeDetected is not working as expected, possibly giving false positives.
Affected versions
If your app uses an affected version of the SDK, then you should upgrade it to use the latest, patched version:
| Affected versions | Patched version |
|---|---|
| 3.20.5 and earlier | 3.20.6 |
| 3.19.7 and earlier | 3.19.9 |
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
03.07.2025
Patch: Fixed BiometricPrompt cancellation issue when using wrong fingerprint
Overview
3.18.22
Removed a workaround for older OnePlus devices that was causing issues for newer ones.
This fixes an issue where using the wrong fingerprint on a modern OnePlus device would sometimes result in BiometricPrompt dismissing itself.
Affected versions
If your app uses an affected version of the SDK, then you should upgrade it to use the latest, patched version:
| Affected versions | Patched version |
|---|---|
| 3.18.21 and earlier | 3.18.22 |
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
11.06.2025
Patch: Android 16, Biometric Prompt and performance updates
Overview
3.20.5
- Adds support for Android 16 (
targetSdkVersion 36).- This avoids potential build warnings for apps targeting Android 16.
- Improves performance.
- SDK calls are now faster, with
startAuthentication()calls now up to 2.5 times faster. - The
AndroidLoggingControllerclass that provides logging of API calls for development purposes now includes the logging time used by the call.
- SDK calls are now faster, with
- Removes BiometricPrompt workaround for previous OnePlus phone bug.
- This avoids a problem that could occur with wrong biometrics on newer or updated OnePlus phones, that would cause biometric authentication to abort with
clientErrorAndroidBiometricPromptAuthenticationFailedinstead of letting the user retry.
- This avoids a problem that could occur with wrong biometrics on newer or updated OnePlus phones, that would cause biometric authentication to abort with
Affected versions
If your app uses an affected version of the SDK, then you should upgrade it to use the latest, patched version:
| Affected versions | Patched version |
|---|---|
| 3.20.4 and earlier | 3.20.5 |
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
22.04.2025
Release: SDK 3.20
Overview
3.20
We have released version 3.20 of our SDK for Android and iOS. For an overview of the changes, see the version notes for each platform:
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
Upcoming changes
In the next SDK version (3.21), we will make the following changes:
- For Android,
RecoveryMethod.CLOUD_BACKUPwill be renamed toRecoveryMethod.CLOUD_BACKUP_RECOVERY_CODE. - For iOS, the
RecoveryMethod.backupcase will be renamed toRecoveryMethod.backupRecoveryCode. - For iOS the SDK minimum supported iOS version will be 15.
03.04.2025
Patch: Error after storage upgrade
Overview
3.18.21, 3.19.7
- This patch sets the right storage name for the storage version during a storage upgrade.
- This means that in the rare occasion that a storage upgrade fails to read a specific file, we will not overwrite
clientSaltKeyNextIdthe next time we try to upgrade, which causes themissingParametererror.
Affected versions
If your app uses an affected version of the SDK, then you should upgrade it to use the latest, patched version:
| Affected versions | Condition | Patched version |
|---|---|---|
| 3.15 and earlier | If upgrading to 3.18 or 3.19 | 3.18.21 and 3.19.7 |
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
2024
17.12.2024
Patch: Android 15, JSON and BiometricPrompt
Overview
3.19.6, 3.18.20
- Adds support for Android 15 (
targetSdkVersion 35). - This avoids potential build warnings for apps targeting Android 15.
3.19.6, 3.18.20, 3.17.13
- Changes the
JSONObjecttype ofclientSaltNextKeyIdtoLong. - This avoids potential errors in apps with a strict JSON parser, such as
JSONObject["clientSaltNextKeyId"] is not a string.
3.19.6
- Filters out
DEVICE_BIOMETRIC_PROMPTon Android 9, when the app does not include AndroidX BiometricPromptEncap. - This ensures that the Encap API supports BiometricPrompt in all apps.
Affected versions
If your app uses an affected version of the SDK, then you should upgrade it to use the latest, patched version:
| Affected versions | Patched version |
|---|---|
| 3.19.4 and earlier | 3.19.6 |
| 3.18.19 and earlier | 3.18.20 |
| 3.17.12 and earlier | 3.17.13 |
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
07.11.2024
Patch: Extension support
Overview
3.16.5, 3.17.4, 3.18.4, 3.19.2
- Fixed bug in the migration code for the extension support feature, when multiple Keychain groups are configured.
- This bug results in a missing
deviceHashafter migrating to extension support. It causes the SDK to generate a new value on the next authentication attempt, which results in adeviceHashmismatch. It is then not possible to authenticate with that registration.
Affected versions
If your app both:
- Uses the extension support feature, in combination with multiple Keychain groups configured for the app.
- Uses an affected version of the SDK.
Then you should upgrade it to use the latest, patched version:
| Affected versions | Patched version |
|---|---|
| 3.16 | 3.16.5 |
| 3.17 | 3.17.4 |
| 3.18 | 3.18.4 |
| 3.19 | 3.19.2 |
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
08.08.2024
Release: SDK 3.19
Overview
3.19
We have released version 3.19 of our SDK for Android and iOS. For an overview of the changes, see the version notes for each platform:
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
Upcoming changes
In the next SDK version (3.20), we will make the following changes:
- Bump the minimum supported platform versions to Android 9.0 (API 28).
22.05.2024
Patch: Crash in native code
Overview
3.14.8, 3.15.6, 3.16.8, 3.17.12, 3.18.19
Added fix in the native code to support no Java package name in the Activity or Application.
- This avoids affected Encap SDKs having a crash in the native code
libencap-android-api.soupon startup of the app, following obfuscation with version 8 or higher of the Android Gradle Plugin. For example:signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x0
Cause: null pointer dereference
x0 0000000000000000 x1 000000000000002e x2 00000000000003fe x3 0000007fc4ac5408
x4 0000000000000003 x5 0000000000000004 x6 0000000000008048 x7 24ff3a6d6e687360
x8 0000000000000000 x9 0000000000000000 x10 0000007315aa8000 x11 0000000000000020
x12 0000000000000009 x13 00000000d047da0c x14 0000000000000069 x15 000000000000006f
x16 00000072d93d83c8 x17 00000075a03c5244 x18 00000075b3f4a000 x19 b4000073b5aa6f50
x20 00000075b4c8e08d x21 b400007315ab56f0 x22 00000075b39ae000 x23 b400007345ad04e0
x24 0000007fc4ac6638 x25 00000072d93d6374 x26 b400007375acd6d0 x27 00000075b39ae000
x28 b4000073b5aa6f50 x29 0000007fc4ac6450
lr 00000072d93d4ef0 sp 0000007fc4ac5440 pc 00000072d93d4ef0 pst 0000000080000000
backtrace:
#00 pc 0000000000002ef0 /data/app/~~AFEop-SVX63wreyZzeYp7A==/com.encapsecurity.encap.example.android.testapp-NJtFrXRjua6YVkum0fgwcQ==/base.apk!libencap-android-native-api.so (BuildId: 59ea07c78f55678b6e364a2f67ea8bc42190f7eb)
#01 pc 00000000000043c4 /data/app/~~AFEop-SVX63wreyZzeYp7A==/com.encapsecurity.encap.example.android.testapp-NJtFrXRjua6YVkum0fgwcQ==/base.apk!libencap-android-native-api.so (JNI_OnLoad+80) (BuildId: 59ea07c78f55678b6e364a2f67ea8bc42190f7eb)
#02 pc 000000000051c1a8 /apex/com.android.art/lib64/libart.so (art::JavaVMExt::LoadNativeLibrary(_JNIEnv*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, _jobject*, _jclass*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >*)+1872) (BuildId: 02bec5940be704b863f6514fc7d81c41)
#03 pc 00000000000051c0 /apex/com.android.art/lib64/libopenjdkjvm.so (JVM_NativeLoad+412) (BuildId: e2d871bce04eabb6198cc5c94b2b4059)
#04 pc 000000000036095c /data/misc/apexdata/com.android.art/dalvik-cache/arm64/boot.oat (art_jni_trampoline+156) - This is because the native code
libencap-android-api.soexpects a Java package name in the Activity or Application, but obfuscation removes the Java package name. - You can observe this bug with R8 obfuscation in the Android Gradle Plugin 8.
Affected versions
If your app uses an affected version of the SDK, then you should upgrade it to use the latest, patched version:
| Affected versions | Patched version |
|---|---|
| 3.14.6 | 3.14.8 |
| 3.15.4 | 3.15.6 |
| 3.16.6 | 3.16.8 |
| 3.17.7 | 3.17.12 |
| 3.18.7 | 3.18.19 |
| Earlier versions | N/A |
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
For alternatives to upgrading, see section Alternative workarounds below.
Alternative workarounds
Alternatively, you can also implement one of the following workarounds to solve the issue:
- This bug can be avoided by adding a Proguard rule for the app:
-repackageclasses 'com.mypackagename' - This bug can be avoided by disabling R8 full mode in
gradle.properties:android.enableR8.fullMode=false
11.04.2024
Patch: Privacy manifest and client debug data
Overview
3.18.3, 3.17.3, 3.16.4
- Added
PrivacyInfo.xcprivacy:- As of 01.05.2024, Apple has enforced apps to describe their use of the required reason API in their privacy manifest file.
- The article Describing use of required reason API in the Apple developer documentation warns:
If you upload an app to App Store Connect that uses required reason API without describing the reason in its privacy manifest file, Apple sends you an email reminding you to add the reason to the app's privacy manifest. Starting May 1, 2024, apps that don't describe their use of required reason API in their privacy manifest file aren't accepted by App Store Connect.
- If you are using Xcode 15, embed the Encap framework that was dragged in. Navigate to the target's General settings, locate Frameworks, Libraries, & Embedded Content, then select Embed & Sign. This step will enable privacy manifests to be picked up by Xcode's tooling.
- Removed
diskSpace:- In versions 3.16 and above,
diskSpaceis no longer available in our client debug data feature. - This update became essential when reviewing our data usage, particularly for
NSPrivacyAccessedAPICategoryDiskSpacewhere the available options did not accurately reflect our circumstances. - In alignment with Apple's guidelines, we have chosen to entirely remove references to diskSpace APIs.
- In versions 3.16 and above,
Affected versions
If your app uses an affected version of the SDK, then you should upgrade it to use the latest, patched version:
| Affected versions | Patched version |
|---|---|
| 3.18.2 | 3.18.3 |
| 3.17.2 | 3.17.3 |
| 3.16.3 | 3.16.4 |
| Earlier versions | N/A |
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
If this is not possible, see section Known limitations and workaround below.
Known limitations and workaround
We have seen that declared use of the reason API in the PrivacyInfo.xcprivacy file inside the SDK is not getting taken into evaluation from Apple when sending the app to the App Store for review. We have an ongoing support ticket with Apple and currently assume that it is a bug on Apple's side.
If you experience this problem, we suggest that you take what we have declared in the PrivacyInfo.xcprivacy file, and add to your PrivacyInfo.xcprivacy file until this issue is resolved.
If you are using an SDK below version 3.16, then the PrivacyInfo.xcprivacy found in newer versions can be used and copied across. In this case, it is expected to be in the root of the .framework folder for both architectures.
You can download the library from our Nexus partner repository. Change your current dependency to the new version.
2023
20.10.2023
Release: SDK 3.18
Overview
3.18
We have released version 3.18 of our SDK for Android and iOS. For an overview of the changes, see the version notes for each platform:
We have verified this SDK version (3.18) on iOS 17 and Android 14.
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
Upcoming changes
In the next SDK version (3.20), we will make the following changes:
- Bump the minimum supported platform versions to Android 8.0 (API 26) and iOS 14.0.
26.05.2023
Release: SDK 3.17
Overview
3.17
We have released version 3.17 of our SDK for Android and iOS. For an overview of the changes, see the version notes for each platform:
What is new?
Support for Android 6.0 (API 23) has been removed.
Google Play Integrity
Play Integrity replaces the SafetyNet service, which is being discontinued by Google. You can read more about this in the Android developer documentation.
We have introduced support for Play Integrity, which is provided by Google as part of the Android platform. This feature lets you enforce the use of trusted Android devices and genuine apps that have been installed from the Google Play Store, and gives your app an equal or higher level of integrity assurance than SafetyNet.
As part of rolling out this feature, we are removing SafetyNet support and therefore require current users to migrate to Play Integrity. You can read more about Play Integrity in the Android developer documentation.
For more information about app attestation for MobileID, see the MobileID feature documentation.
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
30.01.2023
Release: SDK 3.16
Overview
3.16
We have released version 3.16 of our SDK for Android and iOS. For an overview of the changes, see the version notes for each platform:
What is new?
iOS Extension support
We have introduced support for iOS extensions, allowing you to extend functionality beyond your app.
For example, you can now enable users to add a bank card directly from their Apple Wallet, and authenticate with MobileID through the extension. You can implement any of the existing in-app authentication methods (such as a PIN, or biometrics) for this out-of-app authentication.
Our feature guide for iOS extension support is coming soon. To learn more, you can contact us by creating a support ticket in the Signicat Dashboard.
iOS Time sensitive notification
Apple introduced a new feature in iOS 15 called 'Focus', which is a custom 'Do Not Disturb' mode for different moments of everyday life. When 'Focus' mode is active, most notifications are blocked, including our customer's urgent notifications.
You can now give notifications a higher priority (and break notification blocking) by enabling 'time sensitive notifications' in both your application configuration and your iOS app.
To enable this, see the apnsTimeSensitiveInterruptionLevelEnabled parameter in the application configuration.
Client server crypto protocol V3
We have made multiple security improvements to the client-server crypto protocol. The most important changes for V3 of the protocol are:
- Fixes for a padding oracle attack
- Upgrading the AES key sizes to 256bit
How to upgrade
To get the latest features and security improvements, you need to upgrade your mobile app to use the most recent version of the SDK:
Upcoming changes
In the next SDK version (3.17), we will make the following changes:
- Remove support for Android 6.0 (API 23).