Update information

IBM® Safer Payments 6.7.0.00 includes changes that might require you to take action.

Read relevant update information

Compare the current operational version to the version that you want to install. Read update information topics that are relevant to your situation.

If you install a... Read update information topics for ... For example, if the version changes from ... Read update information topics for...
Fix pack All fix packs between the two versions 6.6.0.00 to 6.6.0.05 6.6.0.01 to 6.6.0.05
Major release The target version up to the fix pack that you are installing 6.5.x to 6.6.0.05 6.6.0.00 and 6.6.x up to 6.6.0.05
Major release and skip one major release The major release for the skipped version and all topics in the target version up to the fix pack that you are installing 6.4.x to 6.6.0.05 6.5.0.00, 6.6.0.00, and 6.6.x up to 6.6.0.05
Major release and skip multiple major releases The major release for the skipped versions and all topics in the target version up to the fix pack that you are installing 6.3.x to 6.6.0.05 6.4.0.00, 6.5.0.00, 6.6.0.00, and 6.6.x up to 6.6.0.05

If needed, see:

6.7.0.00 Update information

  • IBM Safer Payments is now packaged with RPM Package Manager (RPM) rather than InstallAnywhere. The installation procedure for major releases and fix packs has changed. Review the installation documentation before you begin the procedure. If the existing application was installed by using InstallAnywhere, you must first uninstall it by using InstallAnywhere. Then, you can install the new version by using the RPM installation package.

  • Modeling attribute settings are not migrated to 6.7.0.00. You must manually create them after the update. Therefore, before the update, make note of each challenger model revision's current settings. After the update is finished, go to Model > [revision] > Model factory > Modeling attribute settings and create the settings that are needed for each revision.

    Take this opportunity to review the existing attribute settings. Attributes that were previously forced to be simulated are likely no longer needed. For more information, see modeling attribute settings in the online help.

    Simulation results are not only available on the Simulation page but can also be accessed through the submenu items under Model > [revision] > Model factory.

    Model > [revision] > Model factory > Text sandbox replaces the old Test sandbox. It works the same except that it now uses the new modeling attribute settings. The Model > [revision] > Modeling menu item and submenu items were removed. Related role privileges were renamed and now refer to the new pages and functions.

    If model revisions from version 5.5.x or earlier are loaded, the rulesets that are selected for analysis are lost after the update.

    The global setting Administration > System > Configuration > Modeling > Simulation may access DDC was removed. Now, if needed, simulations prime all data from DDC. The simulation itself accesses DDC only in the rare event that an index sequence is evaluated beyond the simulation data selection and DDC access is enabled for the revision element in question, for example, a counter.

  • Verify that MDC capacity and DDC capacity are the same for the SystemTime meta attribute. Previously, the rule was a recommendation but now it is enforced. If they differ, the upgrade can finish. However, after the upgrade, golives for the root mandator and retention settings changes are prohibited until the values are corrected.

    When a change is made on Administration > System > Retention settings, changes that were previously run during the end-of-day job are now run immediately, similar to a golive.

  • The command to generate master keys and usage keys now uses a different command. Previously, the command started with keygen. Now, the command starts with iris_keygen.
  • To use asynchronous implementation of the FastLink Interface (FLI), update all instances of the cluster to at least version 6.7.0.00 of IBM Safer Payments. On Cluster > [instance] > System > Monitoring > Interfaces > Encrypted Communication Interface (ECI), configure a valid TLS configuration. Install a valid certificate and key. Asynchronous FLI employs TLS encryption and uses the ECI setup for this purpose. Then, enable Asynchronous message transfer on Administration > System > Configuration > Interfaces > FastLink Interface.
  • If you want to encrypt traffic that goes over the Status Control Interface (SCI) by using Transport Layer Security (TLS), first upgrade all instances of the cluster. Then, select the Use SSL encryption checkbox on each instance. It is located on Cluster > Cluster settings > Interfaces > Status Control.
  • By default, tables now show a maximum of 40 columns to improve table loading performance on tables with many columns. More columns can still be enabled in the table settings. In case a user already has preferences for the table then this setting will only apply once the user resets user preferences in the user settings page. Alternatively the number of columns can also be decreased manually on the table preferences of the table that has many columns.
  • The audit trail for defined risk lists is now written to its own file, which is named definedRiskListAuditTrail_[uid].iris. It is automatically updated. Back up the original file before the upgrade.
  • When manually marking records as genuine or fraudulent from query results on Investigation > Queries > Queries, it is now possible to control which notifications are selectable. Enable notifications by setting the new Available for manual fraud marking checkbox on Administration > External system integration > Notifications. Grant users the privilege to trigger notifications by assigning the new "Trigger notifications on fraud marking" role privilege on Administration > User management > Roles. By default, no notification are selectable, and no users have the privilege to trigger notifications.
  • On Investigation > Investigation > Case search and Case selection, added an execute icon. Now, a search starts only when the execute icon is clicked or the Enter key is pressed. The page is refreshed only when the execute icon is clicked.
  • The system must no longer be restarted if you change Fastlink Interface (threads) on Administration > System > Configuration > System > Number of Parallel Threads. Now, Fastlink interface connections are automatically dropped and re-created if Fastlink Interface (threads) is changed.
  • If you use MQ Interface, the mechanism for setting the MQGET timeout has changed. Now, the maximum MQGET timeout is 3000 ms. A new field, Repeat empty MQGET, has been added to Cluster > System monitoring > Settings > [instance] > Interfaces > Websphere MQ > Queue Manager > Queue. It defines how many times the timeout is repeated and avoids reconnections to MQ. For example, if MQGET is set to 3000 ms and Repeat empty MQGET is set to 20, the timeout is 600,000 ms. Review your current MQGET timeout value and set Repeat empty MQGET as needed.
  • Data exports from BDI can now be downloaded by users that have at least execute job privileges for jobs.
  • On Investigation > Queries > Group by queries, Fraud Ratio is now calculated as basis points. The new formula is: 10000 * ((fraud amount) / (total amount)). Before the update, Fraud Ratio was calculated as (fraud amount) / (genuine amount). If the CSV file is used in external systems or values are used for other calculations, change your system to accommodate the new calculation results.
  • It is now possible to send statusRequests to MCI for nonxml messages. Also, it is possible to set a messageTypeId for MCI statusRequests. If no messageTypeId is set for a status request, it responds with the type of the message that is used by the Inbound Endpoint.
  • After the update, golives that are imported with the configuration change journal might fail with a DUPLICATE_MAPPING error. The problem occurs when the following conditions are met: importRevisionChanges requests are imported, the revision was created on version 6.3 or older, and the revision did not yet have a golive with version 6.5. To avoid the problem, run golives for all mandators before you start recording journal changes.
  • Debug log message 889 and error log message 888 were added to log details of ITEM_NOT_FOUND issues. If you run into an issue with an ITEM_NOT_FOUND error, then you can enable the debug message 889 to print more information about the error in the logs.
  • Verify the value of the new setting Administration > System > Configuration > Modeling > Trim whitespaces before computation. The default is enabled. Previously, leading and trailing white spaces were always trimmed in JSON messages. Now, you can control it.
  • If an encrypted numeric reporting attribute exists and Mask encrypted values is selected on Administration > Mandators > Settings > [mandator] > Relational Database Interface, the value is now inserted into the VALUE_TEXT column. Previously, it was inserted into the VALUE_NUMERIC column.
  • Now, Db2 SQL statements that are output through the relational data interface (RDI) wrap table and column names in double quotation marks rather than single quotation marks. As of Db2 version 11, single quotation marks are no longer supported. Therefore, Db2 version 10 is no longer supported.
  • Numerous changes were made to API requests. If you use the API requests directly, first test your scripts on 6.7.0.00.
  • Added the following API requests:
    • getAnalysis
    • getCase

      Use it to get a single case. It has the same parameters as the existing get API request.

    • getRandomForestGenerator
    • getRuleGenerator
    • getSimulationStatus
    • setRandomForestGenerator
    • setRuleGenerator
    • getModelingAttributeSettings
    • getModelingAttributeSettingsTable
    • getModelingsTable
    • GetUridNamespaces
    • GetUridNamespacesTable
    • setSandboxAttributeSettings
    • testCaseAction

      Use it to test case actions. It has the same parameters as the existing test API request.

  • Changed the following API requests:
    • enableSimulationCheckAndReport

      Removed the data:ruleUid field. Added the data:task field. Use data:task to identify the simulation scenario to run.

    • enableSimulationConfirmed

      Removed the data:ruleUid field.

    • get

      Can no longer be used for cases. Use getCase instead.

    • save

      When the save API request is used for index and hyperlink queries, the query can no longer be started by setting the execute parameter to true. Use the executeQuery API request instead. When the save API request is used for ad hoc queries, the query can still be started by setting the execute parameter to true.

    • test

      Can no longer be used for case actions. Use testCaseAction instead.

  • Improved JSON type checking. The following API requests now have stricter JSON type checking. Previously, invalid JSON might have been accepted. Now, it is caught and causes an error. If you use these API requests directly, first test your scripts on 6.7.0.00.

    • addCaseActionAttachment
    • addDefinedRiskEntry
    • bulkDeleteDefinedRiskEntries
    • bulkEnableDisableDefinedRiskEntries
    • createCaseManually
    • deleteDefinedRiskEntries
    • deleteIndexEntry
    • enableDisableDefinedRiskEntries
    • executeExternalQuery
    • executeQuery
    • exportDefinedRiskListEntriesTable
    • exportDefinedRiskListReport
    • exportDocxCaseAction
    • exportDocxCaseActions
    • exportExtendedMasterdataQueryResults
    • exportGroupByQueryResult
    • exportQueryResults
    • exportReportingJobResults
    • exportReportingQueryResult
    • getAggregatedAuditTrails
    • getCaseAction
    • getCaseActionHistory
    • getCaseActionPreview
    • getCaseData
    • getCaseDefinedRiskListData
    • getCaseHistory
    • getCasesTable
    • getCommonQuerySubsetResults
    • getCppsToHighlight
    • getCppTable
    • getDefinedRiskListAuditTrailTable
    • getDefinedRiskListEntriesTable
    • getDefinedRiskListEntry
    • getExtendedMasterdataQueryResults
    • getGroupByQueryAccountResults
    • getGroupByQueryResult
    • getMasterdataDeepInformation
    • getReportingQueryAccountResults
    • getQueryResults
    • getQuickSearchCasesTable
    • getReportingAttributes
    • getReportingQueryAccountResults
    • getReportingQueryResult
    • getWorkingQueueCasesTable
    • hasEntry
    • investigateCase
    • save (only for certain element types)
    • sendCaseActionFromPreview
    • sendCaseActions
    • setMasterdata
    • unreserveDefinedRiskListEntry
    • updateRiskListEntry
  • Removed the following API requests:
    • computeRuleGenerationDataSelection
    • deleteAnalyses
    • deleteAnalysis
    • getAnalysisDataSelection
    • getAnalysisProgress
    • getAnalysisTable
    • getEnabledAnalyses
    • getInternalModelGenerationDataSelection
    • getInternalModelGenerationSettings
    • getRuleGenerationDataSelection
    • getRuleGenerationSettings
    • getRuleGenerationStatus
    • setSimulationDataSelection
    • isIndexSequenceMdcOutsideSimulation
    • setInternalModelGenerationDataSelection
    • setInternalModelGenerationSettings
    • setRuleGenerationDataSelection
    • setRuleGenerationSettings
    • startAnalysis
    • startInternalModelGeneration
    • stopAnalysis
    • stopInternalModelGeneration
    • getModelingWorkflows
    • getModelingWorkflowsTable
    • getModelling
    • getModellingsTable
    • recomputeAttributes
    • setModelling
    • setMultiModelling
    • stopRuleGeneration