Activity
From February 25, 2023 to March 26, 2023
March 24, 2023
- 10:30 Task #12944: [SCP ID :##6249##] : Mobile Pentest Remediation M1 Insecure Direct Object Reference ...
- Done deployed to UAT and provided link to download.
version 3.3.1 build 341 Internal BSN
https://testflight.apple... - 10:28 Task #12973 (User Acceptance Test): [IOS] Pentest - L2 No Server-Side Session Termination
- Done deployed to UAT and provided link to download.
version 3.3.1 build 341 Internal BSN
https://testflight.apple... - 10:28 Task #12979 (User Acceptance Test): [IOS] - L5 - Application Backgrounding (Unintended Data Leakage)
- Done deployed to UAT and provided link to download.
version 3.3.1 build 341 Internal BSN
https://testflight.apple... - 10:23 Task #13098 (User Acceptance Test): Pass the JID data from Detail Resftful Response to Confirm Re...
- Done deployed to UAT and provided link to download.
version 3.3.1 build 341 Internal BSN
https://testflight.apple... - 10:20 Task #12990 (User Acceptance Test): [IOS] - Pentest - L13 - App Transport Security (ATS) Exceptio...
- Done deployed to UAT and provided link to download.
version 3.3.1 build 341 Internal BSN
https://testflight.apple... - 10:08 Task #12976 (User Acceptance Test): [IOS] - L3 - Sensitive Information Leaked in Logs (Unintended...
- Done deployed to UAT and provided link to download.
version 3.3.1 build 341 Internal BSN
https://testflight.apple... - 10:08 Task #12989 (User Acceptance Test): [IOS] - Pentest - L12 - Overly Permissive Permission
- Done deployed to UAT and provided link to download.
version 3.3.1 build 341 Internal BSN
https://testflight.apple... - 10:07 Task #13089 (User Acceptance Test): IOS Pentest - L10 - Circumvention of Workflow (OTP Bypass)
- Done deployed to UAT.
version 3.3.1 build 341 Internal BSN
version 3.3.1 build 340 VPN Penril - 10:01 Support #13201 (Work Completed-End life cycle): [SCP ID :##6418##] : Android - Session Creation F...
- 09:26 Support #13097 (Development / Work In Progress): [SCP ID :##6346##] : Enhancement service on reve...
March 23, 2023
- 17:26 Support #12776 (Work Completed-End life cycle): [SCP ID :##6127##] : Request to remove charges we...
- The script successfully run in Prod.
- 17:16 Support #13263 (Work Completed-End life cycle): [SCP ID :##6464##] : Audit Findings - IBAM Users ...
- 15:41 Task #12992 (Pending UAT Deployment): [ANDROID] - Pentest - I2 - Application Screenshot (Unintend...
- Please deploy this fixes to UAT.
Thanks - 15:41 Task #12991 (Pending UAT Deployment): [ANDROID] - Pentest - I1 - Application Allows Use of Third-...
- Please deploy this fixes to UAT.
Thanks - 15:40 Task #12990 (Pending UAT Deployment): [IOS] - Pentest - L13 - App Transport Security (ATS) Except...
- Please deploy this fixes to UAT.
Thanks - 15:40 Task #12989 (Pending UAT Deployment): [IOS] - Pentest - L12 - Overly Permissive Permission
- Please deploy this fixes to UAT.
Thanks - 15:39 Task #12988 (Pending UAT Deployment): [ANDROID] - Pentest - L12 - Overly Permissive Permission
- Please deploy this fixes to UAT.
Thanks - 15:39 Task #12987 (Pending UAT Deployment): [ANDROID] - Pentest - L11 - Android Application Supports Cl...
- Please deploy this fixes to UAT.
Thanks - 15:38 Task #13090 (Pending UAT Deployment): Android Pentest - L10 - Circumvention of Workflow (OTP Bypass)
- Please deploy this fixes to UAT.
Thanks - 15:38 Task #13089 (Pending UAT Deployment): IOS Pentest - L10 - Circumvention of Workflow (OTP Bypass)
- Please deploy this fixes to UAT.
Thanks - 15:37 Task #12986 (Pending UAT Deployment): Pentest - L10 - Circumvention of Workflow (OTP Bypass)
- 15:37 Task #12984 (Pending UAT Deployment): Pentest - L8 - Parameter Tampering (Generate PDF)
- Please deploy this fixes to UAT.
Thanks - 15:37 Task #12981 (Pending UAT Deployment): Pentest - L7 - Packet Replay (Fund Transfer)
- Please deploy this fixes to UAT.
Thanks - 15:35 Task #13098 (Pending UAT Deployment): Pass the JID data from Detail Resftful Response to Confirm ...
- Please deploy this fixes to UAT.
Thanks - 15:34 Task #12983 (Pending UAT Deployment): [IOS] - Pentest - L7 - Packet Replay (Fund Transfer)
- 15:34 Task #12982 (Pending UAT Deployment): [ANDROID] - Pentest - L7 - Packet Replay (Fund Transfer)
- Please deploy this fixes to UAT.
Thanks - 15:34 Task #12979 (Pending UAT Deployment): [IOS] - L5 - Application Backgrounding (Unintended Data Lea...
- Please deploy this fixes to UAT.
Thanks - 15:33 Task #12976 (Pending UAT Deployment): [IOS] - L3 - Sensitive Information Leaked in Logs (Unintend...
- Please deploy this fixes to UAT.
Thanks - 15:32 Task #12975 (Pending UAT Deployment): [ANDROID] - L3 - Sensitive Information Leaked in Logs (Unin...
- Please deploy this fixes to UAT.
Thanks - 14:56 Task #13214 (Closed - End of life cycle): HUAWEI - I1 - Application Can Be Used In Emulator
- Deployed to SIT on 15/4/22
Deployed to UAT on 18/4/22
Confirmed by azyan on 23/3/23, now pending LGMS feedback an... - 14:56 Task #12972 (Pending UAT Deployment): Pentest - L2 No Server-Side Session Termination
- 14:55 Task #12974 (Pending UAT Deployment): [ANDROID] - Pentest - L2 No Server-Side Session Termination
- Please deploy this fixes to UAT.
Thanks - 14:55 Task #13213 (Closed - End of life cycle): HUAWEI - L9 - Android Application Supports Cleartext Tr...
- Deployed to SIT on 15/4/22
Deployed to UAT on 18/4/22
Confirmed by azyan on 23/3/23, now pending LGMS feedback an... - 14:55 Task #12973 (Pending UAT Deployment): [IOS] Pentest - L2 No Server-Side Session Termination
- Please deploy this fixes to UAT.
Thanks - 14:55 Task #13211 (Closed - End of life cycle): HUAWEI - L7 - Private IP Addresses Disclosed (Unintende...
- Deployed to SIT on 15/4/22
Deployed to UAT on 18/4/22
Confirmed by azyan on 23/3/23, now pending LGMS feedback an... - 14:54 Task #13210 (Closed - End of life cycle): HUAWEI - L6 - Overly Permissive Permission
- Deployed to SIT on 15/4/22
Deployed to UAT on 18/4/22
Confirmed by azyan on 23/3/23, now pending LGMS feedback an... - 14:54 Task #13209 (Closed - End of life cycle): HUAWEI - L5 - Partial Source Code Obfuscation
- Deployed to SIT on 15/4/22
Deployed to UAT on 18/4/22
Confirmed by azyan on 23/3/23, now pending LGMS feedback an... - 14:53 Task #12944 (Pending UAT Deployment): [SCP ID :##6249##] : Mobile Pentest Remediation M1 Insecure...
- Please deploy this fixes to UAT.
Thanks - 14:53 Task #13207 (Closed - End of life cycle): HUAWEI - L3 - Local Biometric Authentication Bypass
- Deployed to SIT on 15/4/22
Deployed to UAT on 18/4/22
Confirmed by azyan on 23/3/23, now pending LGMS feedback an... - 14:52 Task #13206 (Closed - End of life cycle): HUAWEI - L2 - Missing Certificate/ Public Key Pinning
- Deployed to SIT on 15/4/22
Deployed to UAT on 18/4/22
Confirmed by azyan on 23/3/23, now pending LGMS feedback an... - 14:52 Task #12943 (Pending UAT Deployment): [SCP ID :##6249##] : Mobile Pentest Remediation M1 Insecure...
- Please deploy this fixes to UAT.
Thanks - 14:52 Task #13205 (Closed - End of life cycle): HUAWEI - L1 - Android usesCleartextTraffic Enabled
- Deployed to SIT on 15/4/22
Deployed to UAT on 18/4/22
Confirmed by azyan on 23/3/23, now pending LGMS feedback an... - 14:48 Task #13204 (Closed - End of life cycle): HUAWEI - M1 - Lack of Code Integrity Checks
- Deployed to SIT on 15/4/22
Deployed to UAT on 18/4/22
Confirmed by azyan on 23/3/23, now pending LGMS feedback an... - 14:46 Task #13203 (Closed - End of life cycle): HUAWEI - H1 - Unencrypted Communications
- Deployed to SIT on 15/4/22
Deployed to UAT on 18/4/22
Confirmed by azyan on 23/3/23, now pending LGMS feedback an... - 14:37 Support #13201: [SCP ID :##6418##] : Android - Session Creation Failed Error
- Follow up with BSN team and pending their feedback.
- 14:14 Support #13434 (Investigation): [SCP ID :##6605##] : Changing DB ip Addresses
- Email sented to Persys(DB vendor) enquiring details on what's are the impact and things to take note of changing DB I...
- 14:13 Support #13341 (Investigation): [SCP ID :##6530##] : Cdb1a Down
- Log analysed, it caused CBD1A down by constantly create's web container for the error parse date and overwhelm the lo...
- 13:54 Support #13079: [SCP ID :##6329##] : Double Posting For AIG Rebilling on 18/6
- follow up with bsn.
- 13:11 Support #13145: [SCP ID :##6387##] : Add Maintenance page
- Pending feedback SIT team
- 12:48 Support #12959 (Closed - End of life cycle): [SCP ID :##6266##] : DuitNow error
- 12:46 Support #13018: [SCP ID :##6284##] : Rentas web service issue
- Close on 30/8/22
- 12:45 Support #13018 (Closed - End of life cycle): [SCP ID :##6284##] : Rentas web service issue
- 12:44 Support #12877 (User Acceptance Test): [SCP ID :##6113##] : IBAM Report Enhancement - SPP status
- Tested and passed by JTM on 24/8/22
- 12:29 Support #12948: [SCP ID :##6256##] : Transaction History for 1Bank Lodgment Project
- On hold.
Combined CR -
CR22009 - Tabung Haji, 1Bank Lodgment and Delete Button
Pending JPD to approve and PO... - 12:29 Task #13098: Pass the JID data from Detail Resftful Response to Confirm Restful Request
- Passing JID already exist in SIT development. Can test latest SIT IPA (version 3.3.1 build 339 VPN Penril)
- 12:22 Support #12948 (System Integration Test): [SCP ID :##6256##] : Transaction History for 1Bank Lod...
- To follow up with sit team.
- 11:52 Task #13098: Pass the JID data from Detail Resftful Response to Confirm Restful Request
- Felix to update screenshot of the changes/fixes.
- 11:50 Task #12968: [SCP ID :##6249##] : Mobile Pentest Remediation L1 Missing Function Level Access Con...
- Aina and felix o test this issue on local.
To provide another APK to test this item, seperate with other item. - 11:45 Task #12980: Pentest - L6 - Local Biometric Authentication Bypass
- From Najmi :
Hi Athira,
Attached is response image,L1_result20220718.png.
Test steps for the attached error:
... - 11:41 Task #12985: [SCP ID :##6249##] : Mobile Pentest Remediation - Pentest - L9 - DuitNow Recipient N...
- Pending testing, rpp host error u171 - online authorization exception
- 11:30 Support #13262 (Work Completed-End life cycle): Obsolete Web Browser Support and Rooted Device (Web)
- 11:30 Support #13260 (Work Completed-End life cycle): Obsolete Web Browser Support and Rooted Device (A...
- 11:16 Support #13411 (System Integration Test): [SCP ID :##6586##] : CDB Reports not sync with data in ...
- Tested and passed.
- 10:48 Support #13440 (System Integration Test): [SCP ID :##6611##] : Approval Expiry Date for Workflow ...
- 10:47 Support #13440: [SCP ID :##6611##] : Approval Expiry Date for Workflow Company
- Tested and passed.
- 10:38 Bug #12751 (User Acceptance Test): Update display screen - IOS
- Re-assign to Athira Marobi to follow up. This issue is the same issue as the "Bug #12712: [SCP ID :##6083##] : DuitNo...
- 10:36 Support #12712: [SCP ID :##6083##] : DuitNow - Android not display charges
- Re-assign to Athira Marobi to follow up
- 10:33 Enhancement #12626 (Closed - End of life cycle): To remove window time at authorization - IOS
- Already production version 3.2.8 build 213.
- 10:32 Support #13016: [SCP ID :##6283##] : Jompay Charges not display in Transaction History and BSNeBi...
- Please work out with BSN on the deployment plan on this issue
- 09:37 Support #13277 (Finished Development): [SCP ID :##6478##] : To Display Giro-i Premium without cre...
- - Handled from backend, if credit limit is null, will display -
- 09:36 Task #13431 (Development / Work In Progress): Application Code
- - revise flow to navigate to login when click button OK if unable to connect to mfp
March 22, 2023
- 10:16 Task #13430 (Development / Work In Progress): Restful - Check version at Login
- 10:06 Support #12625 (Work Completed-End life cycle): [SCP ID :##6037##] : To add new maintenance page ...
- DB online backup is in-progress. User can access to IBAM and CDB even though EOD backup is running. Related to issue ...
- 09:57 Support #13306 (Work Completed-End life cycle): [SCP ID :##6507##] : No list for navigation (Giro...
- Giro-i premium navigation is displayed.
March 20, 2023
- 18:34 Support #13451: [SCP ID :##6622##] : Intermittence connection
- Request to enable trace logger in both app server on web container and session to narrow down the root cause.
*=in... - 16:13 Support #13451 (Closed - End of life cycle): [SCP ID :##6622##] : Intermittence connection
- Hi,
Kindly attend below request:-
Intermittence connection for IBAM and CDB.
March 16, 2023
- 08:06 Support #13444 (System Integration Test): [SCP ID :##6616##] : Allow Org Code not reflect
- Tested and passed
March 15, 2023
- 17:56 Support #13440 (Internal Testing): [SCP ID :##6611##] : Approval Expiry Date for Workflow Company
- SIT deploy on 15/03/2023
- 17:55 Support #13444 (Internal Testing): [SCP ID :##6616##] : Allow Org Code not reflect
- SIT deploy on 15/03/2023
- 17:54 Support #13444 (Finished Development): [SCP ID :##6616##] : Allow Org Code not reflect
- Finding: The allow org code is not set in authorization
Solution: set allow org code at authorization and display or... - 15:17 Support #13444 (Development / Work In Progress): [SCP ID :##6616##] : Allow Org Code not reflect
- 14:32 Support #13444 (Work Completed-End life cycle): [SCP ID :##6616##] : Allow Org Code not reflect
- Hi,
Kindly attend below request:-
Maker allow org code in User Maintenance > Checker approve > Org Code in User M...
March 14, 2023
- 14:13 Support #13440: [SCP ID :##6611##] : Approval Expiry Date for Workflow Company
- Explanation:
If the initiated date is 14/03/2023 9.00am, it is valid for approval until 15/03/2023 9.00am.
From 15/... - 14:02 Support #13440 (Development / Work In Progress): [SCP ID :##6611##] : Approval Expiry Date for Wo...
- Salam Hasnieza,
Please help to deploy DEBUG for cdb and restful.
Updated projects:
# bsn-cdb
# bsn-core
# bsn-...
March 13, 2023
- 16:18 Support #13440 (Closed - End of life cycle): [SCP ID :##6611##] : Approval Expiry Date for Workfl...
- Hi,
Kindly attend below request:-
The online transaction MUST EXPIRED if the transaction does not approve 1 day dat...
March 10, 2023
- 11:05 Support #13368 (Work Completed-End life cycle): [SCP ID :##6553##] : BSNeBiz Summary Report gener...
- Deploy on 24/2/2023
Migration ID0066 - 11:05 Support #13347 (Work Completed-End life cycle): [SCP ID :##6535##] : File upload posting date filter
- Deploy on 24/2/2023
Migration ID0066 - 11:04 Support #13303 (Work Completed-End life cycle): [SCP ID :##6504##] : NC failed ( No retry)
- Deploy on 24/2/2023
Migration ID0066 - 11:03 Support #13258 (Work Completed-End life cycle): [SCP ID :##6462##] : Obsolete Web Browser Support...
- Deploy on 24/2/2023
Migration ID0066 - 11:03 Support #13243 (Work Completed-End life cycle): [SCP ID :##6447##] : BSNeBiz Report Failed
- Deploy on 24/2/2023
Migration ID0066 - 11:02 Support #13146 (Work Completed-End life cycle): [SCP ID :##6388##] : Duit now error - Sender ID h...
- Deploy on 24/2/2023
Migration ID0066
March 03, 2023
- 15:17 Support #13434 (Investigation): [SCP ID :##6605##] : Changing DB ip Addresses
- Hi,
Kindly attend below request:-
Please be informed, as part of the Bank’s on-going cyber resilience exercise, a...
March 01, 2023
- 16:01 Task #13430: Restful - Check version at Login
- At login need to check version again to avoid user make payment using outdated app
- 16:01 Task #13431 (Work Completed-End life cycle): Application Code
- For page server under maintenance, the message need to improve. Also, the OK button should retry get mobile version. ...
- 15:59 Task #13430 (Work Completed-End life cycle): Restful - Check version at Login
- Refer to Support #13429 [SCP ID :##6602##] : BSNeBiz Mobile App ' Server Under maintenance Page'
- 15:44 Support #13429 (Work Completed-End life cycle): [SCP ID :##6602##] : BSNeBiz Mobile App ' Server ...
- Hi,
Kindly attend below request:-
If the ap show 'Server Under Maintenance Page' screen, user unable to proceed o... - 14:50 Support #13418 (System Integration Test): [SCP ID :##6593##] : eStatement job fail
- 14:50 Support #13418 (Internal Testing): [SCP ID :##6593##] : eStatement job fail
- Test Steps:
1. Run eStatement large file size
2. The batch job should be retried when there is one account number t...
February 27, 2023
- 12:21 Support #13418 (Finished Development): [SCP ID :##6593##] : eStatement job fail
- Solution: set the pdf generated to Y at header as the cronjob will keep retrying when one account no failed generated...
Also available in: Atom