MX Merchant Release Notes

Production Release Date: July 2, 2024

Table of Contents

• Features
  • Keycloak: User Creation Enhancements (Team Member Page)
  • MX Merchant Branding Update
  • MX Account Updater for Fiserv North
• Enhancements
  • Restored “What’s New” Functionality
  • MX POS App Updates
  • Continued UI Refresh: Payment Settings Migration
  • Enhanced Account Sharing with PIPE
• Bugs and Fixes
  • Subscription Override Vulnerability Resolved
  • Supplier Reassignment Issue Fixed
  • MX ePay Logo Visibility Restored
  • Enhanced Error Handling for BIN Lookups
  • Storage Broker Transition for Checkout

Features

Keycloak: User Creation Enhancements (Team Member Page)

Enhancements to the team member creation and editing process have streamlined workflows and improved user experience. Updates include mandatory mobile fields, automatic expansion of the "Advanced" section, and clearer error messaging for duplicate usernames or emails. Additionally, a Welcome Email is sent when saving a user without a password, simplifying onboarding.

MX Merchant Branding Update

The MX Merchant homepage now features the updated logo for consistent branding. This change is reflected in the left-hand navigation bar, aligning with current design standards and enhancing the platform’s aesthetic.

MX Account Updater for Fiserv North

The MX Account Updater service is now available for Fiserv North merchants. This feature automates vaulted card updates, reducing manual effort. Merchants can enable the service via MX Connect, ensuring consistent status updates across platforms and seamless access to this functionality.

Enhancements

Restored “What’s New” Functionality

The “What’s New” link in the navigation bar has been re-enabled, providing users with easy access to updates and feature highlights via an iframe linked to the MX Merchant documentation page. This ensures users stay informed and engaged.

MX POS App Updates

The MX POS App’s language and imagery have been modernized. Improvements include updated app preview images, enhanced price transparency, and added visual elements for better user engagement. A new Discover button links directly to the SMB Payment Solutions page for more information.

Continued UI Refresh: Payment Settings Migration

The Payment Settings page has been migrated from Angular to React, improving code maintainability and scalability. This update introduces faster load times, reusable components, and a more efficient development process while maintaining existing functionality.

Enhanced Account Sharing with PIPE

Passport bank account details are now shared with PIPE for merchants with active Passport accounts. This replaces the use of external account details, ensuring accurate and efficient financial transactions for merchants on standard funding.

Bugs and Fixes

Subscription Override Vulnerability Resolved

A critical vulnerability allowing unauthorized modification of subscriptions via an IDOR on the /checkout/v3/subscription endpoint has been fixed. Authorization checks now ensure secure data handling.

Supplier Reassignment Issue Fixed

An IDOR vulnerability on the PUT /checkout/v3/supplier/ID endpoint, which allowed unauthorized access to supplier data, has been resolved with proper authorization controls.

MX ePay Logo Visibility Restored

The MX ePay logo now displays correctly in Sandbox and UAT environments, addressing an issue where it was previously missing.

Enhanced Error Handling for BIN Lookups

Errors from BIN lookups have been enriched with detailed routing information, improving troubleshooting and system reliability.

Storage Broker Transition for Checkout

The Checkout service has been moved to a new storage broker, ensuring better performance and scalability for future growth.