Aviseringar & FAQ

Mideye primary switch will be updated and restarted on Thursday 2025-03-20 between 10:00 and 14:00 UTC. No service downtime is expected, but the primary switch will be unavailable for approximately 3 minutes, during which servers will fail over to the secondary switch. Due to security protocol upgrade, installations still running Mideye server versions below 4.7.2 will remain connected to the secondary switch until upgraded.

This affects customers using MS-CHAPv2 (not PAP). After the KB5040437 security upgrade, the RADIUS communication between MS NPS and Mideye stops working for older versions of the Mideye server (releases up to and including 6.4.2). The problem was initially addressed in Mideye server releases 6.4.3 and 6.4.4. An additional fix to also handle the RADIUS challenge-response dialog is introduced in 6.4.5. Customers are recommended to postpone deployment of KB5040437 in the NPS until the Mideye server has been updated to 6.4.5.

This affects customers using MS-CHAPv2 (not PAP). After the KB5040437 security upgrade, the RADIUS communication between MS NPS and Mideye stops working for older versions of the Mideye server (releases up to and including 6.4.2). The problem was initially addressed in Mideye server 6.4.3, but a complete fix is available in Mideye server 6.4.4. Until the Mideye server has been upgraded to version 6.4.4, customers are recommended to postpone deployment of KB5040437 in the NPS.

Telenor still seems to have some consequential problems with the SMS-service affecting some users. For users that experience login problems due to SMS delays, we recommend: a phone re-start (power off – power on), try activation of Mideye+, or in the phone settings try to change the preference between GSM/3G/4G/5G networks.

Since 12:12 CET today, Telenor Sweden has general SMS problems, affecting SMS-OTP deliveries and Mideye+ activations. The problem has been reported to the operator and is currently being investigated.

The vulnerability affects Log4j 1.2.x using the Chainsaw component. Mideye server R4.7.2 uses Log4j 1.2.17, but Chainsaw is not enabled by default and cannot be enabled via the Mideye Configuration Tool. Customers are strongly advised not to enable and use Chainsaw on the Mideye server platform. Also, customers still running Mideye R4 are recommended to upgrade to the latest Mideye server release.

Mideye Server 4 releases use Log4j 1.x, not the 2.x version that has the vulnerability. Mideye Server 5 releases use Logback per default, which is unrelated to log4j 2.x. MobileID server is based on C language code, not Java. Mideye central and internal systems underwent review with no vulnerability revealed.

Multiple subscribers with KPN Netherlands subscriptions were not able to receive SMS, affecting login with SMS-OTP. Issue resolved from around 13:00 CET.

From 12:44, there was an SMS delivery disturbance affecting +47/Telenor Norway subscribers. 13:56, Telenor reported that the issue was resolved. To mitigate the problem, starting 13:08 all OTPs to +47 numbers were delivered as inbox-SMS instead of the usual flash/pop-up.

During the morning, there have been disturbances in the central system, affecting many users that have activated the Mideye+ app. Affected users have experienced problems with Touch Accept / data push, receiving OTPs as failover SMS instead. The issue should be resolved from 08:26.

From 2020-11-16 in the morning, many Telia Sweden mobiles lost network contact and require a phone re-start (power off/power on) in order to be reachable for voice and SMS.

With iPhone iOS 14, flash/pop-up text messages are presented as ordinary inbox messages when the screen is locked. Users that are used to receiving flash/pop-up SMS-OTPs also when the screen is locked will notice a change when updating to iOS 14. This is a built-in behaviour in iOS.

Starting 2020-09-01 11:14 there was a network disturbance affecting SMS-OTP deliveries to many +46/Sweden subscribers. From 2020-09-02 10:30, all traffic is back to the original defaults with flash/pop-up.

After upgrade to Citrix Netscaler 11.1.63.15, login with OTP using RADIUS challenge-response does not work. Citrix have published a workaround for this. A similar issue has previously been reported in Netscaler 12.0.62.8 and was solved by upgrading to Netscaler 12.1.55.13.

After update to iOS 12.2, iPhone shows a warning message 'This sender has not been verified' when displaying flash/pop-up SMS messages. This is solved in iOS 12.3, released 2019-05-13.