▲ Top

Release Notes for OneSpan Sign 11

The Release Notes for 10.x versions of OneSpan Sign are here.

The following sections contain Release Notes for 11.x versions of OneSpan Sign:

Release 11.26 (Coming 27-30 May 2019)

What's New


  • Enabled visually impaired senders to add recipients to a transaction, and to edit recipients' information.

  • When creating a transaction or template, the setting Enable accessibility is now automatically set to the default value specified for the account.


  • The Enforce Authentication option will now be ignored for account senders if Single Sign-On Authentication has been specified as the Authentication Method for their account. Thus no one will have to specify information for Authentication Methods that will not be used.

  • Knowledge-Based Authentication questions and answers will be displayed in the recipient's language. Specifically: (1) the language for Equifax USA can be English or Spanish ( if the recipient has a different language, the fallback language is English); (2) the language for Equifax Canada can be English or French ( if the recipient has a different language, the fallback language is English).
  • You can now search for transactions or templates using a recipient's first name, last name or email address (for the REST API, see the searchtype parameter in the section Retrieve a List of Packages; for the New User Experience, see the section Find Transactions).
  • Increased the storage space available for email templates.
  • When creating a transaction or template, the setting Enable in person signing is now automatically set to the default value specified for the account.

Bug Fixes


  • PB-25479: Fixed an issue that prevented signatures signed by other recipients in a uploaded document from being presented to users in accessibility mode.
  • PB-25353: Fixed the following issue. When the Add Recipients button was selected using the keyboard in accessibility mode, instead of hearing ADD RECIPIENTS button selected, users heard ADD RECIPIENTS button unavailable.

  • PB-25719: Fixed a wrong presentation of the document Preview button in accessibility mode.

  • PB-25986: Fixed an accessibility issue in which: (1) users were not notified that you cannot create a new transaction from an existing accessible transaction; (2) settings were not being inherited when a new template was created from an existing template via the REST API.
  • PB-26079: Fixed the following issue. When a recipient using Android TalkBack tried to complete a signature by double tapping the Confirm button, TalkBack read the OK button twice instead of once, and therefore highlighted that button twice instead of once.


  • PB-21959: Fixed an issue that prevented transaction counts from updating properly next to the Inbox and Drafts headings after a user deleted or archived a transaction from these lists.
  • PB-20485: Fixed the following issue. Passing an invalid document ID while retrieving field values via the REST API returned an exception instead of an informative error message.

  • PB-25880: Different environments (e.g., Sandbox, Production) were found to be using different default formats for the timestamps applied to signatures. Removing this inconsistency provided all environments with the default format yyyy-MM-dd HH:mm:ss z, where z is the timezone. If you want a different default format for your account, please contact Technical Support (support@onespan.com; 1-855-MYESIGN).

  • PB-16839: Fixed an issue that permitted a recipient to decline a transaction even after confirming their signature.

  • PB-26261: Fixed an issue in which switching to the Classic User Interface caused the page footer to overlap with the list of transactions. The fix keeps the footer at the bottom of the page.

  • PB-25662: Fixed the following issue. Using Windows 7 and Internet Explorer 11, the top left of the Designer page failed to show the complete name of the current transaction when that name had fewer than 4 characters.

  • PB-25837: Fixed the following issue. When a user of OneSpan Sign for iOS confirmed a document or switched between documents, the system's loading the new document sometimes hung.

  • PB-26213: Fixed an issue that prevented users from using the keyboard's backspace key to update the maximum length of a text field or text area.

  • PB-26221: Fixed an issue in which the Java and .NET SDKs did not support a proxy configuration of the method eslClient.signDocuments.

Release 11.25

What's New

  • Updated our cipher suite for outgoing Callback Notifications and SMTP messages from the OneSpan Sign service to customers. For more information, see Enhanced Security Standards.

  • When a user accesses the Signing Ceremony from an email link, if their original SMS passcode has expired, the system now automatically sends them a new SMS passcode.
  • If a document fails to upload when a transaction is being created via the SDK call EslClient.createPackage, the system now automatically deletes the transaction from the Drafts folder.
  • When using the REST API to retrieve a list of all groups in an account, the list can now be filtered by searching for a specific or partial group name. For more information, see Retrieve a List of All Groups in the Current Account.
  • When using a Java or .Net SDK to retrieve a list of all groups in an account, the list can now be filtered by searching for a specific or partial group name. For more information, see Managing Groups.
  • In a completely signed document, all Form Fields and signatures not associated with a recipient are now flattened — i.e., are read-only.
  • PDFs added to a transaction must not have syntax errors. If they do, the flattening described in the previous bullet may prevent recipients from confirming their signatures. To avoid that, we strongly recommend that you use Adobe's Preflight tool to scan and analyze a PDF for syntax errors before you add it to a transaction. For more information on the Preflight tool, refer to your Adobe documentation.

  • The Enable accessibility mode button is now available when the Signing Ceremony is accessed through the Sender interface.
  • In the Signing Ceremony's accessibility mode, visually impaired recipients are now notified when their cursor moves in or out of the Capture Signature box.

Bug Fixes

  • PB-25102: Ensured that the Layouts drop-down list will not appear behind the Apply Layout dialog box (see Applying a Layout). This superposition made it hard to scroll within the list to select a layout.
  • PB-21327: Fixed an issue that prevented a document's Accepted and Confirmed dates from displaying a timestamp.
  • PB-25300: Fixed an issue in which continuous component updates caused the Document Preview and Designer pages to flicker.
  • PB-18552: Fixed an issue that, in accessibility mode, prevented ToolTips for Form Fields from presenting customized content that had been specified using OneSpan Sign's BackOffice administration tool.
  • PB-20058: Fixed an issue that, in accessibility mode, prevented a signature's ToolTip from being updated once the signature was accepted.
  • PB-20150: Ensured that in accessibility mode the Signing Ceremony's Decline dialog box's list of reasons for declining can be navigated via the keyboard's arrow keys.
  • PB-23674: Fixed an accessibility issue in which the description of a recipient's authentication was not being read by a screen reader when the Enforce Authentication condition was enabled for the recipient's account.
  • PB-23677: Fixed an accessibility issue in which multiple H1 headings appeared on the Dashboard page. This did not comply with JAWS 2018.
  • PB-24496: Fixed an accessibility issue in which the JAWS screen reader read all the labels above the currently selected label on the Create New Transaction page.
  • PB-24488: Fixed an issue in which the visual contrast of the First Time Use message on the Dashboard page did not comply with accessibility guidelines.
  • PB-24490: Fixed an issue in which the visual contrast of the text on the Personal Information page of My Account did not comply with accessibility guidelines.
  • PB-24487: Fixed an issue in which the visual contrast of a selected menu item from the top menu of the New User Experience did not comply with accessibility guidelines.
  • PB-24485: Fixed an issue in which the visual contrast of a selected field's orange border did not comply with accessibility guidelines.
  • PB-25957: Fixed an issue that was preventing page controls from working properly with TalkBack screen readers on Android devices in accessibility mode.

Release 11.24

An unexpected error occurred with a fix to PB-21959. Due to the instability this could create, a patch release — 11.24.1 — was quickly issued. Soon after, another patch release — 11.24.2 — was issued to ensure that document pages display properly in the Designer section of the New User Experience.

What's New

  • When New User Experience senders create accessible transactions or templates, they can now map the Form Fields in added documents to recipients' OneSpan Sign fields. For details, click here.
  • The Signature page of the My Account set of pages enables users to create a handwritten signature that can be used to sign documents. That page's Signature now opens in full-screen mode to give visually impaired users more space to capture their signature.
  • Enabled Bulk Sending to configure Personal Certificate signing for its recipients. An example of that configuration appears in the section Sample CVS File.
  • Placed an appropriate transaction count next to two headings on the New User Experience page that lists transactions. Specifically: (1) the number of transactions that currently have the status In progress appears next to the Inbox heading; (2) the total number of transactions that currently have the status Draft, Expired, Declined or Opted out appears next to the Drafts heading.
  • In the New User Experience, the action icons above the Transactions list will now: (1) always be visible; (2) become enabled when a transaction is selected.
  • The Recipient Settings screen inside the New User Experience has an Attachments tab. The Delete icon on that tab will now: (1) always be visible; (2) become enabled when an attachment is selected.
  • Enabled Single Sign-On Authentication to: (1) provision senders when multiple OneSpan Sign accounts have the same Identity Provider; (2) provision a sender as either a Manager or a Member.
  • Added support for additional timezones to accommodate places that do not observe Daylight Saving Time (DST).
  • Error and warning messages that appear in the application will no longer automatically disappear. They must be dismissed by the user.

  • In the accessible view of a document during signing, the Form Fields not associated with a recipient now appear as read-only text.
  • Our Sender interface has never officially supported adding documents to transactions via drag-and-drop, but this technique could have worked in certain cases. This technique will stop working in all use cases with this release. This change will enable us to: (1) enhance other features; (2) fully support drag-and-drop functionality in a future release.

Bug Fixes

  • PB-21466: Fixed an issue that was permitting senders to enter invalid values on the Email Reminders screen.
  • PB-18844: Fixed an issue that prevented a document from being tamper-sealed upon transaction completion if the last recipient did not sign an optional signature.
  • PB-22064: Fixed an issue that was causing the email reminders for all transactions to be sent just once per day. Email reminders are now sent once every hour. Thus a reminder designed to be sent after one day is now sent between 24 and 25 hours after the original invitation (no longer between 24 and 48 hours after the original invitation).

Known Issue

  • PB-21959: Deleting or archiving a transaction may lead to incorrect count numbers next to the headings of the Inbox and Drafts folders .

Release 11.23

What's New

  • The Evidence Summary now records when a transaction owner manually completes a transaction.
  • As part of an ongoing effort to make the New Application User Experience accessible to visually impaired senders:
    • The color scheme was improved for visually impaired senders.
    • The Dashboard's Account Summary chart was made a non-clickable image. Instead, the items within the legend indicate the number of transactions, and they link to the Reports page.
    • The following changes were made to the Date Picker control:
      • Dates can now be input manually.
      • Senders must now click OK to confirm their date selection.
      • To clear a date, you must now do one of the following: (a) select the date and press DEL on the keyboard; (b) open the calendar, and click Clear.

Bug Fixes

  • PB-20463: Fixed an issue that prevented a transaction's completion date from being properly assigned when the transaction was manually completed by the transaction owner.
  • PB-20825: Fixed an issue that caused transaction owners to receive Opt Out and Decline emails in the recipient's language instead of their own language.
  • PB-20846: Fixed an issue that made the captions on buttons in the Capture Instructions screen bleed beyond the buttons' borders.
  • PB-11204: Fixed an error in the Spanish text that appears on the translated Affadavit page during In-Person Signing.
  • PB-18225: Fixed an error in the Spanish text that appears on the translated Guest Login page during SMS Authentication.
  • PB-20179: Fixed an issue in which disabling the Session Bar during the Signing Ceremony made the Enable accessibility link unavailable (Ceremony Layout describes how to disable the Session Bar).
  • PB-20206: Fixed an issue in which the JAWS screen reader was reading an incorrect label for the Click to Sign Signature Box.
  • PB-21131: Fixed an issue regarding query parameters injected into the Handover URL.
  • PB-21096: Fixed an issue in which low screen resolutions prevented users from configuring a signature as Optional.
  • PB-19992: Fixed problems with the SMS Authentication screen in which entering an incorrect SMS pass code caused: (1) the display of an inaccurate default message for the French language; (2) failure to display a customized string defined by the customer.
  • PB-21698: Fixed an issue that in certain scenarios prevented senders from previewing their documents.
  • PB-8330: Removed an undesirable User-Agent value from the header of the Apache HTTP client created by OneSpan Sign's Application Backend.

Release 11.22

What's New

  • As recommended by the US National Institute of Standards and Technology (NIST), One-Time Password (OTP) codes for SMS Authentication will now expire (default lifetime = 5 minutes).
  • A user can now change the signer's Company and Title when they delegate signing to another user.

  • Links that appear in PDF documents can now be de-activated for an account.

  • Now when a user signs with a mobile device, optional signatures are available in the Mobile Signing Ceremony.

  • Document deletions are now recorded in the Evidence Summary.

  • Transaction deletions are now recorded by our back-end system. To obtain this Audit Trail, please contact Technical Support (support@onespan.com; 1-855-MYESIGN).
  • Optimized the Package Overview API, thereby improving overall performance.

  • Enhanced performance by enabling the following call to be executed more rapidly: Remove Multiple Existing Documents from a Package.

  • Upgraded Ruby (which is used by the Classic User Experience) to version 2.5.3.
  • Dropped support for Internet Explorer 9 and 10 in the New User Experience (see Minimum Software Requirements).

Bug Fixes

  • PB-19529: Fixed an issue that was preventing Sender SSO Authentication with Active Directory sessions that were older than 2 hours.

  • PB-19797: Prevented the Cookie Policy notification from blocking the Accept button in the Signing Ceremony.

  • PB-10610: Removed the Cancel button from the failure screen for KBA Authentication.

  • PB-12024: Fixed a Mobile Signing Ceremony issue in which fields were being rendered larger than intended, and were overlapping with text.

  • PB-16420: Fixed an issue in which the "completion check mark" failed to appear for recipients using SMS Authentication.

  • PB-17091: Fixed an incorrect Spanish translation of the Click to Sign Signature Box.

  • PB-17923: Fixed an incorrect Spanish translation of the string This field is required on the Opt Out and Decline screens.

  • PB-18484: Fixed an incorrect Spanish translation of the Accept button in the Mobile Signing Ceremony.

  • PB-21185: Fixed a performance issue by removing precision scanning for Text Tags.

Release 11.21

What's New

  • Added customizable time zones for transaction owners at the Account, Sender, and Transaction levels. Thus the time zone used to display all dates on a transaction's signed documents can now be customized. A zone specified at the Transaction level supersedes zones specified at the other levels, and a zone specified at the Sender level supersedes a zone specified at the Account level. Specifying a zone at the Transaction level is described here, and specifying a zone at the Sender level is described here. To specify a zone at the Account level, please contact Technical Support (support@onespan.com; 1-855-MYESIGN).

  • When a callback fails, an email is sent out. That email has been improved to include the reason for the failure.

  • Added Android TalkBack support for the Mobile Signing Ceremony on tablets (that support is documented here).

  • Added support for the integration of optional signatures via Document Extraction and Text Tag Extraction.

Browser Support

Bug Fixes

  • MAIN-3183: Fixed an issue that occasionally prevented the uploading of documents during the Signing Ceremony, when using Internet Explorer.

  • PB-19532: Fixed an issue that caused an incorrect email notification to be sent to a signer when the attachment from a different signer in the same transaction has been rejected.

  • PB-17816: Fixed an issue that caused the top rebranding banner in Safari to sometimes disappear.

  • PB-17595: Fixed an issue in which an unwanted border appeared around a banner added to the Designer page.

  • PB-17184: Fixed an issue in which trying to "Bulk Sign" signatures when it was not the designated signer’s turn did not return a user-friendly message.

  • PB-16990: Fixed an issue in which trying to add a recently deleted document from the Document History caused an Error 500 instead of a user-friendly message.

  • PB-16817: Fixed an issue in which an invalid configuration for the Sender in the IdP server caused an ambiguous error.

  • PB-16647: Fixed an issue in which the Archival Module couldn't purge data from long-term storage.

  • PB-15570: Fixed an issue in which the SMS passcode was not being sent in the signer’s preferred language.

  • PB-13579: Changed the flow so that email notifications to complete a transaction are sent only after all required attachments have been uploaded.

  • PB-12894: Fixed an issue in which clicking the Save Layout button too quickly after applying a layout caused an error.

  • PB-12842: Fixed an issue in which switching between the Drafts and Inbox folders before a page was fully loaded caused invalid data to appear.

  • PB-12356: Fixed an issue in which attachments without an associated description caused a misalignment in the New Application User Experience.

  • PB-7727: Enabled the API to add attachments to a transaction even when attachments are disabled on the associated account.

  • PB-16911: In certain Optional Signature scenarios, we prevented: (1) an extra email from being sent; (2) an extra Optional Signature from being displayed.

  • PB-17034: Made the Continue button appear in those Optional Signature scenarios where it was missing.

Known Issue

  • When a user views an eSignLive invitation email in Gmail using an Android tablet in its Landscape orientation, the email's Go to document button is not fully displayed. The workaround is simply to rotate the tablet to its Portrait orientation.

Release 11.20

What's New

  • Enabled blind and visually impaired users to review and click-to-sign PDF documents on mobile devices. This involved making the Mobile Signing Ceremony support Web Content Accessibility Guidelines (WCAG) 2.0 Level AA.

  • Added iOS VoiceOver support for the Mobile Signing Ceremony on iPhones and iPads (that support is documented here).

  • Enabled Bulk Signing — "Sign All" — for: (1) the Signature Capture signature type; (2) documents with mixed signature types.
  • Made SMS messages more customizable than they had been.

  • Made the Thank you dialog box support special characters.

  • Enabled Single Sign-On (SSO) Authentication to be configured with the same Identity Provider's entity ID for both senders and signers.

  • Added pagination to the displayed list of senders when delegates are being added in the New User Experience.

  • Enabled static hyperlinks in PDF documents that are in a completed transaction.

Performance Enhancements

  • System throughput (number of transactions per hour supported by the system) has been improved by 25%.

  • The Get Package API response time has been reduced by 13%.

  • The load time for the API underlying the Dashboard's Account Summary pie chart was improved by 36%.

Bug Fixes

  • PB-15119: Enabled Text tag extraction to work when documents are uploaded from Salesforce.

  • PB-16396: Fixed a licensing error that occurred when documents were being uploaded.

  • PB-15928: Improved the alignment of the title of the Capture Signature Signature Box on mobile devices.

  • PB-1563: Made the Evidence Summary filename display the correct text when the file is downloaded from the application.

  • PB-16733: Ensured that for a document with Text Tags, artifacts of those tags do not appear in the document after it is added to a transaction.

  • PB-16390: Fixed an issue involving Optional Signatures and the Personal Certificate Client.

  • PB-10973: In ADA mode (designed for visually impaired users), we enabled the Accept button to be read by a screen reader that uses an Internet Explorer browser.

  • PB-12457: In ADA mode, we enabled the progress bar to be read by a JAWS screen reader that uses an Internet Explorer browser.

  • PB-11393: In ADA mode, we translated Alt text for the progress bar into French.

  • PB- 12430: In ADA mode, we enabled the following text within the Consent document to be translated into any supported language: Must be accepted and agreed to before starting the signing process.

Release 11.19

What's New

  • Enhanced Single Sign-On (SSO) Authentication to support external recipients. This enables the exchange of authentication information between OneSpan Sign and corporate servers. Thus signers can now use their organization's credentials to access the Signing Ceremony.

  • Added support for optional signatures. This permits a signer to complete a transaction without signing all of their signatures inside the transaction's documents. Any signature type can be flagged as "optional" via the New User Experience, the REST API, or the SDKs. For a description of associated limitations, see the first note in this section.

  • Ensured that the Owner of a transaction receives a notification every time a signer uploads an attachment. This is especially important if a rejected attachment is re-uploaded.

Bug Fixes

  • PB-16402: Ensured that the document description appears when a user clicks the Document Title bar in a Mobile Signing Ceremony.

  • PB-16596: Fixed an issue that was preventing the Personal Certificate Client from connecting when a user had multiple active network connections.

Release 11.18

What's New

  • Added the names of Form Fields to the Audit Trail section of the Evidence Summary document.
  • Enabled the Enforce Signature Capture option to be set at the signature level. It could already be set at the transaction level.

  • Continued rebranding away from eSignLive to OneSpan Sign. This release brings changes to: (1) the default application logo; (2) the site icon; (3) page titles.

  • Added a cookie-policy notice that is displayed to: (1) senders who are logging in to OneSpan Sign; (2) signers who are entering the Signing Ceremony after clicking a link in an email invitation.
  • Made the Apply Layout dialog box retain the sender's selection for Show shared layouts.

  • Signers and senders can now choose to view OneSpan Sign in Greek. This support includes email templates, in that transaction owners can specify Greek as the language to be displayed to an individual signer.

Bug Fixes

  • PB-12429: Updated the Italian translation of default email templates.

Known Issues

  • If you use the new Chrome browser (version 69), you will not be able to re-order documents or recipients. This issue will be fixed shortly. Meanwhile, please use a different browser if you need to reorder documents or recipients.

  • If during the Mobile Signing Ceremony a user taps a document name, the document name and description will not appear. Instead an empty Document info box will appear. This issue will be fixed shortly.

Release 11.17

Release content merged with 11.18 above.

Release 11.16

What's New

  • Enabled transaction owners to configure reminders for all recipients of a transaction who have not yet signed. For more, see Managing Transaction Reminders
  • Enabled the Signing Ceremony to: (1) detect when a user's Internet connection is lost; (2) prompt the user to reestablish an Internet connection, and then continue the Signing Ceremony.

Bug Fixes

  • PB-12658: Fixed an issue that sometimes prevented users of iOS devices from seeing the buttons on a Signature Capture screen when that screen was rendered inside an iFrame.

Release 11.15

What's New

  • Added an Account setting that can prevent senders from deleting the Electronic Disclosures and Signatures Consent document. To activate this setting, please contact Technical Support (support@onespan.com; 1-855-MYESIGN).
  • Extended label customization to the Mobile Signing Ceremony. The messages that will appear to signers during that ceremony are now fully configurable at the Account level. To make that configuration, please contact Technical Support (support@onespan.com; 1-855-MYESIGN).

Bug Fixes

  • PB-10845: Formerly, we had the following problem. A signer captures their handwritten signature on a large Signature Block, or on the full screen of a mobile device. This signature is then applied to all other Signature Blocks in a document using Click-to-Sign. If the signer left a lot of white space around their handwritten signature, scaling often made their signature unreadable when it was applied to smaller blocks. We fixed this problem by removing all unnecessary white space from all Signature Blocks.
  • PB-11997: We removed the following limitations, which used to apply when the Signing Ceremony was presented in an iFrame on an iPad: (1) indicators of Signature Fields were not supported; (2) immediately after users applied a signature (e.g., after they clicked OK on a signature-capture pad), they were redirected to the top of the page.

Release 11.14

What's New

  • Ensured that the product OneSpan Sign complies with the General Data Protection Regulations that will come into effect on May 25, 2018 (these regulations are described here).

  • To address security and end-of-life issues, we updated the third-party libraries used by the Java SDK.

  • Equifax USA used to permit a maximum of two authentication attempts within any 72-hour period (regardless of the attempts' success or failure). A third attempt within 72 hours always failed. Indeed, this is still Equifax USA's default behavior. However, as of 16 May 2018, an Account Administrator can increase their account's limit from two attempts to three. If that is done, three attempts within 72 hours can succeed with Equifax USA, but a fourth attempt will always fail. For more about Equifax USA, click here.

Bug Fixes

  • PB-10683: Ensured that all required attachments are reset and enabled when the Change Signer functionality is used (changing signers is described in the section Configuring Other Recipient Settings).

  • PB-9658: In the Thank You dialog box, we removed unwanted blank space between the account logo and the text below it.

Release 11.13

What's New

  • Gave account owners more control over the Email, Q&A, and SMS Signer Authentication options for their account. Before this release, senders could assign any of these methods to a given signer. Now, account owners can limit their senders' choices (e.g., by forbidding the Q&A method on their account). For more, see the tip in this section.
  • Enhanced the Mobile Signing Ceremony by enabling the redirection of signers to a customized external page when their session expires.
  • Enhanced the SDK by enabling the application of a layout to a document by specifying the layout's name.
  • Enhanced the SDK by enabling a single request to upload multiple documents to an existing transaction.

Bug Fixes

  • PB-10618: Fixed an issue that was preventing signers from authenticating themselves via SMS in the Mobile Signing Ceremony if their SMS code started with a 0 (zero). Note: To fully resolve this issue, signers may need to clear the cache on their mobile device.
  • PB-8633: Fixed an issue that had affected the signing order when a placeholder was replaced by the transaction owner.
  • PB-8697: Fixed an issue that was displaying the wrong signing order when the REST API or SDK was used to assign multiple signers the same place in the signing order.
  • PB-9555: Fixed an issue in which toggling the language of the Signing Ceremony via an iFrame in Internet Explorer or Microsoft Edge wrongly redirected the signer to the Login page.
  • PB-9071: Removed the grey title banner from the Guest Authentication page that appears in the Mobile Signing Ceremony.
  • PB-9723: Fixed an issue that prevented the Thank You dialog box from being fully visible in the Mobile Signing Ceremony.

Release 11.12

What's New

  • Introduced an Accessibility Support component that enables blind and visually impaired signers to review and click-to-sign PDF documents. For an overview, click here.

Bug Fixes

  • MAIN-2120: Fixed an issue that was causing a Text Tag's maximum length (maxlen) to be ignored during the tag's extraction. Examples of Text Tag extraction and a description of maxlen can be found here.
  • PB-8596: Fixed an issue that was preventing the download of documents whose document name includes a comma.

Release 11.11

What's New

  • Enhanced the Mobile Signing Ceremony by removing the need to click a Signature Box to bring it to the foreground. Signers can instead magnify a Signature Box by using the built-in pinch-to-zoom capability of their mobile device.

  • Enabled the system to efficiently handle a larger number of documents within a transaction. This fix reduces the time needed to navigate between documents or to sign documents.
  • Enabled account owners to retrieve their integration API key via the Administration menu. For instructions, see this section.

Bug Fixes

  • PB-4045: Fixed an issue with the Reset Password feature when using Windows 10 and the Edge browser.

  • PB-7411: Ensured that the Download button in the Mobile Signing Ceremony is displayed regardless of the length of the document name.

  • PB-7643: Ensured that the Attachments tab is hidden in the New User Experience when the Attachments feature is disabled at the account level.

Release 11.10

What's New

  • For the Mobile Signing Ceremony, we implemented optimized pages for the Q&A and SMS Authentication Methods. Previously, these methods directed mobile-device users to desktop authentication pages that were not optimized.
  • Can now customize the confirmation message that appears in the Signing Ceremony when a signer clicks the Confirm button to apply their signatures to a document.

Bug Fixes

  • PB-6222: Fixed an SDK issue that was preventing the retrieval of templates that contain Text Tag information.
  • PB-7056: Fixed an issue that was preventing the Edge browser’s download of a document when uppercase letters were used for the document’s filename extension.
  • PB-5663: Prevented two adjacent column headers from overlapping on the Manage Attachments page of the Classic Application User Experience.

Release 11.9

What's New

  • In the Mobile Signing Ceremony, the Thank You page was updated to enable signers to review and download signed documents.

Bug Fixes

  • PB-5100: Fixed an issue in the Mobile Signing Ceremony regarding the selection of radio buttons when multiple radio-button groups are attached to a single signature.

  • PB-4401: In the Mobile Signing Ceremony, ensured that the page title displays correctly when users switch from a Portrait to a Landscape view.

  • PB-5940: In the sender User Interface, fixed translation errors that had been present in pop-up help text for icons.

  • PB-1760: Fixed an issue that had prevented the downloading of documents inside an IFrame while using the Edge browser.

Release 11.8

What's New

  • Enabled the User Interface to automatically extract signatures and fields by placing Text Tags directly in a document. Previously, this feature was available only to integrators (see Release 11.5).
  • Completed all preparations for disabling TLS 1.0. For the associated schedule and expected impacts, click here.
  • Extended Personal Certificate Signing to all supported browsers on Microsoft Windows. For more, see Signing with a Certificate.

Bug Fixes

  • PB-4372: Enabled the graceful handling of an interruption of Internet connectivity during the Signing Ceremony.

  • PB-5697: Fixed an issue that had been affecting the Transaction Activation callback when an expired transaction was re-sent.

  • CONN-4767: We fixed an issue with the OneSpan Sign for Salesforce Connector that was preventing it from receiving callback information for Document Signed, Signer Complete, and Package Complete events.

Release 11.7

What's New

  • Enabled the Apple Pencil to be used in the Signing Ceremony.
  • Prevented signers from downloading documents until they have accepted the eSign Consent form.
  • Enabled the Callback timeout to be configured to give the Callback endpoint extra time to process a Callback request.

Bug Fixes

  • PB-3919: Fixed an issue that had been causing delays when users were searching for layouts.

Release 11.6

What's New

  • PB-3366: Improved the "quicker access" feature implemented in Release 11.4, so the Signing Ceremony launches only when the transaction is awaiting your signature.

Bug Fixes

  • PB-3320: Fixed an issue that had caused a transaction's status to remain Active, even though all signers had completed signing.
  • PB-3026: Stopped an additional placeholder recipient from being added to a transaction when a layout is applied.
  • PB-2151: Corrected Dutch and Portuguese labels and translation errors.

Release 11.5

What's New

  • Added the ability to automatically extract signatures and fields by placing Text Tags directly in a document. OneSpan Sign will analyze the uploaded document, and replace every text that matches the Text Tag pattern with the appropriate signature or field. For more, see Text Tag Extraction. Note: This feature is currently available only to integrators.
  • Enhanced the SMS Phone Number field to use the country code of the transaction owner as the default country code.
  • As soon as a sender completes signing a transaction, they are now prompted to proceed to the next transaction.
  • For security reasons, we removed support for Internet Explorer 8 . We also recommend no longer using IE 9, IE 10 or Windows 8, since Microsoft has ended its support and security updates for those products.

Bug Fixes

  • PB-3259: Fixed the Mobile Signing Ceremony to enable styling of the Thank You page.
  • PB-2590: Made the Date format for extracted fields follow the Date format for Custom Accounts.
  • PB-3304: Removed the Resend SMS action for archived transactions.
  • PB-1402: Ensured that a transaction's creation date is returned (instead of its sent date) when active transactions are retrieved.
  • PB-1164: Prevented double-clicking on the Handover action. Double-clicking had been causing a second unnecessary call to the customer's page.

Release 11.4

What's New

  • Implemented quicker access to the Signing Ceremony. The application will determine if it is your turn to sign. If so, it automatically launches the Signing Ceremony when you click on a transaction from your Inbox. This applies to all transactions awaiting your signature.

Bug Fixes

  • PB-1889: Displays an appropriate error message when an expired transaction is returned to the status of Draft. Once in Draft, the transaction owner can extend the expiry period, and re-send the transaction for signing.

  • PB-1671: Fixed an error that had been causing messages to overflow outside an iPad's visible area. This had been causing an expiry message to overlap with the page border.

  • PB-1660: Fixed the mobile Signing Ceremony's title bar. If the document name was too long, it overlapped with the expandable-menu icon.

Release 11.3

What's New

  • Remodelled the Add/Edit Recipient dialog box that appears in the Sender Interface by converting its top horizontal tabs into vertical sections on the left. This enabled: (1) the addition of extra settings; (2) better support for mobile devices that have limited horizontal space. For a description of the new interface, see Recipients.
  • Extended Personal Certificate signing to external signers. Formerly, such signing was available only to holders of a OneSpan Sign Account.
  • Removed the Expiry Warning dialog box to ensure consistent behavior across all supported browsers, desktops, and mobile devices.
  • Extended label customization to the Guest Authentication page. The message that will appear on that page is now fully configurable at the account level.
  • Created a new DIGIPASS Signing feature that enables the use of VASCO DIGIPASS Authenticators to validate the identity of signers, and to authorize the approval of each document in a transaction. When a signer is added to a OneSpan Sign transaction, DIGIPASS may be specified as the two-factor Authentication Method. For more on how to leverage this feature, please consult your Sales or Customer Success representative.
  • Added automatic email blacklisting. For details, see the warning box in the procedure Adding Recipients.

Bug Fixes

  • PB-1348: Corrected the French message that appears when senders are invited to join an account.
  • PB-1396: Enabled a sender to add an unlimited number of delegates who can operate on their behalf.
  • PB-1294: Enabled the deletion of partially signed documents.
  • PB-1544: Ensured that the SMS Guest Authentication page respects the signer 's language.
  • PB-1759: Ensured that only one SMS code is sent to a signer when both SMS Authentication and KBA Authentication are used.

Release 11.2

What's New


  • Enhanced the Integration Model to include the transaction creation date (in addition to the completion date and date of the last update). This enhancement applies to both the API and the SDKs.
  • Enhanced the Event Notification payload to include the event timestamp. This timestamp specifies the time of event creation to within a millisecond. For more information, click here.

 By default, OneSpan Sign's SDKs ignore additional fields. To take advantage of the new fields described above, upgrade to the 11.2 SDK.

If you are using the API directly, you must ensure that your integration code can ignore new fields. Otherwise, your integration will no longer work.


  • Added customization support to the New User Interface's login page for on-premises and private-cloud deployments. This enables the footer, sign-up link, and What's new link to be hidden on the login page. The login page for the Classic User Interface already provides this level of customization.

  • Removed all references to eSignLive™ and eSignPackage™ from Signing Ceremony labels in order to extend white-labeling capabilities.

  • Increased the size of the mobile Signing Ceremony's Reason field for opting out and declining in order to support longer text.

Bug Fixes

  • PB-489: Ensured that all Signing Ceremony errors are displayed in the signer's specified language across all browsers (including when the session expires, or when the transaction is no longer active).
  • PB-766: Corrected French labels and translation errors. These corrections apply to labels in both desktop and mobile Signing Ceremonies.

  • PB-472: Fixed an issue that had caused the URL to be double-encoded when the Signing Ceremony is viewed in Chrome. This issue affected only on-premises deployments that were trying to connect through a proxy.

  • PB-236: Fixed the border of the Notary Seal when an eNotary transaction is created from the New User Interface.

  • PB-935: Preserved the Document Delivery option when a transaction is created from a template with group signers.

  • PB-862: Fixed a bug that caused the Session Extend dialog box to appear after the relevant session had expired.

Release 11.1

What's New

  • Extended the Document Visibility feature to enable senders to use the Designer to configure the visibility of documents to recipients.
  • Enabled the styling of text in the Thank You dialog box and on error pages.
  • Enabled signers to request a new SMS code.
  • Added a prompt for the sender to start signing immediately after sending a transaction.

Bug Fixes

  • PB-260: Removed the latency that had been occurring when a large number of layouts was loaded via the Designer.
  • PB-638: Removed a white border that had appeared around PDF fields during the execution of field injection.

Release 11.0.6

What's New

  • Created a new signature-capture feature at the transaction level. If this feature is enabled, signers must capture their signature every time they sign. Otherwise, the signature is captured only once, and then applied to all subsequent signatures, for which the signer clicks to sign.
  • Created a Download All button for signers. Clicking it downloads a zip file that contains all signed documents associated with a completed transaction.

  • Can now customize a large set of labels for the Signing Ceremony and for error pages. An example of an affected error page is the Access Denied page that appears when a transaction is no longer active.
  • Added a Decline option to the Signing Ceremony on mobile devices.

Bug Fixes

  • APP-5523: In eSignLive for Microsoft Dynamics CRM, the name of a signed file returned to Box had been truncated. Now that name contains as a prefix the original name of the unsigned file.

Release 11.0.5

What's New

  • Created a Document Visibility feature that enables integrators to control which recipients can view specific documents in a transaction during a Signing Ceremony. This saves recipients from having to process documents they don’t need to see, and it ensures that documents with sensitive information are viewed only by their intended recipients.
  • Created an Event Notifier plug-in. If the Signing Ceremony is hosted in an iFrame, the Notifier can send events from the Signing Ceremony to the parent hosting application. This is useful if the integrator wants to be notified when certain steps take place during signing. Upon receiving such notifications, the integrator can perform actions to enhance the User Experience, display supporting messages, or update visual components in the hosting application.

  • Enabled the branding of all data in Evidence Summary documents. Formerly one could only customize the logo for those documents, but now in addition the logo can be hidden, the title can be customized or hidden, other sections can be selectively hidden, all labels for each field can be customized, etc.
  • Enhanced SMS security by making the SMS code single-use. A new code is now sent every time the signer clicks the email link, instead of only when the transaction is initially sent.

Bug Fixes

  • An error message now appears if a user tries to update an attachment for a package that has been completed by the Package Owner.

Known Issues

  • The enhanced SMS security feature described above has a known issue. If you are using Email Protection Software (e.g., proofpoint), you may receive two SMS messages instead of one. The first arrives when you click the link in your email invitation. The second arrives when you enter the SMS code to access the Signing Ceremony. Although inconvenient, the second SMS message is harmless.

Release 11.0.4

Bug Fixes

  • Stopped the entire page from being dragged when a user tries to drag a Signature Block across the page.
  • Ensured that inactive sessions are redirected to the pre-configured URL in the Classic User Interface.

Known Issues

  • A user's specified language — French — is not respected in the following situation. (1) A French transaction is emailed to a third-party recipient with Question-Answer authentication. (2) The recipient clicks the email link, and a guest login page appears in French. (3) The recipient inputs incorrect answers to questions until the recipient is locked out, and an error message appears in French. (4) In the same browser, the recipient clicks the email link again. An error page appears in French. The system has behaved well to this point. (5) The recipient opens a new browser (with clean cache & cookies), and opens the email link again. The error message that appears is now in English.

Release 11.0.3

What's New

  • Added a Date field that enables a signer to specify a date from a calendar.

  • Extended the Group functionality to all Account senders.

  • Added sender pagination and search capabilities to the OneSpan Sign BackOffice administration tool.

Bug Fixes

  • Fixed the iFrame Signing Ceremony on iOS Safari.

  • Made the mobile Signing Ceremony redirect to the desktop Signing Ceremony if CAC/PIV Certificate Signing is detected.

  • Fixed sorting on the Account > Senders page.

  • Fixed the Salesforce banner when signing occurs within Salesforce.

  • Fixed footer placement for signing on an iPad.

  • Fixed the adding of attachments in the Firefox v49 browser.

  • Formerly, after clicking an Invitation Email's link, and then logging into OneSpan Sign, signers were directed to their own Inbox. Now they are immediately directed to the Package page for the package they've been invited to sign.

Release 11.0.2

Bug Fixes

  • Fixed the alignment of "e-Signed By ..." text in signatures when the text is smaller than the Signature Block.

  • Fixed Session Expiry auto-redirect to a Custom URL.

Release 11.0.1

Bug Fixes

  • Upgraded Google Guava from 15.0 to 17.0.
  • Changed many references in the code from e-SignLive (with a hyphen) to OneSpan Sign (no hyphen).
  • Added a new feature that configures a signer's Authentication Token to be single-use only.
  • The uploadDocument method wasn't properly refreshing the Package Object. We therefore deprecated the old uploadDocument method, and added a new uploadDocument method that uses the Package ID instead of the Package Object.
  • Previous releases used the Fast Track URL Mapper with the location header. Instead, 11.0.1 uses the currently requested URL if no Redirect is specified.

Release 11.0

What's New

  • New UX/UI: We've introduced a redesigned GUI and User Experience that: (1) focus on preparing and managing transactions; (2) emphasize ease-of-use and visual clarity. For more, see the New Application User's Guide.
  • Personal Digital Certificate: This feature enables a signer to sign documents with their own certificate. This feature can be leveraged by governments and other regulated agencies whose employees have their own certificates.
  • TEMPLATE_CREATE callback: This enables an account to receive a callback when a template is created from scratch, or when a template is saved from an existing transaction.
  • Danish Language Support: Signers and senders can now choose to view OneSpan Sign in Danish. This support includes email templates, in that transaction owners can specify Danish as the language to be displayed to an individual signer.
  • Change Signer Authentication: Added the ability to specify SMS or Q&A authentication when the identity of a signer is being changed. This is especially useful if no individual was specified when an invitation was sent. For example, consider a transaction that sent an invitation to sales@acme.com. Upon receiving that invitation, Acme's Sales Team can: (1) change the signer to a particular person – e.g., joe@acme.com; (2) specify that Joe's phone number will receive an SMS authentication code.
  • Session Fields: Integration customers who want to store extra data as part of their signing evidence can pass additional session fields per signer when they create a signing session. These fields are saved in the Evidence Summary, and are stored in the signature details of signed documents. For example, an external system's Login Token can be stored as part of a signature's Audit Trail.

Other Changes

  • End-of-life for Package: The term Package has served us well for six years, but it's time to embrace a term that's becoming more common in the market. In this release, the term Package will be replaced by the term Transaction.
  • QRCodes: This feature has also reached its end-of-life. It will be deprecated in favour of the Evidence Summary, which offers more Audit Trails.

Bug Fixes

  • Fixed the duplicated Session Expiry warning when a signer's session expires.
  • Prevented an Administrator from deleting the Account Owner on the Senders page.
  • Ensured that when signed documents are sent as email attachments: (1) they are flattened; (2) the flag flattenSignedDocuments is on.
  • Fixed translation issues for non-English languages in the Delegation section.


What's New

  • Can now sign documents as the API key owner, or for another signer
  • Added RTF and ODT to the document type enum.
  • Improved error handling for Text Anchors.
  • Added a transaction signAll capability. This API/SDK call enables all documents in a transaction to be signed in one call (instead of traversing documents successively, and signing each signature successively).

Bug Fixes

The following issues were fixed:

  • Box connector 502 Bad Gateway error
  • Remove QRCodeTest from both SDKs
  • DocumentType enum in SDK only includes PDF and WORD document types
  • Accept header not set when getting AuthenticationToken