Activity - VELO Production Issue - S-MADP Customer Support & Information Center

Activity

From 26 July 2025 to 24 August 2025

Today

02:40 PM Bug #22317 (New): [PROD][Android] Hit "Something went wrong with OCBC Business" at Google Playstore: Please refer to attached image for details.
Please provide root cause and solution. yap chekying
10:52 AM Bug #22304: [External Audit Findings][MLEB] User Enumeration through Error Messages: 238,053
31/7/2025 [External Audit Findings][MLEB] User Enumeration through Error Messages
Issue:
Error messages in... Hao Ter Tai
09:58 AM Bug #22304 (Resolved): [External Audit Findings][MLEB] User Enumeration through Error Messages: RC: Error messages provides valid and invalid username information.
Solution: Modify error message to generic mess... Tan Hi Ann

30 July 2025

04:43 PM Bug #22300: [External Audit Findings][Android] Certificate files hardcoded inside the app: 238,044
30/7/2025 Bug #22300 [External Audit Findings][Android] Certificate files hardcoded inside the app
Issue:... Hao Ter Tai
10:35 AM Bug #22165 (Closed): [PROD][Android] Added "uat" Word in Android Name and Causing Crash When App ...: released to production on 3rd July 2025 yap chekying
10:30 AM Bug #22165 (Resolved): [PROD][Android] Added "uat" Word in Android Name and Causing Crash When Ap...: Verified tanchen yee

29 July 2025

10:24 AM Bug #22301 (Assigned): [External Audit Findings][iOS] No Jailbreak Detection: Added more rigid jailbreak detection. He Xi Yeo
10:05 AM Bug #22301 (Assigned): [External Audit Findings][iOS] No Jailbreak Detection: Issue:
Jailbreaking is the process of gaining administrative or privileged access to the iOS OS. Without jailbreak d... yap chekying
10:22 AM Bug #22302 (Assigned): [External Audit Findings][iOS] Certificate files hardcoded inside the app: The certificate is now encrypted and obfuscated before being included in app. He Xi Yeo
10:07 AM Bug #22302 (Assigned): [External Audit Findings][iOS] Certificate files hardcoded inside the app: Issue:
Same as Android – developers embed a list of trusted certificates inside the app and use it to validate serve... yap chekying
10:20 AM Bug #22303 (Assigned): [External Audit Findings][iOS] Weak SSL Pinning: Added SSL Pinning, which compare server hashed public key compared to app's hashed public key. He Xi Yeo
10:09 AM Bug #22303 (Assigned): [External Audit Findings][iOS] Weak SSL Pinning: Issue:
During testing on iOS apps, the tester found that the app does not implement SSL Pinning. Without SSL Pinning... yap chekying
10:12 AM Bug #22306 (New): [External Audit Findings][MLEB] Bypass OTP in Biometric Activation: Issue:
Modification of response parameters in the API allows an attacker to alter values such as item prices, item q... yap chekying
10:11 AM Bug #22305 (New): [External Audit Findings][MLEB] Insecure Direct Object Reference Vulnerability ...: Issue:
The IDOR vulnerability occurs when an app exposes internal object references without access control. This all... yap chekying
10:10 AM Bug #22304 (Resolved): [External Audit Findings][MLEB] User Enumeration through Error Messages: Issue:
Error messages in an application can provide valid and invalid username information.
This information can po... yap chekying
10:04 AM Bug #22300 (New): [External Audit Findings][Android] Certificate files hardcoded inside the app: Issue:
SSL Pinning is a security mechanism used to prevent man-in-the-middle attacks by validating the certificate ... yap chekying
10:02 AM Bug #22299 (New): [External Audit Findings][Android] Weak Root Detection: Issue:
Rooting is the process of gaining administrative or privileged access to the Android OS. Without root detecti... yap chekying
09:55 AM Bug #22286 (Pending UAT ): [UAT][Android][ATM & Branch]Hit Error When Tap on ATM & Branch: Tested OK in SIT yap chekying
09:54 AM Bug #22275 (Pending UAT ): [PROD][Android][Fund Transfer][Manage Saved Beneficiary][Domestic Tran...: yap chekying
09:53 AM Bug #22275: [PROD][Android][Fund Transfer][Manage Saved Beneficiary][Domestic Transfer][Online Tr...: Tested ok in SIT yap chekying
09:52 AM Bug #22274 (Pending UAT ): [PROD][Android][Fund Transfer][Manage Saved Beneficiary][Domestic Tran...: Show "Online Transfer" yap chekying

28 July 2025

04:31 PM Bug #22282 (Monitoring): [PROD][BE][Fund Transfer][Transaction Summary] Duplicate Records Show on...: Unable to reproduce it in UAT. Based on log review, only one record was passed from MLEB to BE. yap chekying
04:28 PM Change Request #22160 (Closed): [CR][Android] Chinese Translation: Released to production on 3rd July 2025 yap chekying
04:28 PM Change Request #22161 (Closed): [CR][iOS] Chinese Translation: Released to production on 3rd July 2025 yap chekying
04:27 PM Bug #22280 (Closed): [PROD][BE] Hit MCB999 Error and Required Reactivate Biometric & SW Token: Released to production on 14th July 2025 yap chekying
04:26 PM Bug #22241 (Closed): [UAT][BE][Unbind Device] Hit Error When Unbind Device: Released to production on 14th July 2025 yap chekying
04:25 PM Bug #22240 (Closed): [UAT][Android][ATM & Branch] Show Error When Tap on ATM & Branch Menu: same as redmine #22286 yap chekying

Also available in: Atom