# Major Releases

## **Application Firewall update**

**Release Dates**

* **Stage Release:** 27.04.2026
* **Production Release:** Expected end of Q2 / beginning of Q3 2026

**Description**\
Significant updates have been implemented to the Application Firewall.&#x20;

**Integration Impact**\
This change has no direct impact on integrations, and no adjustments are required on the customer side. However, requests may be blocked due to the updated Application Firewall.

It is recommended to verify that fidentity processes continue to run smoothly in the stage environment. If you encounter any issues, please contact our [helpdesk](https://helpdesk.fidentity.ch/help/fidentity).

## **Recent Changes**

<details>

<summary>FaceAuth: Sign with a smile - Released on April 22, 2026</summary>

Information: This feature does not introduce any API changes. However, if fidentity is used in a **WebView**, please verify that the feature works as expected.&#x20;

## **FaceAuth: Sign with a smile**

**Release dates:**

* **Stage Release:** 17.02.2026
* **Production Release:** 22.04.2026

**Feature describtion**

As a fallback to WebAuthn (passkey storage in the user’s password manager on the device), we are introducing FaceAuth.

This feature allows the QES process to be completed without storing a passkey. To ensure that the same user is involved, facial recognition as well as a cryptographically secure device binding is used as authentication factors. This feature is audited and approved for QES.

**Process**

If registration with a passkey fails, the user can choose to skip passkey registration. During the standard liveness check, which includes zoom, head turn, and smile, a facial profile is created. Before signing, an additional “Smile” step is performed to verify that the person authenticating matches the registered user.

**Integration**

<mark style="color:$danger;">Please review the changes carefully as major a releases may impact your integration.</mark>

* **WebView integrations:** WebView integrations may be affected and should therefore be carefully validated.
* **Non-WebView customers:** For customers who do not use a WebView, the feature integrates seamlessly into the existing system and does not introduce any integration risks or changes.
* **API changes:** This feature does not introduce any API changes.

**Requirements**

* The user must use the same device and browser for both registration and authentication.
* The facial match score during registration must be sufficiently high.
* The registration and authentication methods must match. Mixed flows are not supported (e.g. Passkey registration followed by FaceAuth authentication, or vice versa).

**Exception Handling**&#x20;

If one or more requirements cannot be fulfilled, users are offered the same two options as in WebAuthn exception scenarios:

* start a new identification
* abort the process

</details>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.fidentity.ch/others/release-management/major-releases.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.