Evolving Identity Journeys and Strengthening Fraud Prevention with November’s Mosaic Release Notes
The November edition of Mosaic's Release Notes introduces multi-device TOTP, new journey analytics capabilities, smarter fraud detection signals and improved B2B access management, all designed to streamline operations and elevate your identity stack.
Highlights
Multi-TOTP Support for More Flexible MFA
You can now enable multiple active TOTP (Time-based One-Time Password) seeds per user, giving admins more flexibility and users more control over how they authenticate.
This allows users to keep TOTP on multiple devices — for example, a primary authenticator on their phone and a backup on a tablet or secondary device — reducing lockouts and support cases when a device is lost, replaced or unavailable.
* General availability
Journey Analytics Enhancement: Events Drilldown
You can now open a detailed event drawer when selecting a journey invocation. The drawer lists all events that occurred during that run and provides a direct link to the raw data for each event, making it easier to investigate behavior and troubleshoot issues without leaving the analytics view.
* General availability
Journey Analytics Enhancement: Step-Level Duration Metrics
The new Journey Analytics drilldown also displays step execution time. The Step Duration metric on each step-completion event makes it easier to spot slow or problematic steps without leaving the panel, giving teams faster insight into journey performance.
* General availability
Fraud Prevention
Sharper Visibility into Attacker Behavior Through Smarter Identifier Hashing
Our Fraud Prevention solution now includes data-type–aware smart attribute hashing that improves visibility into fraud patterns while maintaining privacy. By combining the claimed user ID with its associated ID type, the system can extract more meaningful insights into attacker inputs and behaviors. This enhancement strengthens correlation accuracy and helps uncover tactics used across repeated or obfuscated identifiers.
* General availability
Customer Identity Management
B2B: Member Session Termination for Stronger Access Control
Tenant admins and Organizational admins gained the ability to terminate a member’s active session directly from the Admin Portal, giving organizations tighter control over access and improving security across B2B environments. Ending a session immediately invalidates the user’s refresh token, ensuring that the next refresh attempt fails and triggers a logout flow in the application.
This helps teams quickly respond to security incidents, remove access for departing users or enforce policy changes in real time. Terminated sessions are fully logged for visibility and auditing, including the acting admin, the affected user, and the relevant organization context.
* Available in sandbox
Signed SAML Authentication Requests for Admin Portal SSO
The Admin Portal SSO flow now supports digitally signed SAML Authentication Requests. As Mosaic operates as the SAML Service Provider for admin users, it can sign outgoing AuthN requests sent to identity providers, meeting a key requirement for enterprise-grade security. This enhancement enables fully compliant, production-ready SAML-based SSO across large enterprise environments.
* Available in sandbox
Create Identity Management Users with Externally Provided User IDs
You can now create Identity Management users using a predefined user_id instead of relying on auto-generated identifiers. This capability makes migrations significantly smoother for customers moving from legacy systems or external identity providers, where user IDs are already established and deeply integrated into downstream applications.
* Available in sandbox