Payments - v1.44.94

v1.44.94

Release Dates

Sandbox: 30.03.2026

Improvements

Enhanced Gateway Dispatch Error Logging with Aggregate ID

Added aggregateId parameter to gateway dispatch error logs to improve troubleshooting capabilities for Kafka dispatch failures. This enhancement provides more granular error tracking and faster resolution of GatewayDispatchToKafkaErrorAlert incidents.

PACS.007 Processing Flow Investigation for Bulk Payment Status Discrepancies

Investigated PACS.007 message processing flow following bulk payment processing issues where 346 reversed payments incorrectly received REVERSE_REJECTED status instead of REVERSE_ACCEPTED. The investigation identified status handling discrepancies in OutgoingDDScheduler for payments with txId references, particularly affecting storno transaction processing and alert generation with MS03 reason codes.

Enhanced OutgoingScheduler Logging for Improved Incident Analysis

Improved logging completeness for OutgoingScheduler processing flows to support more effective incident investigation and SF case analysis. Enhanced log coverage provides better visibility into scheduler progress and processing states during troubleshooting scenarios.

Increased HTTP Timeout Values for CSM and AML Callouts

Updated CALLOUT_HTTP_CONNECT_TIMEOUT_MS and CALLOUT_HTTP_READ_TIMEOUT_MS configuration values from default 10 seconds to 30 seconds for Check24 environments (production and sandbox). This aligns timeout settings with other client configurations and improves callout reliability for external service integrations.

SWIFT IBAN Plus Directory File Retrieval

Retrieved latest IBAN Plus directory file in XML format from SWIFT reference data portal (swift.com) for payment validation and routing purposes. Updated reference data ensures accurate IBAN validation against current SWIFT standards.

Multi-Threading Implementation for Incoming PACS.003 Bulk Processing

Implemented multi-threading batch processing enhancement for IncomingScheduler.processIncomingNotifications to improve PACS.003 bulk payment processing performance. Each incoming notification now processes on dedicated threads with maximum 5 concurrent threads, requiring corresponding CPU allocation increases for gateway-api pods.

SEPABLKHEDSN Column Null Value Handling in Incoming Scheduler

Updated incoming scheduler processing to prevent "Column 'SEPABLKHEDSN' cannot be null" database errors during payment message processing. This fix ensures proper column value handling for SEPA bulk header sequence numbers.

AML Notification Retry Policy Investigation and Enhancement

Investigated and improved AML retry policy following production issues where notifications failed with 500 status codes and generated multiple ScheduleAction commands. Enhanced retry logic includes improved logging across ps-scheduler and po-external-gateway-api services, optimized retry intervals, and better alert handling for failed AML callout notifications.

Error Message Information Disclosure Remediation

Implemented generic error message handling for the /props endpoint to prevent exposure of internal SQL statements, database structure, and MySQL driver details. Replaced verbose error responses containing PreparedStatementCallback and MysqlDataTruncation exceptions with sanitized client-facing messages while preserving detailed logging for server-side troubleshooting.

Bootstrap Library Security Update

Updated Bootstrap JavaScript library from vulnerable version 3.4.1 to current maintained version to address CVE-2024-6484 XSS vulnerability. Removed end-of-life Bootstrap 3.x dependency and upgraded to supported version with active security maintenance.

Bug fixes

Fixed error when decreasing incomingDirectDebitRetryDays system property

Resolved an issue where decreasing the incomingDirectDebitRetryDays system property caused transaction status synchronization failures between po-external-gateway and po-api-projection. The payment service will now correctly handle FailPaymentOrderevents with IncomingDirectDebitRetryExhausted cause and stop inappropriate retry attempts when the retry period is reduced.

For more information on the release timeline, see Mambu Release Cycle.

v1.44.94​

Improvements​

Enhanced Gateway Dispatch Error Logging with Aggregate ID​

PACS.007 Processing Flow Investigation for Bulk Payment Status Discrepancies​

Enhanced OutgoingScheduler Logging for Improved Incident Analysis​

Increased HTTP Timeout Values for CSM and AML Callouts​

SWIFT IBAN Plus Directory File Retrieval​

Multi-Threading Implementation for Incoming PACS.003 Bulk Processing​

SEPABLKHEDSN Column Null Value Handling in Incoming Scheduler​

AML Notification Retry Policy Investigation and Enhancement​

Error Message Information Disclosure Remediation​

Bootstrap Library Security Update​

Bug fixes​

Fixed error when decreasing incomingDirectDebitRetryDays system property​