v0.59.0 - Ongoing monitoring, dark mode, median and other operators, perf improvements

Features

• Sanction, PEP and other watchlist continuous screening of customers is now available ! Get in touch with us if you want to try it out, this is the first entirely self-hostable customer screening tool that we know of.
• Browse the Marble app in dark mode ! Great if you work with low luminosity, or if you like higher contrast, this has been requested for a year and is now available !
• Use Median, Percentile, Standard-Deviation operators in rules. Available for all customers with a license.

Improvements

• Add the option to format dates and timestamps in US format (rather than only UK format as it was so far)
• Greatly improve page loading speed in the scenario and rule builder, especially for scenarios with many rules & iterations

Bug fixes

• Fix a possible Denial Of Service vulnerability on the frontend

---

Containers:

Uses

• Backend v0.59.0
• Frontend v0.59.1

v0.58.0 - Audit logs access page, favorite inbox

This is the last release of the year !
It's a minor one after last week's mega release with integrated analytics, but contains some useful features that had been requested for a while:

Features

• "Favorite inbox": in the case manager inbox page, select you favorite inbox to arrive directly on it every time you navigate to the inbox page !
• Access the write audit logs of the Marble application through an admin interface in the settings page: See the full audit trail for who published a scenario, modified a custom list, etc (licensed customers only)

Improvements

• Get a notification every few months in-app with new release notes, for self-hosted users

Bug fixes

• Bug on the navigation options creation menu (to navigate from reference customer to its transactions, users, events etc...) in the case manager would not allow to create more than one option for a given entity type
• Corrects a bug where some pieces of text (mostly numbers and dates) would display in a surprising format if a language different from the browser locale was chosen

---

Uses:

• Backend v0.58.1
• Frontend v0.58.1

v0.57.0 - Fully integrated analytics page, case write API

Features

• Marble now has an integrated analytics engine ! We have been preparing this for a few months, and are proud to make it available
  • Access a fully integrated analytics page for decisions performance, without an external analytics database and without complex data pipelines.
  • See the false positive rates on alerts (from Case Manager data), and filter all analytics by your data: for example, visualize the hit ratio of your rules, but only for high risk customers
• Cases write API: After the addition of the API to read cases in v0.54, we are adding the option to write cases in this version ! Add comments or files, close or reopen cases, set a final outcome... connecting your back-office to the Marble case manager.
• New Case Manager inbox management interface
  • AI case review settings: configure on a per-inbox basis, in which situations the AI agent should perform a review of the case
  • Single entrypoint to the case manager for admins and managers, with visibility of case volumes, auto-assignment configuration, and escalation workflows

Improvements

• Self-hosted Marble with OIDC authentication can now be deployed without setting up GCP credentials for Firebase
• Add option to set tags on the case in a decision to case workflow: for example, add a custom tag on cases every time a specific rule hits, and find those cases efficiently in the inbox
• Add option to filter cases by tag
• Add option in Named Entity Recognition to search hits without "Person" or "Organization" filter
• Screening with Named Entity Recognition always searched with the initial input string, on top of searching for more precise entity candidates

Bug fixes

• In the case manager, the cases count in inboxes now only counts open cases
• Case search by ID is back in the inbox page
• Pagination properly resets when updating filters in an inbox
• Display of rules with nested elements is fixed in rule "view" mode
• Corrected an issue where a rule was not saved when modifying the operator in the rule builder
• Screening rule matching threshold is now correctly copied to the new version of the rule when a new draft iteration is created
• Add jitter to max Postgres connection duration, to avoid mass connection reset
• Fix for OIDC using Azure

---

Uses:

• backend v0.57.0
• frontend v0.57.0

Important

The new integrated analytics requires an additional environment variable configuration to work, and some further deployment optimization for good production performance. See our deployment recommendations in the Marble doc.

Note

v0.56 has been skipped, for self-hosted customers. Some important corrections for properly working embedded analytics have been included in v0.57.

v0.55.0 - Revamped inbox view page

Features

• More work is done on the new, fully integrated analytics and reporting dashboard on decisions and rules. It's available on demand with a feature flag for early access, with general availability planned in the next release !

Improvements

• Revamped cases inbox page view - better design and responsivity, as first brick of a refined case manager navigation experience
• Various dependency upgrades
• Allow to migrate down the migrations using the Marble migrator entrypoint (avoids to migrate down by connecting directly to the database)
• Minor environment variable renaming: ENABLE_GCP_TRACING renamed to ENABLE_TRACING, default tracing exporter modified to otlp.
• Technical configuration documentation - the list of environment variables and what they do - has been extended (though not 100% complete yet).

v0.54: Firebase-free OIDC SSO, Cases public API, Prometheus metrics

Features

• OIDC: Self-hosted customers may now authenticate to Marble with OpenID Connect SSO instead of Firebase. This is available from now on for all licensed customers of Marble, and compatible with the main identity providers (see details in the documentation). This was the last remaining dependency of Marble on Google Cloud infrastructure, and we're happy to finally lift if for customers with strong data-sovereignty (and other compliance) requirements !
• Public API v1beta for reading cases is now available ! It is still in beta because it may still evolve at the edges, but the general structure is there and can be integrated. More endpoints will follow over the next releases, to expose more data on the case and allow to create or edit them.
• Marble now exposes Prometheus metrics on decision creation, ingestion, screening execution, etc. The exact list of events (and their format) may still evolve. See how to configure it on the Marble configuration doc.

Improvements

• Performance improvements on the POST /decisions/all endpoint
• Expose a set of (opt-in) endpoints for cpu and memory profiling, to help debug memory leaks and similar issues.

Bug fixes

• Fuzzy string matching operators of the "bag of words" kind in the rule builder no longer return "100%" match (instead 0%) if one of the inputs is an empty string.
• Fix a bug introduced in v0.53 that broke the generation of data summary for test runs

---

Versions used

backend: europe-west1-docker.pkg.dev/marble-infra/marble/marble-backend:v0.54.3
frontend: europe-west1-docker.pkg.dev/marble-infra/marble/marble-frontend:v0.54.2

v0.53.0 - AI assist in rule creation, case manager batch actions

Deployment Warning

Caution

Marble v0.53 introduces a simple but important breaking change in deployment environment configuration.
Simply put:

• The Marble frontend container now expects MARBLE_API_URL instead of MARBLE_API_URL_SERVER (with the same value: this is the url at which the frontend server can reach the backend api server)
• The Marble backend container now expects a mandatory FIREBASE_API_KEY (it is no longer useful to set it on the frontend)

Warning

Another, more minor, breaking change is introduced on the format of accepted PostgreSQL connection strings. It remains possible to define the Postgres connection parameters via the PG_HOSTNAME, PG_PORT, PG_USER... variables OR alternatively through the PG_CONNECTION_STRING environment variable. However, if using PG_CONNECTION_STRING, only the URL format (postgresql://[user[:password]@][netloc][:port][/dbname][?param1=value1&...]) is now allowed: the "key:value" format ("host=... user=... password=...") is now explicitly rejected. This is because it is incompatible with a new feature (integrated analytics) that we are introducing soon.

Note

ℹ️ Firebase emulator specific change:
If you run the demo Marble app with the Firebase auth emulator, the frontend now also expects TEST_FIREBASE_AUTH_EMULATOR_HOST instead of FIREBASE_AUTH_EMULATOR_HOST.

More generally, only configuration strictly specific to the frontend has been kept in the frontend container. All configuration that is useful for both the frontend and backend, is now exposed by the backend for the frontend (via MARBLE_API_URL).

Further, all remaining endpoints that called the backend API directly from the app (browser side) have been modified to route through the frontend server, so it is now easier to restrict how the backend is exposed.

---

This week's version of Marble comes with bulk changes in the case manager and introduces AI assistance in rule building.

Features

• We are starting to bring AI to assist in rule building ! In this release a description of the rule you're building is displayed live. It helps validate you are correctly building what you intent to, and instantly understand any rules ever created. More assistance coming soon. [only available in SaaS environment now]
• The case manager now supports bulk changes. Select multiple cases and in one click: move them to another inbox, assign them to a user or close them all.

Improvements

• New iteration on the Investigation AI review : improved analysis guidelines, output structure, and improved handling of cases with lots of decisions.
• Workflows modifications now have an audit trail
• Massive improvements on French and Arabic translations
• Additional fields are available to refine a Screening search.
• The screening API documentation has been fixed.
• Improvements on the critical path of decision creation, avoiding a write-read bottleneck with degraded performance on the POST /decisions/all path
• Simplification of Marble configuration steps - duplicated environment variables have been centralized on the backend API, some required variables that were not useful for end users have been made optional

---

Versions used

• backend: europe-west1-docker.pkg.dev/marble-infra/marble/marble-backend:v0.53.3
• frontend: europe-west1-docker.pkg.dev/marble-infra/marble/marble-frontend:v0.53.1

v0.52.0 - decision data offloading

Features

• [infrastructure] Decision rule offloading: automatically offload voluminous decision execution details to a bucket, to keep the database instance size smaller. See more about this in installation/data_offloading.md or here.

Improvements

• Allow to pass a single IP address (not a range) for IP whitelisting
• Allow to open cases (and all other table rows as links) in a new tab with cmd/ctrl+click
• Search case by case_id, filter them by assignee, and make full text search much more relevant in the inbox page
• Set default pagination size to 50 elements, allow to increase it up to 100 and increase case results box size in inbox page
• Faster AI case review generation time

Bug fixes

• Fix a situation where the case manager page would fail to load on cases that contain many decisions - also, improve loading speed for the case manager main mage in all situations
• Correct a situation where several decisions related to the same customer, created at the same time, could open several cases even if the workflow is configured to group them into one case
• Add fields nationality (for Person) or country (for Organization) to the POST /screening/:screeningId/search and POST /screening/:screeningId/refine endpoints (was already handled by the endpoint but not documented)

---

Container versions
This release uses :

• Marble backend v0.52.1
• Marble frontend v0.52.0

v0.51.0 - AI KYC enrichment, IP whitelisting, bug fixes

Features

• Let the AI Agent to gather additional data for an analysis, by scouring the web for more infos : negative news, infos on PEP links, job or company informations and integrate those info into the case analysis
• AI agent settings page : allow for custom instructions for analysis and KYC enrichment prompts
• IP whitelisting : limit the access to Marble API and front end to a range of IP

Improvements

• Performance improvements on ingestion, decision creation #1148
• Clarifications on text in login page
• Improve docker image, reducing size
• In data model, allow field "required" update and fix bug on opening field edition with long description

Bugfixes

• Fix syntax error in downloadable openAPI for for v1 API
• Fix error on license server that prevented case auto-assignment to work for self-hosted users
• Sanitization : the app running in "test" mode with the Firebase emulator no longer gives access to the premium features in demo mode
• All inboxes are visible for org admins in case manager & settings
• Fix: "prepare" button is disabled in scenario page while indexes are being created
• Hide "Remind me later" button on closed cases

v0.50.0 - Case manager UI redesign

Release v0.50 is heavy on design improvements. Other than that, it comes with the usual dependency version upgrades and some bug fixes.

Improvements

• Major design harmonization - case manager and scenario homepage #1028
• Allow to configure output format, language in case manager AI auto-review #1132
• Fix an error on creating and viewing rule snoozes in the case manager #1055

Bugfixes

• Fix behavior of "unsnooze" button on cases #1027

v0.49.0 : Improved AI case review, workflows and screening

Features

• (beta) : AI analyst now shows proofs of its reasoning and recommendations : transactions, accounts, user mentionned, all within the case manager. Design is also greatly improved.
• Improvements on screening checks : it's now possible to allow no hits or to whitelist even on partial results. Super useful for high volume processors.
• Custom lists are now supported for screening (bring your own lists)
• Workflows now allow decisions orientation and filters linked to a specific rule hit. Eg : A decision generated because Rule A or B hit can be sent to a specific inbox. The UI has also been improved.
• IP whitelisting will soon be supported. As a preliminary step, the x-real-ip has been added to the API header.
  ⚠️ In order for it to work, it is is imperative that Marble be deployed behind a load balancer that sanitizes the x-real-ip header to avoid spoofing.

Fixes

• Inbox user creation is now possible, without having to set an admin role first
• Within workflow creation, a new inbox is instanly displayed after being created
• Correct validation of string / number in AST constants within workflows
• Help center is no longer hidden behind main menu
• Data model modifications are no longer blocked by a design flaw

Improvements

• Anonymous metrics on AI reviews

Use versions
Frontend : v0.49.1
Backend : v0.49.0