Improved Device Detection

April 24, 2024

Whenever your user account is logged into from a new or unfamiliar device, MIDAS can automatically alert you by email. This additional security feature helps keep your account secure by alerting you to suspicious logins. An unfamiliar login notification includes details of the browser, operating system, IP address, and – with our optional Geolocation addon – location, of the device that’s just logged into your account.

Until now, MIDAS has been unable to distinguish between more recent operating system versions. For example, between Windows 10 and Windows 11, or between MacOS Ventura and Sonoma.

This is because MIDAS has relied on the “User Agent” (UA) string that’s presented by the browser that’s logging in.

Here’s an example of a browser’s “User Agent” string presented to a web server:

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

There’s a lot of information there, but essentially, from this string MIDAS can derive that it’s a Windows (64 bit) device, and the browser is Google Chrome 123.

Here’s another example:

Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:124.0) Gecko/20100101 Firefox/124.0

From this, MIDAS can derive that it’s a macOS device, and the browser is Firefox 124.

But wait… can’t MIDAS also determine the exact version of the operating system from these UA strings?

Mac OS X 10.15…. Catalina? …Big Sur? …Monterey? …Ventura?

Doesn’t “Mac OS X 10.15” imply macOS Catalina? ..and doesn’t “Windows NT 10.0” imply Windows 10?

Well, that used to be the case, but not any more!

Modern browsers now “clamp” the versions of more recent macOS/Windows operating systems reported by the User Agent string. For macOS operating systems, the User Agent string will report a maximum of macOS X 10.15. For Windows operating systems, a maximum of Windows 10 will be reported. Browsers no longer natively report the specific version of the operating system they’re running on.

This means that a Chrome browser running on either Windows 10 or Windows 11 will report “Windows NT 10.0”. Similarly, macOS Catalina (10.15), Big Sur (11), Monterey (12), Ventura (13), and Sonoma (14), will all report “Mac OS X 10.15”.

So Windows 10 and 11 are the same then?

In an effort to improve user privacy, browsers have decided to no longer reveal the specific operating system version a user is using when visiting a website, in order to make it harder for websites to “fingerprint” users.

“Fingerprinting” is a technique that some websites employ to uniquely identify and potentially track visitors.

So because of these changes to the way browsers report User Agent strings, it’s been difficult for MIDAS to provide a unfamiliar login notification containing details of exact operating system version that’s been used to login to an account.

But advancements in technology mean that we’ve now been able to make improvements to device detection for MIDAS v4.36.

Utilizing New “Client Hint” technology

Client hints are a set of HTTP request headers that provide useful information about the client such as device type and network conditions. This then allow servers to optimize what is served for those conditions.

Unlike the traditional “User Agent String”, client hints provide a more efficient and privacy preserving way of getting the desired information.

A web server can proactively request the client hint headers they are interested in. The browser can then include the requested headers in subsequent requests.

If the web server upon which a MIDAS system is running proactively requests either the “sec-ch-ua-platform-version” or “ua-platform-version” client hint header, MIDAS can receive details of the user’s operating system version.

Unfamiliar login notifications (if enabled) can then provide much more accurate information as to the operating system of the new device which has logged into your account.

Improved Device Detection in MIDAS v4.36

Web Server Configuration

Because a web server has to proactively request these new client headers in order for browsers to respond to them, servers have to be configured accordingly.

All of our cloud-hosted nodes have been appropriately configured. Our client servers now proactively request the necessary Client Hint headers. This in turn means that all cloud hosted users can start to take advantage of these improvements to device detection and unfamiliar login notifications.

For self-hosted customers, a small configuration change to the web server when your MIDAS system is running from is required.

Details of the configuration change you’ll need to make can be found in our KB article, How to configure your server for Client Hints.

Tags: notifications, security, session, v4.36

Permalink

One-Stop Database Cleanup Tool

Filed Under: Development

April 23, 2024

MIDAS includes a number of handy “Database Tools“.

These tools help system administrators keep their MIDAS systems running efficiently.

The “Cleanup” tools allow for the quick removal of obsolete data within a MIDAS booking system.

Separate tools are provided for removing outdated bookings, invoices, clients, and users respectively.

There’s also an “Optimize Database” tool which runs a series of commands on the underlaying MySQL / MariaDB database to help it run more efficiently.

For v4.36, we’ve added a new “One-Stop Cleanup” tool to the list of cleanup tools. This new tool provides a fast way to collectively run several other cleanup tools.

The actions the new One-Stop Cleanup tool performs are:

Performing a “One-Stop Cleanup” will, in a single action:
Remove bookings that occurred more 5 years ago.
Remove invoices that were paid more than 5 years ago.
Remove clients with no bookings in the past 2 years.
Remove users who have not logged in for more than 1 year.
Optimize the database.

Whilst there are no limits imposed in our software for how long data should persist, without using the Database Cleanup tools, data will persist indefinitely.

An organization may have a requirement for client and invoice data to be kept for a specific period of time, but it’s unlikely that most organizations will need to keep such information indefinitely.

This is where the cleanup tools in MIDAS become useful.

Performing routine cleanups of very old and obsolete data in your MIDAS help keep your system running efficiently.

Tags: database tools, v4.36

Permalink

Get Notified On Invoice Payments

Filed Under: Development

April 22, 2024

The powerful “Watch Notification” features of MIDAS allow users to configure automatic notifications whenever certain activity occurs within their MIDAS.

Examples uses of Watch Notifications include:

Staff members could be notified whenever they’re added to a booking
Catering staff could receive notifications whenever refreshments are added to bookings
A purchasing department could receive notifications when consumables are running low and need re-ordering
A user could be notified should an unavailable venue/time slot becomes available again

For MIDAS v4.36 we’ve added an additional Watch notification option. This provides the ability for a user to be notified whenever a payment is made against a MIDAS generated invoice.

Now, MIDAS can automatically update invoices in its system when payments are made against them, however this new notification option allows a user to be notified whenever such updates occur.

The “Invoice Payment” Watch notification option is available to users who have been granted invoicing permissions within their MIDAS system.

When enabled, a new Watch Notification is generated for the user whenever an invoice has been paid in full, or when a partial payment is received against an invoice.

Tags: invoice, notification center, notifications, pay invoices online, payment, v4.36, watches

Permalink

From Blue To Cool: We’ve given the MIDAS UI a makeover

Filed Under: Development, News

April 17, 2024

For v4.36 of our booking software, we’ve made a whole host of updates and improvements to the user interface (UI) and the included visual themes.

For many years now, MIDAS has come bundled with a number of visual theme packs.

A range of visual themes for the MIDAS interface are included

Administrators can select one of these themes to change the appearance of their MIDAS system. Additionally, administrators may optionally allow users to select their preferred theme upon login.

One of the included themes is the imaginatively titled “Default” theme. Unsurprisingly, it’s the visual theme that each MIDAS system uses initially by default.

As the “Default” theme is exactly that, many system administrators simply leave their MIDAS software set to use this theme.

In fact, from a random sample of our cloud-hosted customers, 72% of MIDAS systems are currently set to use the “Default” theme.

It’s black and white!

Interestingly though, the next most popular theme in our random sample of customer’s MIDAS systems is the “HiContrast” theme. Nearly 13% of our customers currently have this set as their default theme.

Now the primary goal when we designed the “HiContrast” theme was accessibility. In other words, we wanted to better cater to users who may have visual impairments.

The “HiContrast” theme is less colorful than our other themes. It primarily utilizes a simple “black on white” concept throughout, ensuring maximum contrast on screen.

Whilst a surprising number of our customers choose this theme, we don’t believe the vast majority opt for this particular theme primarily because of accessibility needs.

It’s all too Blue-tiful(!)

Rather, we believe that many who opt for the “HiContrast” theme do so because they feel that the “Default” theme is a bit “too blue” for their liking.

We get it! That’s one of the reasons why over the years, we’ve introduced additional visual themes where blue isn’t the main color.

We also allow self-hosted customers to create their own custom bespoke themes for our software too!

But going forward, we wanted to see if we develop a new default theme that was “less blue” than the existing default theme, while also at the same time being less “bland” than the basic black and white “HiContrast” theme.

Introducing the new default theme…

The most significant UI update for MIDAS v4.36 comes with a brand new “Default” visual theme:

The Booking Grid under the new default visual theme for MIDAS — The Booking Grid under the new default visual theme

If you prefer the previous default theme, don’t worry – it’s still available, but is now called “MIDAS (Blue)”.

We’ve also made a number of other improvements to the user interface, as well as minor tweaks to other included themes. Some text and headings are now larger than before, dialogs are clearer, there’s increased spacing between certain elements, and some interactive buttons are now larger and more prominent.

You can try the brand new “Default” theme, or any other included theme, right now by heading over to our online demo.

Tags: gui, theme, UI, user interface, v4.36

Permalink