4.8 Release Notes
Released 21 June 2019
Release Highlights
Status | Description | Product |
---|---|---|
FEATURE | Password Policy & Usability Enhancements | PLATFORM |
FEATURE | Password Strength Indicator | PLATFORM |
FEATURE | Remove Confirm Password Field | PLATFORM |
FEATURE | IATA Resolution 830d Email & Mobile Messaging | PLATFORM |
FEATURE | Care - Consultant Desktop | PLATFORM |
FEATURE | WCAG 2.0 Accessibility Enhancements - Level AA | PLATFORM |
FEATURE | Credits Expiry Notification Email | PLATFORM |
Platform Administration | ||
FEATURE | Emulate User Login Functionality | PLATFORM |
FEATURE | Traveller Sync History XML Viewer | PLATFORM |
FEATURE | Login History | PLATFORM |
FEATURE | Profile - Gender Display Options Configurable | PLATFORM |
BUG FIX | Add Credit Card Expiry Year - iPad Selection Issue | PLATFORM |
BUG FIX | Passport Middle Name Not Saving if Blank (manual entry) | PLATFORM |
BUG FIX | Incorrect Description in Approver Update | PLATFORM |
BUG FIX | Login History API Error | PLATFORM |
Password Policy & Usability Enhancements
When required to create complex passwords, users tend to do the minimum, thereby resulting in a weaker password that can be more easily hacked. Based on the latest recommendations to come out of the National Institute for Standards and Technology (NIST), changes have been made to the Travel Platform password policy to achieve a better balance between password quality and user experience.

The NIST recommends, among other things for passwords:
| ![]() |
Based on these recommendations and considering that passwords must be hashed and salted when stored (which converts them to a fixed-length representation), there should not be unnecessary restrictions on length in the travel platform.
The Travel Platform has implemented the above recommendations as part of this release in addition to a new password strength estimator.
NIST password guidelines have been used by many government institutions and federal agencies,
businesses, and universities for more than a decade.
Password Strength Indicator
Password strength meters are an important tool to help users choose stronger passwords. Using a popular algorithm developed by Dropbox, our new password strength meter alleviates the need for convoluted password complexity rules and will now favour length over complexity.
Based on the latest research and recommendations from NIST the only requirement is a minimum of 8 characters and sufficient password strength.
![]() | ![]() |
![]() | ![]() |
The above examples show the new Travel Platform’s strength meter encouraging stronger password selection by providing intuitive tips and suggestions.
Through pattern matching and conservative estimation, it recognizes and weighs 30k common passwords, common names and surnames according to US/AU census data, popular English words from Wikipedia and US/AU television and movies, and other common patterns like dates, repeats (aaa), sequences (abcd), keyboard patterns (qwertyuiop), and l33t speak.
Remove Confirm Password Field
Confirm Password has now been removed from the password reset form and change password form which makes for a simpler and more convenient user experience, particularly on mobile keyboards.
To assist with users incorrectly typing in passwords, a new feature has been added into the password control allowing the user to toggle password masking on/off. By default, when viewing via a desktop the password field is always masked.

A Show or Hide toggle is shown inside the password field, allowing the password entered to be displayed onscreen.

IATA Resolution 830d Email & Mobile Messaging
With the recent introduction of IATA Resolution 830d, Kudos incorporated a new hover message box in the profile email and mobile phone fields advising the importance of this information. From 1st June 2019, all IATA-accredited agents will be required to provide airlines with customer contact information, so that the airline may contact the passenger during an operational disruption.

Email and Mobile Phone fields are already mandatory within Profiles. This new messaging will reinforce the importance of entering accurate data to prevent passengers from being disadvantaged during their travels.

Care - Consultant Desktop
Care was previously available as a Dashboard Widget for Travel Consultants (TAM). This release now makes this option available in the Navigation Panel, providing consultants with easy access to client traveller tracking and real-time destination risk information.

WCAG 2.0 Accessibility Enhancements
Web Content Accessibility Guidelines (WCAG) is the global standard in digital accessibility guidelines. It enables all organizations to measure the accessibility of content, sites, and apps against documented success criteria for all people, including those with disabilities.
WCAG 2.0 Guidelines are categorised into three levels of conformance in order to meet the needs of different groups and different situations: A (lowest), AA (mid-range), and AAA (highest). Conformance at higher levels indicates conformance at lower levels.
The 4.8 Release had the Travel Platform undertake a full WCAG accessibility audit that resulted in a remediation strategy that saw all requirements implemented in order to achieve Level AA conformance.
Platform Administration
Emulate User Login Functionality
To assist Travel Agencies and the support of their clients, this new Kudos Administration feature allows a 1-click login to any accessible (active) profile directly into their Travel Platform.
Use the Travellers menu option and search for the profile required.
Select the Login icon associated with the user profile to be logged in automatically to the Travel Platform as the user.

After authenticating the selected profile, a new window will open with the Travel Platform logged in under that user’s credential.
Traveller Sync History XML Viewer
To allow travel agencies the ability to self-help and troubleshoot, transparency with Profile sync for any active Inbound or Outbound service has been added.
Use the Travellers menu option and search for the profile required.
Select the user’s profile (e.g. traveller) required, as seen in the following example.
The Personal Details section will be displayed by default.

Select the Third Party Integrations section to display the available (active) sync services, as seen in the following example.

To obtain details of the full request payload for a specific Profile Sync (e.g. Amadeus GDS), select the + symbol followed by the XML icon associated with the data send or received.

The data (XML) sent or received will be displayed. The following example is data sent for the traveller of the selected sync service (Amadeus GDS).

Profiles - Gender Display Options Configurable
Gender Diversity was added to the Travel Platform in 4.7 with a new Diverse gender option appearing in both the main profile and in the traveller’s passports section. To provide each client with additional flexibility in how they display profile gender, this latest release provides new configuration options in Kudos Administration.

Field | Description |
---|---|
Show Profile Gender | Default value is
It is recommended to have this field enabled ( |
Enable Diverse Gender | Default value is
Refer to Profiles - Diverse Gender for more information. |
If Show Profile Gender = no
it will be removed from the main profile, as shown in the following example.

• By default, Gender exists both on the main profile and in the Passports section
• If a Passport exists, the Passport gender always takes precedence
• In the case of no Passport, the main profile’s Gender will be used
• If Gender is hidden from the main profile and there is no Passport, it will be null (blank).
Not all downstream systems support optional genders. Clients should consult with Kudos Travel Technology to ensure no adverse effects before choosing to hide gender on the main profile.
Login History
When expanding a traveller's Login History, the external API call was failing due to changes in the service functionality. This has now been updated to accommodate these changes and correctly process the User-Agent string for the login and return detailed information about the browser, device, and operating system used, as seen in the following example.
