All Products
Search

This Product

    Mobile Platform as a Service:mPaaS 10.2.3 upgrade guide

    Document Center

    Mobile Platform as a Service:mPaaS 10.2.3 upgrade guide

    Last Updated:Jan 29, 2026

    The mPaaS 10.2.3 baseline is based on version 10.1.68.52. It combines new components, custom features, and compliance updates from multiple custom baselines. The features include but are not limited to the following.

    Security compliance

    Security Guard supports SM signatures. To use this baseline, you must replace the Security Guard image with the V6 version. Using the original V5 image causes Security Guard errors. For more information, see Configure the V6 Security Guard image.

    New components

    • mPaaS GMSSL (private cloud)

    • Face Liveness Detection (private cloud)

    • Mobile terminal environment detection (private cloud)

    • Mobile Threat Awareness device risk consulting services (private cloud)

    • Code Scanner

    • Intelligent Dual-Recording System (private cloud)

    • Ant Cube Card

    Compatibility

    • Starting from mPaaS 10.2.3.4, targetSdkVersion 31 is supported.

    • Supports targetSdkVersion 30.

    • Only the armeabi-v7a and arm64-v8a CPU architectures are supported. The armeabi architecture is no longer supported.

    • The mPaaS Inside connection type is no longer maintained. If you use the mPaaS Inside connection type and need to upgrade to 10.2.3, you must change to the mPaaS AAR connection type.

    • This version is compatible with Android 13 by default. No additional configuration is needed after the upgrade.

    Upgrade guide

    Configure the V6 Security Guard image

    1. In the mPaaS console, download the latest configuration file.

      image

    2. Confirm that the downloaded configuration file (Ant-mpaas-xxxxx-Android.config) contains the key v6Base64Code and that the key has a value. If the value is empty, ensure that you have uploaded a correctly signed APK before you download the file again.

    3. Upgrade the easyconfig plugin in your project to version 2.8.4. In the build.gradle file in the root directory, modify the configuration as follows.

      classpath 'com.android.boost.easyconfig:easyconfig:2.8.4'

    4. The configuration is complete. Recompile the APK.

      Important

      After you upgrade to the V6 version, you still need to enable V1 signatures. For more information, see How to resolve runtime error 608 or libsgmain native error.

    Security measures

    When you develop an app with the mPaaS framework, apps that use HTML5 containers or miniapps frequently use JavaScript APIs (JSAPIs). To prevent security issues caused by a lack of authentication, you must validate URLs when they are opened and when JSAPIs are called. This practice ensures that only internal business URLs are loaded. It also limits the scope and permissions of JSAPI calls for specific URLs.

    1. Set up JSAPI authentication.

    2. Set up a URL whitelist.

    Component management changes

    After you upgrade to the 10.2.3 baseline, the names of the following components are changed. If you previously used these components, you must reconfigure them. For more information, see Component management.

    • Sync Service has been changed to Mobile Sync Service (MSS).

    • Code Scanner.

    • Code Scanner AI component has been added. Add this component to enable AI-powered code scanning.

    Component usage upgrade guide

    Datacenter

    Starting with the 10.2.3 baseline, the method for creating an OrmLiteSqliteOpenHelper for database storage has been updated. For more information, see Create an OrmLiteSqliteOpenHelper.

    Component API changes

    Datacenter

    • Added: com.alibaba.mpaasdb.MPSQLiteOpenHelper.

    • Added: com.alibaba.mpaasdb.MPSQLiteDatabase.

    • Removed: com.alibaba.sqlcrypto.sqlite.SQLiteDatabase.

    • All instances of com.j256.ormlite.xx have been changed to com.alibaba.j256.ormlite.xx.

    Handling custom baselines

    If you use a custom baseline, you may need to create a new one based on this new version. To confirm whether this is necessary, join the DingTalk group (ID: 145930007362) and contact the mPaaS technical support.

    Regression testing

    Component

    Verification items

    Mobile Gateway Service (MGS)

    • RPC requests are normal.

    • RPC requests are normal after signature verification is enabled.

    Mobile Push Service (MPS)

    • User-dimension pushes are normal.

    • Pushes through third-party channels are normal.

    Mobile Sync Service (MSS)

    • The sync feature is normal.

    Datacenter

    UC Kernel

    • Enabled on Android 13 devices

    HTML5 Container and offline packages

    • Check the operational status of services that depend on UC kernel attributes.

    • Offline package downloads and updates are normal.

    Mini Program

    • Are services that rely on UC kernel features functioning correctly?

    • Miniapp downloads and updates are normal.

    Switch Configuration Service

    • Switch delivery and updates are normal.

    Upgrade

    • Version update checks are normal.

    Hotpatch

    • Patch package downloads are normal.

    Mobile Content Delivery Platform (MCDP)

    • Booth and material information downloads and updates are normal.

    Location-based Service (LBS)

    • The check-in feature is normal.

    Mobile Real-Time Communication (MRTC)

    • Calls are established and video displays correctly.