[No QA] [ECUK In-App 3DS] Rename MFA error codes and fix unsupported device logic#86317
Conversation
|
Hey, I noticed you changed If you want to automatically generate translations for other locales, an Expensify employee will have to:
Alternatively, if you are an external contributor, you can run the translation script locally with your own OpenAI API key. To learn more, try running: npx ts-node ./scripts/generateTranslations.ts --helpTypically, you'd want to translate only what you changed by running |
|
@codex review |
Codecov Report✅ Changes either increased or maintained existing code coverage, great job!
|
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: a7896b1303
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
|
@mananjadhav Please copy/paste the Reviewer Checklist from here into a new comment on this PR and complete it. If you have the K2 extension, you can simply click: [this button] |
|
@dmkt9 @m-natarajan Please ignore this PR. I will take over this |
Reviewer Checklist
Screenshots/VideosAndroid: HybridAppOn Android/iOS native without biometrics or passcode enrolled, trigger an MFA flow (e.g. Set PIN, Authorize Transaction, or Biometrics Test) Screen.Recording.2026-03-26.at.22.14.55.movOn Android/iOS native, trigger an MFA flow for a scenario that only allows passkeys (mock allowedAuthenticationMethods to [PASSKEYS] only) Screen.Recording.2026-03-26.at.22.14.05.moviOS: HybridAppOn Android/iOS native without biometrics or passcode enrolled, trigger an MFA flow (e.g. Set PIN, Authorize Transaction, or Biometrics Test) Screen.Recording.2026-03-26.at.22.15.34.movOn Android/iOS native, trigger an MFA flow for a scenario that only allows passkeys (mock allowedAuthenticationMethods to [PASSKEYS] only) Screen.Recording.2026-03-26.at.22.10.27.movMacOS: Chrome / SafariOn web (Chrome/Safari), trigger an MFA flow for a scenario that only allows biometrics (e.g. if such a scenario exists, or mock allowedAuthenticationMethods to [BIOMETRICS] only) Screen.Recording.2026-03-26.at.22.08.27.mov |
|
@JakubKorytko I see an error on IOS when trying the biometric scenario (Note: need to remove biometric from allowedAuthenticationMethods)
|
This reverts commit bc38402.
|
@DylanDylann ah it's because of the circular import. Reverted this change - works good for me now, please re-test. |
DylanDylann
left a comment
There was a problem hiding this comment.
The rest looks fine to me
|
We did not find an internal engineer to review this PR, trying to assign a random engineer to #85830 as well as to this PR... Please reach out for help on Slack if no one gets assigned! |
|
I will say, I know this wasn't introduced in this PR, and it seems like it's not particularly solvable (RN's android hybridappsystem.settings.link.mp4Honestly, maybe we just don't link it at all on Android as a follow-up |
|
Oh, I just noticed, @JakubKorytko QA is not going to be able to execute the test steps because they cannot mock code values. Can you write QA steps that they'll actually be able to perform? Thanks |
|
🚧 @chuckdries has triggered a test Expensify/App build. You can view the workflow run here. |
|
🧪🧪 Use the links below to test this adhoc build on Android, iOS, and Web. Happy testing! 🧪🧪
|
|
✋ This PR was not deployed to staging yet because QA is ongoing. It will be automatically deployed to staging after the next production release. |
|
🚀 Deployed to staging by https://github.com/chuckdries in version: 9.3.50-0 🚀
Bundle Size Analysis (Sentry): |
|
🤖 Help Site Review — No Changes Required I reviewed all files under Findings: This PR modifies internal MFA error codes, reorders device-check logic, and makes the The existing help site articles that are closest in topic are:
However, these articles exclusively describe SMS OTP-based 3D Secure verification (the Verified by Visa flow). They do not reference:
No other article under Conclusion: No help site changes are required for this PR. The modified error codes and platform-specific error screens are purely internal to the in-app MFA flow, which is not yet documented in any help site article. |
|
🚀 Deployed to production by https://github.com/jasperhuangg in version: 9.3.50-8 🚀
|

Explanation of Change
NO_ELIGIBLE_METHODS->NO_AUTHENTICATION_METHODS_ENROLLED,UNSUPPORTED_DEVICE->AUTHENTICATION_TYPE_NOT_SUPPORTED) for clarity.useNativeBiometrics.tsso failure screens match correctly.UnsupportedDeviceFailureScreenplatform-aware via native/web index files (mobile says "use web app", web says "download mobile app").Spanish translation confirmation: https://expensify.slack.com/archives/C01GTK53T8Q/p1774443435075649
Fixed Issues
$ #85830
PROPOSAL: N/A
Tests
allowedAuthenticationMethodsto[BIOMETRICS]only)allowedAuthenticationMethodsto[PASSKEYS]only)new.expensify.com)Offline tests
N/A
QA Steps
N/A
PR Author Checklist
### Fixed Issuessection aboveTestssectionOffline stepssectionQA stepssectiontoggleReportand notonIconClick)src/languages/*files and using the translation methodSTYLE.md) were followedAvatar, I verified the components usingAvatarare working as expected)StyleUtils.getBackgroundAndBorderStyle(theme.componentBG))npm run compress-svg)Avataris modified, I verified thatAvataris working as expected in all cases)Designlabel and/or tagged@Expensify/designso the design team can review the changes.ScrollViewcomponent to make it scrollable when more elements are added to the page.mainbranch was merged into this PR after a review, I tested again and verified the outcome was still expected according to theTeststeps.Screenshots/Videos
Android: Native
Android.mov
Android: mWeb Chrome
iOS: Native
iOS: mWeb Safari
MacOS: Chrome / Safari
Web.mov