Previous Topic: Verify the InstallationNext Topic: How to Deploy CA Risk Authentication on Distributed System

CA Risk Authentication Windows Installation GuideHow to Deploy CA Risk Authentication on a Single SystemHow to Use the Sample Application for Risk Evaluation

How to Use the Sample Application for Risk Evaluation

This section describes how Sample Application are used for risk-evaluation operations. Each operation in Sample Application is designed to run without error when CA Risk Authentication is installed and functional.

Sample Application demonstrates the following operations that CA Risk Authentication Server can perform:

Perform Risk Evaluation and Post Evaluation for a First-Time User

Follow these steps:

  1. Verify that the Sample Application is open (on a web browser). The following URL is the default one for Sample Application: 
    http://<host>:<appserver_port>/CA Risk Authentication-8.0-sample-application/index.jsp
  2. Click Evaluate Risk.
  3. Enter the name of the user (who you want to evaluate) in the User Name field.
  4. If necessary, enter the name of the organization to which the user belongs in the User Organization field.
  5. If necessary, enter the Channel from which the transaction originated.
  6. Click Evaluate Risk to open the Risk Evaluation Results page.

    This page displays the Risk Score, the associated Risk Advice, and lists the rules that are configured for the specified organization. For a first-time user, the result is ALERT.

  7. Click Next Step to open the Post Evaluation page and perform post-evaluation on the specified user profile.

    By using Post evaluation, your application provides feedback to CA Risk Authentication Server about the current user and the device they are using. CA Risk Authentication updates user and device attributes and the user-device association based on this feedback, and accordingly assesses the risk that is associated with the transactions for the user in future.

  8. Select the result of secondary authentication by selecting the appropriate option from the Result of Secondary Authentication list.
  9. Enter the name for the user name-device association in the Association Name field.
  10. Click Post Evaluate to complete the process, and to display the result in the Post Evaluation Results section.

Create Users

Follow these steps:

  1. To create a GA account, do the following steps:
    1. Log in to Administration Console as the MA.
    2. Ensure that the Users and Administrators tab is active.
    3. On the left-hand-side menu, click the Create Administrator link.
    4. Specify the required information and click Next.
    5. On the Create Administrator page, select Global Administrator.
    6. Enter the Password and Confirm Password.
    7. Select the All Organizations option in the Manages section.
    8. Click Create.
    9. Click Logout in the top-right-hand corner of the page to log out as the MA.
  2. Log in to Administration Console as a Global Administrator (GA) or an Organization Administrator (OA). The URL is as follows: 
    http://<host>:<appserver_port>/arcotadmin/adminlogin.htm
  3. Follow the instructions that are displayed to change your password.
  4. Activate the Manage Users and Administrators subtab under the Users and Administrators tab.
  5. Navigate to Manage Users and Administrators (left-hand-side menu), and click Create User.
  6. On the Create User page do the following steps:
    1. Enter a unique user name, their organization name, and optionally, other user information in the User Details section.
    2. If necessary, enter other user information in the corresponding fields.
    3. Select the required User Status.
    4. Click Create User.

    The "Successfully created the user" message appears if the specified user is added to the database.

  7. Return to the Sample Application page.

Perform Risk Evaluation and Post Evaluation for a Known User

Follow these steps:

  1. On the Main Page of Sample Application, click Evaluate Risk.
  2. Enter the name of the user that you created in the section, Creating Users.
  3. Enter the user’s organization.
  4. If necessary, enter the Channel from which the transaction originated.
  5. Click Evaluate Risk.

    The Risk Advice typically is INCREASEAUTH.

  6. Click Store DeviceID to store the specified type of Device ID information on the end user's device.
  7. Click Next Step to perform Post Evaluation as follows:
  8. Click Post Evaluate to display the final advice.

    If you repeat Step 1 through Step 5, the Risk Advice changes to ALLOW on the Risk Evaluation Results page.

Edit the Default Profile and Performing Risk Evaluation

Using Sample Application, you can change the DeviceDNA, IP address, and the Device ID of the computer that you are using to simulate various scenarios. To edit the default profile of a user, Follow these steps:

  1. On the Main Page of Sample Application, click Evaluate Risk.
  2. Enter the user name whose profile you want to edit in the User Name field.
  3. Enter the user’s organization in the User Organization field.
  4. Click Edit Inputs.
  5. Change the values of one or more of the fields, as required from the populated list.
  6. Click Evaluate Risk.
  7. Click Next Step to open the Post Evaluation page and perform post-evaluation on the specified user profile.
  8. Select the result of secondary authentication by selecting the appropriate option from the Result of Secondary Authentication list.
  9. Click Post Evaluate to complete post-evaluation and display the result of the same.

Note: To ensure secure communication between the components, you can configure them to support SSL (Secure Socket Layer) transport mode. For more information, see "Configure SSL" in the CA Risk Authentication Administration Guide.

Important! After you complete all these post-installation tasks, perform the SDK and Web services configuration tasks that are discussed in Configure CA Risk Authentication SDKs and Web Services.

Apply the Post-Installation Checklist

Complete the following checklist with the installation and setup information for CA Risk Authentication. This information is useful when you perform various administrative tasks.

Your Information

Example Entry

Your Entry

ARCOT_HOME

C:\Program Files\Arcot Systems

 

SYSTEM INFORMATION

Host Name

my-bank

 

User Name

administrator

 

Password

password1234!

 

Configured Components

 

 

CA Risk Authentication Server

Administration Console

User Data Service

 

ADMINISTRATION CONSOLE INFORMATION

Host Name

localhost

 

Port

8080

 

Master Administrator Password

mypassword1234!

 

USER DATA SERVICE INFORMATION

Host Name

localhost

 

Port

8080

 

Application Context Root

arcotuds