CA RiskMinder Administration Guide › Managing Global Configurations › Managing Global Rule Configurations › Editing Rule Definitions Using the Rule Builder › Configuring Untrusted IP Types

Configuring Untrusted IP Types

RiskMinder uses the IP address of the user’s computer as one of the input parameters to assess the risk of each transaction. RiskMinder evaluates the incoming transaction and checks if it originated from an IP address marked as untrusted. Such transactions are typically denied. The different categories of untrusted IP types are:

• Negative

  IP addresses with this designation have been sources of fraudulent transactions in the past.

  Important! Use this option, if you manually configured an IP addresses as negative, as discussed in "Configuring Untrusted IP Addresses".

• Active

  IP addresses with this designation allegedly are anonymizing proxies that have been sources of fraudulent transactions and have been active in the last six months.

• Suspect

  IP addresses with this designation allegedly are anonymizing proxies that have been active over the last two years, but not for the last six months.

• Private

  IP addresses with this designation allegedly are anonymizing proxies that are not publicly accessible. These addresses typically belong to commercial ventures that sell anonymity services to the public.

• Inactive

  IP addresses with this designation allegedly have been sources of fraudulent transactions, but have been found inactive in the last two years.

• Unknown

  IP addresses with this designation allegedly are anonymizing proxies for which no positive results are currently available.

  Note: The Active, Suspect, Private, Inactive, and Unknown negative type categories are derived from the Quova data.

To configure the types of untrusted IP addresses applicable to your organization:

1. Ensure that you are logged in as a GA.
2. Activate the Services and Server Configurations tab.
3. Under the Rules Management section on the side-bar menu, click the Rules and Scoring Management link.

   The Rules and Scoring Management page appears.

4. From the Select the Ruleset list, select the ruleset for which this configuration is applicable.

   The configuration information for the specified ruleset appears.

5. In the RULENAME column, click the Untrusted IP Check link.

   The RiskFort Rule Builder page appears.

6. In the Negative IP Types Configuration section, select the applicable types of negative IP address categories, and click Update.
7. Click Update at the bottom of the Rule Builder page to save the changes.

   The changes are not yet active and are not available to your end users.

8. To make the changes active, you must migrate them to production.

   See "Migrating to Production" for instructions to do so.

9. Refresh all deployed RiskMinder Server instances.

   See "Refreshing the Cache" for instructions on how to do this.