RiskMinder Java Developer's Guide › Understanding RiskMinder Workflows › Risk Evaluation Workflows

Risk Evaluation Workflows

The risk evaluation workflows enable your online application to determine if the incoming user request is potentially risky or not:

• If the risk is low, the user is allowed to access your online application.
• If the risk is high, the user is denied access to your system.
• If the transaction is tagged as suspicious, this workflow also prompts your application to challenge users for additional authentication to prove their identity.

  If the user fails this additional authentication, then it is recommended that you do not allow the user to access the protected resource(s).

You can implement RiskMinder’s risk analysis capability either before the user logs in to your online application or after they have successfully logged in and are performing a transaction. Depending on when you call RiskMinder’s evaluateRisk() function, the following workflows are possible:

• Pre-Login Risk Evaluation Workflow
• Post-Login Risk Evaluation Workflow