RiskMinder Java Developer's Guide › RiskMinder Sample Application › Performing Risk Evaluation › API Workflow and Reference

API Workflow and Reference

When you use Sample Application for risk evaluation:

1. The ArRFInitHandler.class of the com.arcot.riskfort.sampleapp.initialize package is invoked.

   After the initialization is complete, RiskMinder is ready to serve the requests.

2. RiskFactory, which is responsible for RiskMinder-related operations, is invoked by the ArRFEvaluateHelper.class in the com.arcot.riskfort.sampleapp.helpers package.

   When the evaluateRisk() method in ArRFEvaluateHelper.class is called, the RiskXActionAPI interface is invoked.

3. To perform risk evaluation, your application’s servlet, .jsp, or any other calling file must call the evaluateRisk() method of the ArRFEvaluateHelper class.

   This method returns the RiskAssessment object as response, which contains riskScore, riskAdvice, deviceID, and related information to your application.

   Important! Based on the generated risk score and advice at this stage, your application must provide logic to perform the required action, such as forward the transaction request to a CSR or force the user to perform additional authentication.

4. To perform post evaluation, your application’s servlet, .jsp, or any other calling file must call the postEvaluateHelper() method of the ArRFEvaluateHelper class.

   Important! The postEvaluateHelper() method must be called only after the evaluateRisk() method was executed.

   This method accepts CallerID, RiskAssessment object (returned by the evaluateRisk() function), and result of your secondary authentication, if any, (secondaryAuthenticationStatus), and association name (optional) as input and returns to your application the postEvaluateResponseObj object, which contains the final advice.

   The class and method required in the preceding workflow are described in the following table.