When an end user tries to access a protected resource, the Advanced Authentication service first collects a wide range of data, such as details about the following:
The service evaluates that data using risk evaluation rules.
A risk evaluation rule is a set of conditions against which the end user or device data is validated. The result of each rule is then evaluated in the order of priority that is set by an administrator. A score and advice are generated based on the first rule that matched (the higher the risk score, the greater the probability of a fraud). Based on this advice, the end user is granted access, denied access, or asked for additional authentication.
Risk evaluation rules are listed and explained in a later section.
|
Copyright © 2013 CA.
All rights reserved.
|
|