Overview of the Intelligent Adaptive Authentication integration

With Intelligent Adaptive Authentication you can integrate user registration, authenticator activation, and flows with remote authentication performed by a trusted device. Such a trusted device is a mobile application with an integration of the OneSpan Mobile Security Suite Orchestration SDK.

Preparing the integration of Intelligent Adaptive Authentication

Integration of Intelligent Adaptive Authentication with OneSpan Mobile Security Suite Orchestration SDK

To prepare the integration of Intelligent Adaptive Authentication into your solution, proceed with the following steps:

Integration steps

To integrate Intelligent Adaptive Authentication step-by-step

  1. Integrate the OneSpan CDDC JavaScriptClosed OneSpan CDDC JavaScript helps you to collect the required information of the initiated client device: browser, operating system, and general computer information. With this JavaScript you can include fingerprint data and hash values, that must be retrieved by your application server and provided to the Intelligent Adaptive Authentication APIs, into your web forms. into the login page of your web application.
  2. Implement the Intelligent Adaptive Authentication user registration in your web application to start the authenticator provisioning handled by the Orchestration SDK.
  3. Register your application for notification in the OneSpan Community Portal and integrate the Orchestration SDK in your mobile application.
  4. Implement Intelligent Adaptive Authentication login and transaction in your web application to support intelligent adaptive authentication.

    When implementing Intelligent Adaptive Authentication, ensure to select the correct endpoints and request body values from the OneSpan Trusted Identity platform APIClosed Provides the endpoints that are required for the successful completion of the operations.:

Changing Risk Management component rules

When you have set up your sandbox environment and integrated all necessary components, you can log on to the Risk Management componentClosed The Risk Management component is a highly versatile, reliable, and scalable fraud management system used for monitoring online banking applications and payment processing across multiple channels; it helps to protect against anti-money-laundering (AML), online banking fraud, and to comply with regulations. and browse to the default rulesClosed Rules are used to define sets of criteria to verify if an event (transaction and non-monetary event) matches any fraudulent behavior. If an event matches a previously defined rule, an alert can be raised. provided for Intelligent Adaptive Authentication.

By defining rules and rule criteria in the Risk Management component you centrally define criteria to analyze risks and set the appropriate action you want to perform (reject a login, challenge the user with biometric authentication etc.). To access the Adaptive Authentication rules, in the Risk Management component navigate to DESIGN RULES & ACTIONS > Rule Management > Rules and configure the rules as required.

For a detailed description of rules in the Risk Management component and how to change them, refer to the Risk Analytics Admin Guides.