RSA Announces the Release of RSA Adaptive Authentication (Cloud) 14.2.2

Document created by RSA Product Team Employee on Dec 23, 2020Last modified by RSA Product Team Employee on Jan 3, 2021
Version 3Show Document
  • View in full screen mode

Summary:

We are happy to announce the release of RSA Adaptive Authentication (Cloud) 14.2.2, which includes these new features, enhancements, and changes.

What's New in This Release

New support for automatically locking cases when using the updateCase Case Management API
method

Whenever the updateCase Case Management API method is used, the cases are now automatically locked by default to the user assigned to the case. For more information, see updateCase Method in the API Reference Guide.

New support for changing the maximum number of activities retrieved through the getActivities Case Management API method

It is now possible to change the maximum number of activities retrieved through the getActivities Case Management API method for any SOAP request. Previously, the maximum limit was 2000 and was not configurable. This parameter is only configurable by an RSA representative in the Back Office application. These are the maximum values that are configurable:

  • 2000 (default)
  • 5000
  • 7000
  • 10000

For more information on changing this configuration, contact your RSA representative. In addition, the paging Structure and getActivities Response Message sections in the API Reference Guide have been updated based on these changes.

New searching capabilities in the Access Management application

  • New support for searching for a user by their User Name, First Name, or Last Name in the Application Users page of the Access Management application: It is now possible to search for a particular user by their user name, first name, or last name using the User Name, First Name, and Last Name search boxes added to the Application Users page in the Access Management application. For more information, see Application Users Page in the Back Office User Guide.
    Note:
    • When searching for a user name, first name, or last name, a wildcard search using an asterisk (*) is unsupported.
    • When searching for a user name, the search conforms to the existing requirements for a user name. The user name can only contain alphanumeric characters: a-z, A-Z, 0-9 and these nonalphanumeric characters: / & ; + - . _ $ ' ( ).
  • New support for searching for an organization in the Application Organizations page of the Access Management application: It is now possible to search for a particular organization using the Organization Name search box added to the Application Organizations page in the Access Management application. Use the Reset button to clear the search results. For more information, see Application Organizations Page in the Back Office User Guide.
    Note: When searching for an organization name, the search conforms to the existing requirements for the name. The maximum length of organization names is 20 characters and these characters cannot be used: [^<>&].*

New filters and columns added in the Research Activities page of the Case Management application

  • New Amount (Default Currency) filter: It is now possible to filter activities by their Amount (Default Currency) in the Research Activities page of the Case Management application. This filter includes From Amount and To Amount fields for specifying the range for the amount in the default currency that is associated with the activities. In addition, the activities listed in the results table in the Research Activities page now includes an Amount (Default Currency) column, which is sortable.
  • New Client Cookie filter: It is now possible to filter activities by the Client Cookie in the Research Activities page of the Case Management application. In addition, the activities listed in the results table in the Research Activities page now includes a Client Cookie column, which is sortable.

For more information on these filters, see Research Activities Filters in the Back Office User Guide.

New fields added to the Cases Raw Data Reports

In the Raw Data Reports (RDR) called Cases Reports, these new fields have been added to the end of the report:

  • CreatedBy: Indicates the user ID of the operator who created the case.
  • BackColoringColorLevel: Indicates the level used in the coloring process for marking confirmed or suspected fraud or events that have data elements in the eFraudNetwork service.
  • BackColoringRiskScore: Indicates the new calculated back coloring score returned by the RSA Risk Engine.
  • BackColoringReasonList: Indicates the data element that caused the event to be back colored.
  • BackColoringLastUpdated: Indicates the date that the event was back colored.
  • UserAgentString: Indicates the current user agent for the transaction, which is retrieved from the HTTP request header and is used in device profiling.

For more information on these fields, see Cases Report in the Raw Data Reports User Guide.

New support for editing or deleting rules from a default organization in the Policy Management application

It is now possible to edit or delete any rule from a default organization in the Policy Management application. For more information, see Introduction to Rules and General Rule Parameters in the Back Office User Guide.

New rule conditions (facts) added when creating rules in the Policy Management application

When creating rules in the Policy Management application, these rule conditions (facts) have now been added to these rule condition (fact) categories:

  • Device Details rule condition (fact) category:
    • Mobile Hardware ID*: Specifies the International Mobile Equipment Identity (IMEI) for GSM. The Mobile Equipment Identifier (MEID) or the Electronic Serial Number (ESN) for CDMA phones.
    • Mobile SIM ID*: Specifies the International Mobile Subscriber Identity (IMSI) or Mobile Station International Subscriber Directory Number (MSISDN). This element is currently not supported by iOS.
    • Mobile Other ID*: Specifies a unique identifier that is created by the mobile application, such as the installation ID.
    • # Number of Days Since DeviceID First Seen: Specifies the number of days since this Adaptive Authentication Device ID for the device was first seen.

       Note: These rule conditions are only displayed when the channel indicator is set to MOBILE.

       For more information on these rule conditions, see Device Details Rule Conditions (Facts) in the Back Office User Guide.

  • Transaction Details rule condition (fact) category:
    • Mobile Sub Channel: Specifies for a mobile channel the particular mobile traffic in a sub channel as either Mobile Browser or Mobile Application.
      Note: This rule condition is only displayed when the channel indicator is set to MOBILE.
    • Transaction Time (Hours): The time in hours that the transaction occurred in the format HH. The expected values range from 0-23, where 0 represents 12:00 AM and 23 represents 11:00 PM.
      Note: When creating a rule that spans two different days, such as between 21:00 PM and 05:00 AM, you need to use the combination of the Greater than and Less than operators. The Between operator only works for a timeframe within the same day.

         For more information on these rule conditions, see Transaction Details Rule Conditions (Facts) in the Back Office User Guide.

  • Payee Detail rule condition (fact) category:
    • Total Amount of Successful Transfer or Payment in Local Currency: Accumulated transaction amounts successfully transferred or paid in the local currency, as configured in the Back Office application, into the payee account. For example, a rule can be defined to count transactions from a particular user totaling more than 500 Euros, where Euros is the local currency configured in the Back Office application, such as Transaction A totaling 200 Euros and Transaction B totaling 301 Euros. If this rule condition is met, the applicable action is triggered. For more information on this rule condition, see Payee Detail Rule Conditions (Facts) in the Back Office User Guide.

Deprecation of rule conditions (facts) when creating rules in the Policy Management application

When creating rules in the Policy Management application, two rule conditions (facts) have now been deprecated in the Device Details rule condition (fact) category and are no longer supported. As indicated in a previous October 29, 2020 advisory in preparation for this release, ensure to follow these directives and the instructions provided as an alternative to these rule conditions (facts):

  • Device Bound to a User: As indicated in a previous advisory in preparation for this release, ensure that you have changed any rules based on this rule condition (fact) to use the rule condition (fact) called User's Device Not Bound. Going forward for any new rules that you want to specify whether the device is bound to an end user, use this rule condition (fact).
  • Event Comes from Aggregator Device: Ensure that you delete any rules that are based on this rule condition (fact). In future, to handle events coming from an aggregator device, the customer will be responsible for creating rules, managing lists, deciding what is considered an aggregator, and determining whether the aggregator should be added to a whitelist.

In addition, these rule condition (facts) have been removed from the documentation. If you have any questions, contact either your Service Account Manager or RSA Technical Support.

 

For additional documentation, downloads, and more, visit the RSA Adaptive Authentication page on RSA Link.

 

EOPS Policy:

RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.

Attachments

    Outcomes