RSA, The Security Division of EMC, announces the release of Adaptive Authentication for eCommerce v17.0.
RSA Adaptive Authentication for eCommerce Products Solutions is a comprehensive authentication and fraud detection solution for the eCommerce market. The solution is based on the 3DSecure protocol ("Verified By Visa" and "MasterCard SecureCode") and is powered by risk-based authentication, an intelligent system that authenticates users by measuring a series of risk indicators. Transparent authentication provides a user-experience in which customers are only challenged in high-risk scenarios.
What's New in This Release
RSA Adaptive Authentication for eCommerce v17.0 introduces a new Policy Management Application.
The Back Office applications now include a new, GUI-based Policy Management application for enhanced usability and policy visibility. You can use the application to create a risk-management policy that is in line with the unique security needs of your organization, for managing fraud loss, card holder experience and case volume. A policy contains a set of rules for a specific business need. Each rule is comprised of one or more logic conditions and an action (allow, decline, challenge).
In order to maintain full backward compatibility, RSA will only implement the new Policy Management Application per customer request. The implementation will take place after a mutually defined set of required rollout steps that will be coordinated via the official support channels. By default, the system behavior prior to v17.0 remains as is.
Following are some of Policy Management features:
- Policy Editing. You can create and edit rules using the New Rule wizard. In the wizard you can construct a rule by defining the following elements:
- General rule details: Rule Name, Description, Status, Comment, and Order.
- Conditions: Build a condition using facts, operators, and lists.
- Actions: Allow, Challenge, Deny.
- Managing Rules. You can manage existing rules in a Manage Rules table.
- Managing Lists. You can view, create, edit, and delete the lists that are used in rules.
- Testing Rules. You can grant a rule Test status. Test rules include the following attributes:
- A Test rule runs on production data but no action takes place except case creation.
- Statistics are collected to analyze the effectiveness of Test rules.
- When a Test rule is triggered, the activity is recorded in the database.
- If a case is created in the Case Management application, you can determine whether the case was created by a Test rule or a Production rule.
- Approval Process. RSA applies checks and balances so that rules are not automatically integrated into a production environment. To change the status of a rule, a user must first submit a request. For a rule to be promoted to a production environment, a user with suitable permissions must approve the rule status change. For more information, see the Customer Service Administration Application chapter in the Back Office User's Guide.
- Publishing Updates. Approved changes to a policy are immediately implemented into the production environment for seamless integration.
- Roles and Permissions. Users of the Policy Management application can be assigned various roles. Each role defines a unique set of permissions. Roles are hierarchical way that give users access only to the specific functions that they need to perform.
UAT Environment Availability
The UAT environment will be available from September 28, 2014.
For more information, please contact your RSA support representative.