With this release, RSA provides new enhancements and fixes to issues reported on RSA Adaptive Authentication (On-Premise) 7.x previously released versions.
What's New in This Release:
Transaction signing. Through the integration of RSA Adaptive Authentication Mobile SDK 3.6, RSA Adaptive Authentication (On-Premise) 7.3 introduces transaction signing, an out-of-band step-up authentication method for payment transactions. This authentication method combats fraud from advanced Trojan attacks by providing assurance of the integrity and authenticity of payment transactions.
In the Policy Management application, you can set rules that challenge end users with transaction signing. For the authentication to be out-of-band, you must set the Channel Indicator in the Policy Management application to WEB.
When an end user initiates an activity on the web channel, if a policy rule is triggered and an action is set to challenge the end user with transaction signing, the end user receives a push notification on the mobile device with the payment details and is prompted to approve or reject the payment transaction. The end user views the transaction details and approves or rejects the transaction from the mobile device. The approval is sent as a cryptographic signature of the transaction details to the Adaptive Authentication server. Adaptive Authentication validates the signature and based on the results (pass or fail) the end user’s web-based session is updated accordingly (allowed or declined).
Optionally, you can integrate transaction signing with the Adaptive Authentication biometrics suite. After approving a transaction, the end user is challenged with a biometrics verification screen. If the biometrics authentication passes, the cryptographic signature is sent to Adaptive Authentication.
The mobile APIs and screens for this feature are bundled in RSA Adaptive Authentication Mobile SDK 3.6. For more information on the Mobile SDK 3.6, see the RSA Adaptive Authentication Mobile SDK Modules 3.6 Developer's Guide.
One-time password pushed to mobile device. Through the integration of RSA Adaptive Authentication Mobile SDK 3.6, RSA Adaptive Authentication (On-Premise) 7.3 offers a one-time password pushed to an end user’s mobile device as a step-up authentication method. If a logon or transaction is considered risky, Adaptive Authentication sends a one-time password to the end user’s mobile device in the form of a push notification. The end user then enters the password in the web browser or mobile device to authenticate the online activity.
For information about the Mobile SDK 3.6, see the RSA Adaptive Authentication Mobile SDK Modules 3.6 Developer’s Guide.
New IP details facts. RSA Adaptive Authentication (On-Premise) 7.3 exposes three new facts in the IP details category: Number of users per IP in the last 10 minutes, Number of users per IP in the last 1 hour, and Number of users per IP in the last 1 day.
SOAP API logging in Case Management. RSA Adaptive Authentication (On-Premise) 7.3 introduces SOAP API logging for the Case Management application.
Oracle Database partitioning. RSA Adaptive Authentication (On-Premise) 7.3 introduces a generic SQL script to partition Oracle Database tables and indexes. This partitioning differs from RAC partitioning. For more information, see the Installation and Upgrade Guide.
All of the platforms supported by RSA Adaptive Authentication (On-Premise) 7.x previously released versions are supported by this release.
Installation and Upgrade:
Adaptive Authentication 7.3 includes a clean install and also supports a direct upgrade from the following versions:
· 7.1 P6
RSA Adaptive Authentication (On-Premise) 7.3 is available for download. For information on obtaining the product downloads, see the Release Notes.
For additional documentation, downloads, and more, visit the RSA Adaptive Authentication on RSA Link
RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the link below for additional details.
Product Version Life Cycle