000031423 - How is a 'Silent Mode' or Period for an Financial Institution(FI) defined in RSA Adaptive Authentication (Hosted)

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000031423
Applies ToRSA Product Set: Adaptive Authentication (Hosted)

IssueA customer may ask about the "silent 'mode" or "silent period" for a newly launched FI.
Example questions:
  • Can you please explain how exactly the silent mode works?
  • What is included and what is excluded as part of silent mode?
  • Does collection of user details work even in the case of silent mode?
  • How about OOB and other authentication methods?  
ResolutionSilent Mode 
New financial institutions (FIs) implementing Adaptive Authentication are strongly suggested to have a learning period in which the risk engine and risk model are running in the background and trained over the customer’s real transactional data. 

  • Information gathered is on activities of users, device IDs and IPs addresses(with the help of cookies, device fingerprints, rsa.js to collect data)
  • During this learning period the risk engine accumulates the customer data in the background, gathers enough historical information so statistical analysis can effectively contribute to efficient fraud detection.
  • The learning period also assures a constant risk score distribution using the score normalization process. 

Ideally, the risk engine would run in learning mode for a period of three months, but the length can vary from one customer to the other based on the overall volumes and fraud markings.

  • The intention is that during these three months, the customer should mark fraudulent activities via the case management functionality.
  • This allows the risk engine to learn the customer’s fraud and genuine behavioral patterns, tune its risk model based on those specific patterns and thus, achieve the best fraud detection rates and false-positive ratio for the specific customer when switching into active mode. 

There is an impact of immediately launching the FI without a silent period by starting collection and authentication rules immediately after FI creation.

This exposes the risk engine to the active FI environment without the proper learning period, and this will have a great effect on the fraud detection rates and score distribution.


It is again strongly suggested to allow the risk engine to gather sufficient information for the training and statistical analysis then the risk engine can be moved to active mode. In this stage the risk score that is returned to the customer can be used to define score based policy rules.