000030861 - AAH: no Device ID showing in the RSA back office

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000030861
Applies ToRSA Product Set: Adaptive Authentication (Hosted)
RSA Product/Service Type: Adaptive Authentication (Hosted)
RSA Version/Condition:
Platform: Other
Platform (Other): na
O/S Version: null
Product Name: null
Product Description: null
Issue There is no Device ID showing for this user in the RSA back office under Case Management.
I need to know why the device ID does not show in the RSA back office for this user. What would cause this?  

What is a Device Fingerprint?

A device fingerprint includes the detailed hardware and software characteristics of the

user's device. This information is used to identify the device attempting to access a

system protected by RSA Adaptive Authentication or Transaction Monitoring.


The device fingerprint consists of the following data:

  •  Browser and user agent data (version, platform, browser language settings, and time zone settings)
  •  Browser Events (mouse movements and keyboard strokes)
  •  Screen resolution (width and height dimensions, and color depth)
  •  Software and plug-in information
  •  Latency (internal IP and external IP ping time)

The information gathered from the device, for the device fingerprint,  is fed into the RSA Risk Engine, where it contributes to the risk assessment and scoring, as well as to user profile building.

The Device Fingerprinting code runs in each page where the organization requires a

risk assessment, such as in the organization's logon page, or in pages that contain

other events such as payments or address changes. The organization then passes the

gathered device fingerprint information in a SOAP message to Adaptive

ResolutionThe Device Fingerprint is obtained from a javascript placed on the device. RSA.js information is gathered from the device, then it is sent back to the customer and forwarded through a SOAP message to RSA riskengine via a SOAP message. 
Ultimately,  the lack of Device Fingerprint is not directly controlled by the RSA back end system, this is a client issue and the cause and resolution is on the client end.
If there is no Device Finger print on an occasional user in the backoffice the most likely cause is that the device did not allow the rsa.js to run, or blocked the collection in some way. (this can be expected behavior)
If there are no Device Fingerprints in any devices of an FI, then this could have something to do with the implementation of the API, where the Device Fingerprint is not properly gathered or added to the SOAP message.    This should be referred to customer's implementation team, or Professional Services contacts if available or would require a PS engagement, if there is no existing SOW (Statement of Work.)