As the information received from CTO team, RSA Risk Engine builds for every account a number of profiles ? Geolocation, Cookie, Flash Cookie, Class B IP and Device fingerprint.
For example, In order for the Device Fingerprint profile to be built, it requires some fields as a minimum requirement.
The "Display field" is currently one of these mandatory fields required for the device fingerprint profile to be created.
If a client does not send this field ? no Device Fingerprint profiles are built for its users.
The creation of the Device Fingerprint profile has nothing to do with the creation or not of other profiles.
The creation of one profile is not dependent on the creation of another
Sending more data elements, and more reliable ones would not always result in a general decrease of the Risk Scores, but rather in a lower false-positive ratio, more stable users? profiles and therefore, an overall higher quality of fraud detection.
Also the Cookies information are saved in our DB as they are received from the client. Encrypted or not ? the only thing that is important to us is their uniqueness.
If cookies are sent encrypted ? we save them this way.
|Issue||Impact of missing information on creation of Profiles by Risk Engine|
|Legacy Article ID||a46327|