000035004 - Rule is triggering from one location but not in another in RSA Adaptive Authentication (Hosted)

Document created by RSA Customer Support Employee on Apr 12, 2017
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000035004
Applies ToRSA Product Set: Adaptive Authentication (Hosted)
RSA Product/Service Type: Adaptive Authentication (Hosted)
RSA Version/Condition: 11
IssueA user is reporting that a rule is not working as expected when a transaction is completed. The rule appears to not fire even though all the conditions are met. The user also reports that they only have difficulty getting the rule to fire when attempting the transaction at work; when they try a transaction from home, the rule fires as expected. The rule itself has no conditions based on location or IP address so the user believes being in a different location should not make any difference.
CauseThe rule is not firing because the IP address of the user is on a RSA internal aggregator list. Aggregators are tools a user enrolls in to perform tasks for a user (such as in this case online banking,) using the aggregator's characteristics such as IP address.  Since the aggregator's login does not give sufficient characteristics of the user to do a acceptable authentication, the system will skip all rules that have been set up. The rule is firing at home because the aggregator is not being used at home.
ResolutionThere is no "resolution" as the above describes AA hosted expected behavior.