Risk-Based Authentication Message Policy

Document created by RSA Information Design and Development on Jun 13, 2017Last modified by RSA Information Design and Development on Jun 13, 2017
Version 2Show Document
  • View in full screen mode

The risk-based authentication (RBA) message policy defines the message that users see when they are prompted to configure their identity confirmation method. You might use this message to inform users about why they need to configure an identity confirmation method. This message displays when all of the following conditions exist:

  • The user authenticates to a web-based application, such as an SSL-VPN, thin client, or web portal.

  • The user has not configured an identity confirmation method.

  • The user attempts to authenticate using a high assurance device.

You can assign an RBA message policy to any security domain. A deployment can have multiple RBA message policies, which you assign by editing the security domain. Security domains use the deployment’s default RBA message policy until you assign a different RBA message policy.

 

 


Attachments

    Outcomes