000035826 - How to manually update eFN with fraudulent IPs in RSA Adaptive Authentication (Cloud)

Document created by RSA Customer Support Employee on Jan 2, 2018
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000035826
Applies ToRSA Product Set: Adaptive Authentication (Cloud)
RSA Product/Service Type: Adaptive Authentication (Cloud)
IssueIs there a way to feed known fraudulent IPs into the RSA eFraud Network?
The customer has a list of IPs that have been associated with confirmed fraud events.  How can this information be provided to the eFraud network to trigger actions in transactions?
ResolutionTo add a list of customer derived IPs that are known to be fraudulent, here are the options that are available ---
  1. The preferred option is to mark the transaction as fraud via the case management so that the fraud marking will be part of the risk engine learning and the eFN.
  2. There is another option -- create an 'internal fraud list' via case management List (and then create a rule to trigger when an IP is seen in this list) and take the actions you wish on the transaction that triggered the rule. (Your organization would have to maintain this list adding and removing IPs as you gain information on their risk status)
  • To do this -- See BackOffice Users Guide attached. List management  page 109 
  • After you create lists, you can use the  list to build conditions in the New Rule wizard