Enabling Identity Confirmation Methods for a Risk-Based Authentication Policy

Document created by RSA Information Design and Development on Feb 12, 2018Last modified by RSA Information Design and Development on Jan 24, 2020
Version 11Show Document
  • View in full screen mode

If your deployment uses risk-based authentication (RBA), you must enable at least one identity confirmation method. RBA is a multifactor authentication solution that strengthens traditional password-based systems by applying knowledge of the client device and user behavior to assess the potential risk of an authentication request. If the assessed risk is high, the user is challenged to further confirm his or her identity using one of the following methods:

On-demand authentication (ODA). The user must correctly enter a PIN and a one-time tokencode that is sent to a preconfigured mobile phone number or e-mail account.

Security questions. The user must correctly answer one or more pre-enrolled security questions.

If you enable both security questions and ODA, the user can choose to configure one or both methods. With both methods configured, the user can choose a method when prompted to confirm identity.





We want your feedback! Tell us what you think of this page.