Device History for Risk-Based Authentication

For risk-based authentication (RBA), the system maintains a device history for each user. The device history is a list of user authentication devices from previous successful logons. Once added to the list, the device is considered to be registered. When the user tries to access an RBA-protected resource using a registered device, the authentication attempt is likely to have a higher assurance level.

User authentication devices are the physical devices from which the user requests access to an RBA-protected resource. They include computers and mobile devices, but do not include authenticators.

During silent collection, the system adds all authentication devices to the user's device history automatically. When silent collection expires or is disabled, the system saves all devices to the device history automatically, or prompts the user to choose to add the device to the device history, depending on the RBA policy settings.

To manage the device history, you can:

• View the number of devices in the user device history. For more information, see View Risk-Based Authentication Settings for a User.

• Delete the device history. Delete the device history when a user reports a device as lost or stolen, or accidentally registers a device that is a public or shared computer. For more information, see Delete the Device History for a User.

• Configure how the system responds when the user's device is not already saved in the device history. For more information, see Configure Device Registration for a Risk-Based Authentication Policy.

• Set the maximum number of registered devices preserved in each user’s device history. For more information, see Configure Device History Settings for a Risk-Based Authentication Policy.

• Set when a device expires. The system removes expired devices from the device history. For more information, see Configure Device History Settings for a Risk-Based Authentication Policy.