Risk Engine Considerations for Risk-Based Authentication
The risk-based authentication (RBA) risk engine creates a profile for each user based on the client device and user behavior. Before you deploy RBA, consider these factors regarding the RBA risk engine:
The RBA risk engine requires a learning period during which it acquires the data needed to build profiles on users and their devices, and general user population behavior. During this learning period, users may be challenged more frequently for risk until the profiles are built to establish baseline assurance levels. For user convenience, you can configure the silent collection option to avoid risk-based challenges while the data for baseline assurance levels is acquired. See Silent Collection.
The RBA risk engine employs soft matching techniques based on statistical probability. If the risk engine has insufficient data to match a device, it can use forensic tools to assess the match probability and adjust the assurance level accordingly.
The RBA risk engine is self-tuning and learns to ignore parameter values that most authentications in your deployment have in common. Self-tuning improves security and reduces overall user challenge rates.
Related Articles
Add a Risk-Based Authentication Policy Number of Views Deployment Considerations for Risk-Based Authentication Number of Views Implementing Risk-Based Authentication Number of Views 'UT000047: The number of parameters exceeded the maximum of 1000' error when adding User Attributes in RSA Identity Govern… Number of Views Risk-Based Authentication from Cisco ASA 9.3.1 redirects to wrong URL for RSA Authentication Manager 8.1 Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x
