Assign a Risk-Based Authentication Message Policy to a Security Domain

The risk-based authentication (RBA) message policy defines the message that users see when they are prompted to configure an identity confirmation method.

RSA Authentication Manager provides a default RBA message policy. When you create a security domain, you can use the default policy, or you can add a custom RBA message policy and assign it to a security domain. The policy that you choose applies to all users in the security domain. For more information, see Add a Risk-Based Authentication Message Policy.


  1. In the Security Console, click Administration > Security Domains > Manage Existing.

  2. From the security domain tree, select the security domain that you want to edit.

  3. From the context menu, click Edit.

  4. Under Policies, in the Risk-Based Authentication (RBA) Policy field, use the drop-down menu to select a policy for the security domain.

  5. Click Save.