Silent Collection

Silent collection is an optional feature that facilitates the process of collecting profile and behavioral data for users without the need for user or administrator intervention.

When silent collection is enabled, the risk engine passively monitors user behavior for a defined period without actively challenging users based on risk. During this period, the risk engine automatically registers user devices and observes behavioral patterns. Once the risk engine has gathered enough information to have high assurance about a particular user, that user is prompted to provide any missing information. For example, the user may need to configure security questions or on-demand authentication.

You enable the silent collection period in the risk-based authentication (RBA) policy for all users in a security domain. Using silent collection helps the risk engine build a baseline profile for each user.

Silent collection affects your deployment in the following ways:

  • During silent collection, authentication is based only on the authentication method required by the agent. Users are never challenged for identity confirmation.

  • All devices are registered to the user’s RBA profile. This may include unwanted devices such as internet kiosks.