A bin range attack for example? Is it possible to flag any attempts from a particular IP address as fraud without going into each case individually? Thank you!!
A bin range attack for example? Is it possible to flag any attempts from a particular IP address as fraud without going into each case individually? Thank you!!
Thank you Ross! Is the case management API something that our Analytics people would have access to? I guess it depends on the kind of package that we bought... anyway, thanks again Ross!
The Case Management API is a technical "Web service" integration method. Its normal use is to integrate the RSA case and transaction information into a different case management system. For example, if you use an enterprise fraud platform, or enterprise case management system, you can use this API to allow you to work the cases in your existing system and not have to use the RSA web interface. This allows more "programming" like access to managing cases. You can easily ask for all cases for a specific IP address and then loop through those and mark them all as confirmed fraud. It's not really an end user (Fraud Analyst) interface.
On the other hand, if you are interested in this type of integration have a chat to your local sales people and they'll be able to help.
Regards,
Ross.
Last question Ross, I promise. Do you know if the brute force rule is defined by the end user? Or is it defined by RSA? I’m trying to determine what parameter needs to be met in order for a case to trigger. Ie. 10 logins from a single IP in 60 minutes? Thank you!
Sorry for the delay Marcel. The rules used are in full control of the customer. There is also the risk engine which plays a big part in this. This isn't something as simple as "10 logins for a single ip" it could be a single login from an IP if the circumstances are right. As I said, this is dependent on too many things to give you a simple answer.
If you need some help with this, the best situation is to contact your local sales people and work from their.
Regards,
Ross.
Hello Marcel,
Unfortunately this isn't possible via the case management web interface.
It could be done via the case management API, but that's outside of the standard web interfaces.
Regards,
Ross.