- 28 Oct 2024
- 2 Minutes à lire
- SombreLumière
Use Case Scenario: Approve a Medication Refill Request (Optional)
- Mis à jour le 28 Oct 2024
- 2 Minutes à lire
- SombreLumière
Involved solutions:
Intelligent Adaptive Authentication
Mobile Security Suite
This use case occurs when a logged-in user wants to request a refill of their medication via the MyHealth Demo website.
About this scenario
This scenario simulates a request by a logged-in user for a medication refill. The selected medication and the refill quantity determine the risk level of the transaction. When approving the request on their mobile device, the user needs to authenticate with the method associated with the risk, i.e. with the PIN or with the fingerprint.
Because by default, the sandbox environments do not have rules configured for this scenario, you need to create them before you can complete the workflow.
Before you begin
Before you can go through this scenario, you need to create the following rules in Risk Analytics Presentation Service:
Rule 1: Non-DEA Required Strong Auth
Rule 2: High Quantity Prescription Refill
Rule 3: Low Quantity Prescription Refill
To create the rules for this scenario
Log in to the Risk Analytics Presentation Service, via https://sdb.tid.onespan.cloud/irm.
Select DESIGN RULES & ACTIONS > Rule Management.
Navigate to the non-monetary events in the Rules list, i.e. Non Mon Events, and locate the Adaptive Authentication campaign.
Click the Create Division icon to add a new division to the Adaptive Authentication campaign.
Complete the new division form and click Save.
Name: Healthportal Prescription Approval
Criteria: "IS" "APPLICATION_REF" "=" "HealthPortal"
Creating a new division
Select the new division and click Create Rule to add a new rule to the division.
Complete the new rule form and click Save & Next. Use the following rule settings:
Rule 1:
Name: Non-DEA Required Strong Auth
Criteria: "IS" "BENEFICIARY_NAME" "=" "Amoxicillin250mg"
No history criteria.
No match criteria.
Leave the default settings on the Create Action tab.
Response/Status tab: "RESPONSE_CODE set to Accept at Non-Mon Event Level."
Creating a new rule
Save the new rule.
Repeat steps 6 to 8 for Rule 2 and Rule 3. Use the following rule settings:
Rule 2:
Name: High Quantity Prescription Refill
Criteria: "IS" "CUSTOM_NUMBER_1" ">=" "3"
AND "IS" "NON_MON_EVENT_TYPE_KEY" "=" "NewBillBeneficiaryAttempt"
No history criteria.
No match criteria.
Leave the default settings on the Create Action tab.
Response/Status tab: "RESPONSE_CODE set to ChallengeFingerprint at Non-Mon Event Level."
Rule 3:
Name: Low Quantity Prescription Refill
Criteria: "IS" "CUSTOM_NUMBER_1" "<=" "1" AND
"IS" "NON_MON_EVENT_TYPE_KEY" "=" "NewBillBeneficiaryAttempt"
No history criteria.
No match criteria.
Leave the default settings on the Create Action tab.
Response/Status tab: "RESPONSE_CODE set to ChallengePin at Non-Mon Event Level."
Select the new division and click Toggle Division to enable it.
For each new rule, click Toggle Rule to enable it.
Walkthrough: Approve a medication refill request
Approve a medication refill request
On the MyHealth Demo website, switch to the Refill Medications tab.
Enter the quantity and select a medication from the list.
Enter a reason for the refill.
Enter the refill date.
Click Request Refill.
Approve the request in the OneSpan TID IAA Mobile Demo App on your mobile device.
For the approval, you may need to provide your PIN or authenticate with your fingerprint. The required authentication method is determined by the rules that you have defined in Risk Analytics Presentation Service.