With Intelligent Adaptive Authentication you can integrate user registration, authenticator activation, and flows with remote authentication performed by a trusted device. Such a trusted device is a mobile application with an integration of the OneSpan Mobile Security Suite Orchestration SDK.
Preparation: integration of Intelligent Adaptive Authentication with OneSpan Mobile Security Suite Orchestration SDK
To prepare the integration of Intelligent Adaptive Authentication into your solution, proceed with the following steps:
Download the WebApp Sample Code from your developer sandbox on the OneSpan Community Portal.
Read the Integration Guide under Orchestration SDK.
Download the relevant Orchestration SDK binary for Android and iOS, including the mobile application sample, from the OneSpan Community Portal.
Read the Risk Analytics Client Device Data Collector SDK Integration Guide and download the CDDC Integration Sample Code.
Integration Steps
To integrate Intelligent Adaptive Authentication step-by-step
Integrate the OneSpan CDDC JavaScript into the login page of your web application.
Implement the Intelligent Adaptive Authentication user registration in your web application to start the authenticator provisioning handled by the Orchestration SDK.
Register your application for notification in the OneSpan Community Portal and integrate the Orchestration SDK in your mobile application.
Implement Intelligent Adaptive Authentication login and transaction in your web application to support intelligent adaptive authentication.
When implementing Intelligent Adaptive Authentication, ensure to select the correct endpoints and request body values from the OneSpan Trusted Identity platform API:
For login operations with Intelligent Adaptive Authentication, select AdaptiveLoginInput as the object type from the drop-down list of the POST /users/{userID@domain}/login endpoint.
For transaction operations, select AdaptiveTransactionValidationInput as the object type from the drop-down list of the POST /users/{userID@domain}/transactions/validate endpoint.
Change the Rules of the Risk Management Component
When you have set up your sandbox environment and integrated all necessary components, you can log on to the Risk Management component and browse to the default rules provided for Intelligent Adaptive Authentication.
By defining rules and rule criteria in the Risk Management component you centrally define criteria to analyze risks and set the appropriate action you want to perform (reject a login, challenge the user with biometric authentication etc.). To access the Adaptive Authentication rules, in the Risk Management component navigate to DESIGN RULES & ACTIONS > Rule Management > Rules and configure the rules as required.
For a detailed description of rules in the Risk Management component and how to change them, refer to the Risk Analytics Presentation Service Administrator Guide.