Use Case Scenario: Login with Step-Up Authentication
  • 28 Oct 2024
  • 1 Minute à lire
  • Sombre
    Lumière

Use Case Scenario: Login with Step-Up Authentication

  • Sombre
    Lumière

The content is currently unavailable in French. You are viewing the default English version.
Résumé de l’article

Involved OneSpan solutions:

  • Intelligent Adaptive Authentication

  • Mobile Security Suite

Workflow tree in Access Manager:

About this scenario

This scenario occurs after creating a new account on the MyBank page and simulates a login with a changed browser environment. Because in this case, Intelligent Adaptive Authentication considers this a high-risk action, additional user authentication is required for a successful login.

Before you begin

Before you can begin this scenario, you must have completed Use case scenario: Registration.

Walkthrough: Login step-up authentication

To log in with step-up authentication

  1. After the user registration process has completed, click Sign-out to leave your Account page and return to the MyBank page.

  2. Inspect the information panel on the MyBank page. The fingerprint value is default.

  3. Click the Settings icon in the main toolbar.

  4. In the TrustedIDentity tab, type a different PC fingerprint value. You can also click the Generate button to create a random fingerprint value.

  5. Click Save to apply the change and close the Settings dialog.

  6. Inspect the information panel on the OneSpan for ForgeRock Demo website. The fingerprint value has now changed to the specified value.

  7. On the MyBank page, click Login.

    Intelligent Adaptive Authentication assesses the risk of this action. Because the browser fingerprint has changed, step-up authentication is required and the Login dialog is displayed.

  8. Type your user name and click Submit.

  9. On your mobile device, tap Yes to confirm that you want to authenticate.

  10. If required, type your PIN to complete the login process.

To view the tree in Access Manager

  1. From the ForgeRock Landing Service, open the Access Manager.

  2. If required, log in with the credentials that are displayed when hovering over the Access Manager link on the ForgeRock Landing Service.

  3. Click Top Level Realm.

  4. Select Authentication > Trees from the sidebar menu.

  5. Click OneSpanUserLoginTree and view the individual nodes of the workflow.

You can also modify the workflow by adding and connecting tree nodes as needed.

For a list of available OneSpan trees and nodes, see Overview of OneSpan authentication trees and nodes.

Additional considerations

  • The PIN defined for the OneSpan TID IAA Mobile Demo App is known by the device only and not shared with the server.

Next steps

After completing this scenario, you can continue with Use case scenario: Event validation.


Cet article vous a-t-il été utile ?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle