Login
    Contents x
    Use Case Scenario: Login with Step-Up Authentication
    • 28 Oct 2024
    • 1 Minute to read
    • Dark
      Light
    Contents

    Use Case Scenario: Login with Step-Up Authentication

    • Updated on 28 Oct 2024
    • 1 Minute to read
    • Dark
      Light
    Article summary

    Involved OneSpan solutions:

    • Intelligent Adaptive Authentication

    • Mobile Security Suite

    Workflow tree in Access Manager:

    About this scenario

    This scenario occurs after creating a new account on the MyBank page and simulates a login with a changed browser environment. Because in this case, Intelligent Adaptive Authentication considers this a high-risk action, additional user authentication is required for a successful login.

    Before you begin

    Before you can begin this scenario, you must have completed Use case scenario: Registration.

    Walkthrough: Login step-up authentication

    To log in with step-up authentication

    1. After the user registration process has completed, click Sign-out to leave your Account page and return to the MyBank page.

    2. Inspect the information panel on the MyBank page. The fingerprint value is default.

    3. Click the Settings icon in the main toolbar.

    4. In the TrustedIDentity tab, type a different PC fingerprint value. You can also click the Generate button to create a random fingerprint value.

    5. Click Save to apply the change and close the Settings dialog.

    6. Inspect the information panel on the OneSpan for ForgeRock Demo website. The fingerprint value has now changed to the specified value.

    7. On the MyBank page, click Login.

      Intelligent Adaptive Authentication assesses the risk of this action. Because the browser fingerprint has changed, step-up authentication is required and the Login dialog is displayed.

    8. Type your user name and click Submit.

    9. On your mobile device, tap Yes to confirm that you want to authenticate.

    10. If required, type your PIN to complete the login process.

    To view the tree in Access Manager

    1. From the ForgeRock Landing Service, open the Access Manager.

    2. If required, log in with the credentials that are displayed when hovering over the Access Manager link on the ForgeRock Landing Service.

    3. Click Top Level Realm.

    4. Select Authentication > Trees from the sidebar menu.

    5. Click OneSpanUserLoginTree and view the individual nodes of the workflow.

    You can also modify the workflow by adding and connecting tree nodes as needed.

    For a list of available OneSpan trees and nodes, see Overview of OneSpan authentication trees and nodes.

    Additional considerations

    • The PIN defined for the OneSpan TID IAA Mobile Demo App is known by the device only and not shared with the server.

    Next steps

    After completing this scenario, you can continue with Use case scenario: Event validation.

    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, our interactive help assistant