search cancel

About UNKNOWNDEVICEID rule in Risk Authentication/RiskFort


Article ID: 238904


Updated On:


CA Risk Authentication


A user is asking me why I have an UNKNOWNDEVICEID when I have not changed the device.

Can we assume that UNKNOWNDEVICEID is a state in which the device ID created by RiskMinder and written to the user's device has been deleted or rewritten?

Since the device ID is written to the cookie store, does it become an UNKNOWNDEVICEID if the user uses a different browser than the previous access?

What are other cases of UNKNOWNDEVICEID?


Release : 9.1

Component : CA Risk Authentication


UNKNOWNDEVICEID rule triggers because of the following reasons.

1. If the user changes his/her Browser, A new DeviceID will be generated. The DeviceID is per browser level and not cross browser.
2. If the user uses InPrivate or Incognito Browser, in this case the DeviceID can not be read from the browser and a new one will be generated.
3. If the user Deletes the browser cache and cookies, in this case the DeviceID will be deleted from the browser and a new one will be generated and you will see UNKNOWNDEVICEID rule trigger.
4. If the user is trying for the first time from the browser then you will see this Rule trigger.

Please reach out to Support if you have any additional questions.