search cancel

Steps to add an UnTrusted IP address to Trusted list in Risk Authentication

book

Article ID: 241632

calendar_today

Updated On:

Products

CA Risk Authentication

Issue/Introduction

172.x.x.x is determined to be an UnTrusted IP and business-side officers cannot log in. Does this mean that this IP address is included in the UnTrusted IP list? To resolve this, should I put 172.x.x.x on the Trusted IP list and give it a higher priority than the UnTrusted IP list?

Cause

The IP address is listed under UntrustedIP rule.

Environment

Release : 9.1

Component : Risk Authentication

Resolution

Risk Authentication a.k.a RiskFort uses Neustar Quova data to provide IP intelligence in the product. It has all the public IP's listed and conducts tests to identify if any fraudulent transactions had happened in the past from that and categories them, you can read more about those categories here.

Out of the box these categories are enabled in the product.

If the IP address belongs to any one of the above categories then UntrustedIP rule will trigger and that is set to DENY OOTB so the transaction will be denied, It can be set to INCREASEAUTH as well if needed. If there is a need to allow the transaction coming from that IP address, that particular IP can be added to the TrustedIP list, once the IP is added to Trusted List, Migrate to Production and server cache refresh should be performed. TrustedIP rule should be higher in order than the UntrustedIP rule to make it work.

Below API can be used to add an IP to trusted or Untrusted IP list. It can also be done from the Admin console.

Adding an IP to Trusted or Untrusted IP list

 

Additional Information

Risk Authentication Rule basics

Attachments