PingAccess

iovation Device Risk Integration

The iovation Device Risk integration lets you supply data to iovation and allow or deny access based on an iovation result.

The iovation Device Risk integration must be installed on each node in the deployment. Once installed, it creates two new rules, which you can use to perform Device Risk checking and grant or deny access based on Device Risk’s results.

The first rule, the iovation Device Risk Device Profiling rule, lets you gather data about the end user’s system. This rule must be invoked before a request that uses the iovation Device Risk Authorization rule. It cannot be used for POST requests, and only functions on requests from a top-level browsing context.

The second rule, the iovation Device Risk Authorization rule, lets you allow or deny access based on Device Risk’s evaluation of the user’s system. This rule must be invoked after the iovation Device Risk Device Profiling rule, within the time period defined by the Blackbox time to live (sec.) field.

Both rules require authentication, so they can only be used on protected applications and resources. The rules are only applicable to Web applications.

Enable logging for iovation events by updating the <PA_HOME>/conf/log4j2.xml file.

You can improve the accessibility of iovation, even to users that block third-party content, by configuring a reverse proxy for communicating with iovation.

The following topics are discussed in this guide: