Troubleshooting PingOne Protect

The following tips can help you solve problems that you have encountered when working with PingOne Protect.

I don’t see the Bot Detection and Suspicious Device predictors

The Bot Detection and Suspicious Device predictors were added as part of the expansion to PingOne Protect. While you can still use the basic risk functionality with your existing PingOne Risk license, to use the new predictors, you must upgrade to a PingOne Protect license.

When creating a new environment, I don’t see the option to add the PingOne Risk service

If you have a PingOne Protect license, the service to add is now called PingOne Protect.

Predictor doesn’t return a risk level value. Reason given is `Not enough information to assess risk score`

This might occur for a number of reasons:

The predictor hasn’t finished the required training period.
Predictors learn only from successful transactions. Make sure that all your flows include updating the risk evaluation after the transaction has been completed. For the integration with PingFederate, this is handled automatically.
The predictor is dependent upon input from the Signals (Protect) SDK, but the output from the SDK is missing. To resolve this issue, see the next section.

Risk evaluations that use predictors dependent upon input from the Signals (Protect) SDK don’t seem to contain the output from the SDK

This occurs when the Signals SDK isn’t successfully loaded and run during the transaction.

The simplest way to check that the output from the SDK was received is to look at the API response for the evaluation and verify that it contains a value for details.device.id. You can also view the returned object in the entry for the event in the audit log in the PingOne admin console by going to Monitoring > Audit.

To help pinpoint the problem, use your browser’s Developer tools while a transaction is carried out to confirm that the SDK was initialized and that the payload was generated. The Console tab of the Developer tools shows the relevant events or any errors that occur.

If you don’t see the relevant events, take a look at the Network tab of the Developer tools to see why these scripts failed to load:

pingone-risk-profiling-signals-sdk.js
pingone-risk-management-embedded.js
signals-sdk.js

The failure of the scripts to load can be because of browser plugins, network access rules, or company policies.

After the underlying issue has been addressed, try the risk evaluations again and use the Console tab to confirm that the SDK was successfully loaded and initialized.

Interactions with embedded browsers show degraded or inconsistent PingOne Protect behavior

Some older embedded browsers use legacy rendering engines with limited support for modern JavaScript and web standards, such as Internet Explorer or Microsoft Edge in Internet Explorer compatibility mode. Microsoft has deprecated embedded browsers and no longer supports them.

The Signals SDK relies on modern JavaScript interactions to interrogate the browser and collect risk data. As a result, PingOne Protect interactions that use these legacy embedded browsers might show degraded or inconsistent behavior.

To address this issue:

Upgrade applications that rely on legacy embedded browsers to a newer version. Older applications might rely on Internet Explorer (IE) or IE compatibility mode, while newer applications use Microsoft Edge (Windows) and WebKit (macOS).
If upgrading your applications isn’t immediately possible, downgrade to an older Signals SDK version compatible with your deployment. For example, older versions of the Signals SDK, such as version 5.2.7, don’t rely on newer JavaScript and browser APIs required by later versions.
Configure your integration to bypass the Signals SDK only for embedded-browser interactions and continue using the SDK for all other interactions. However, this degrades the overall performance of PingOne Protect.

For example, configure a separate path in your DaVinci flow, PingOne Advanced Identity Cloud journeys, or authentication policies for:
- Embedded browser interactions, excluding the SDK
- All other applications, including the SDK

I’m having trouble with my PingOne DaVinci flow that includes risk evaluation

You can find general tips on debugging DaVinci flows in Debugging and Analytics.
If you have included the skrisk component in your flow, make sure that you have followed the instructions in PingOne Protect Connector.

I’m having trouble with risk evaluations after installing and configuring the PingOne Protect Integration Kit (or PingOne Risk Integration Kit)

Learn more about troubleshooting issues involving the PingOne Protect Integration Kit in the troubleshooting section for the integration kit.
Learn more about troubleshooting issues involving the PingOne Risk Integration Kit in the troubleshooting section for the integration kit.

Fallback value isn’t being assigned correctly to one of my predictors

Verify that you didn’t select Medium as the fallback value for a predictor that is Boolean in nature, such as Geovelocity predictors. For such Boolean predictors, you must set the fallback value to None, Low, or High.

PingOne