These predictors can be:

  • Customized instances of the basic predictor types
  • Custom predictors that use risk data from external sources

When you create a new predictor, it will be included by default in any risk policies that you subsequently create.

When creating predictors, consider the following points regarding the relationship between the Predictors page and the Risk Policies page:

  • When you create a new environment, it includes a default risk policy.
  • When you first go to the Predictors page, you see the predictors that are included in the default risk policy.
  • When you customize predictors, you see the change immediately in any risk policies that use the predictors that you modified.
  • When you create new predictors, you can use them when you update existing risk policies or when you create new risk policies.

Most of the predictor types allow you to define a Fallback Predictor Decision Value. This is the risk level that should be assigned to the predictor if there is insufficient information to calculate the risk level. This can occur for a number of reasons, such as:

  • The predictor is still in the training period.
  • The basic information required cannot be obtained, for example, the location of the user.
Note: As the adoption of IPv6 expands, additional data on IPv6 addresses is being gathered. For risk predictors where data for IPv6 addresses is missing, the fallback risk level is used. This is relevant for the following predictors: anonymous network, geovelocity, IP reputation, and user location anomaly.