OneSpan Developer: Triggering Risk Analytics Non-Monetary Events

Hakim Aldaoub,

There is a separate hierarchy to handle non-monetary events in Risk Analytics. This hierarchy follows the same dynamics of a financial transaction, that we explored in a previous blog. Today, we will demonstrate how to add a new division in Risk Analytics, which will encompass a new payment card’s activation rules. As an example, we will show how a RESTful call of a new card’s activation attempt is handled.

Before We Begin

Prior to this tutorial, you must be a OneSpan Community member and sign up for a free Intelligent Adaptive Authentication sandbox account. Here are step-by-step instructions on how to do so.

You must also have the sample Orchestration SDK app activated on a trusted mobile device as explained here. This will allow you to perform the authentication method prompted by Risk Analytics.

Risk Analytics in the OneSpan Community

To access Risk Analytics, you must log in to your OneSpan Community Account and navigate to “Risk Analytics” tab, which is listed under the “Sandbox” tab as shown below.


If it’s your first time accessing the Risk Analytics presentation service, you should use the initial administrator password for digital or corporate banking provided in the same page and as shown in the screenshot below. In your first login, you will be prompted to provide a new password. Also, your user name will be provided in the “Your Sandbox Details” section.


Follow the provided link to Risk Analytics Presentation Service, and then enter your credentials to sign-in.

Create a New Division

In this step, we will create a division to contain the events to the card. After logging into Risk Analytics Presentation Service, navigate to “DESIGN RULES & ACTIONS” in the menu bar at the top then click on “Rule Management”. 

From the “Rules” section in the navigation pane on the left, expand “Non Mon Events” then click on “Adaptive Authentication " campaign. 
Inside the campaign page, there is an option to add a new division with the green plus sign which’s shown below. 


Name the new division “CardEventsDivision”, set its priority to High as shown below, and then save the division. 


Finally, from inside that new division, click on the orange icon to toggle the division. This will activate the division.

Configure a New Rule in the Division

Now it is the time to create a new rule to handle the attempt of activating a new card by the end-user. To do so, navigate to the newly created division from the left panel under the Adaptive Authentication campaign. Then create the new rule using the green plus icon in the same way we previously added the division.


Name the new rule “CardActivationAttempt”, and then set its priority as desired. Now we come to the most important part where we set the criteria which will be triggered by the event. Beside the caption “Criteria” in the left bottom, click the add “Add” button. Then from the dropdown menu, select “IS”, “NON_MON_EVENT_TYPE_KEY”, “=”, and “CardActivateAttempt” respectively.


For steps 2 to 5 in creating History criteria, Match Criteria, Match Key, and Create Action are advanced Risk Analytics options to refine the criteria and customize the rule further. They are not required in this specific scenario. Select “No” then click “Save & Next” for each of these steps.
In step 6, “Create Response/Status”, set the Response value to “ChallengeFingerprint” from the dropdown list. Click “Save Response / Status”. This will acquire a Fingerprint authentication from the trusted device every time the user attempt to activate a card. Configure the response as shown in the image below.


Click “Save” to confirm the creation of the new rule, and then toggle it to active using the orange icon.
Note: The event type triggered in Risk Analytics will be matched to the eventType filed coming in the JSON request payload of the events/validate endpoint. 

Try It Out

Send a card activation’s event using the events/validate API to test the new rule. You could use the JSON payload below to make the RESTful call, or navigate to the OneSpan IAA Sandbox Interactive API.

For a complete reference of the events validation endpoint, read this blog.


  "eventType": "CardActivateAttempt",

  "relationshipRef": "iaa_enduser",

  "sessionID": "4ed23ea44f23",

  "cddc": {

    "browserCDDC": {

      "fingerprintRaw": "{browser:{\"userAgent\":Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36},support:{\"ajax\":true,\"boxModel\":undefined,\"changeBubbles\":undefined,\"checkClone\":true,\"checkOn\":true,\"cors\":true,\"cssFloat\":undefined,\"hrefNormalized\":undefined,\"htmlSerialize\":undefined,\"leadingWhitespace\":undefined,\"noCloneChecked\":true,\"noCloneEvent\":undefined,\"opacity\":undefined,\"optDisabled\":undefined,\"style\":undefined,\"submitBubbles\":undefined,\"tbody\":undefined},computer:{\"screenWidth\":2560,\"screenHeight\":1440,\"OS\":\"Microsoft Windows\",\"platform\":\"Win32\"},additional:{}}",

      "fingerprintHash": "e96dadc9651f5fe8f071110eb174fe8e7a17a9d7a96b3b1980c13e5b4af3a4d7"



  "clientIP": ""

  “orchestrationDelivery”: [ "pushNotification” ],

  "timeout": 60


Authentication Through the Trusted Device

Since the delivery method of the authentication was a push notification through an orchestration command, the end-user will receive the notification on their trusted device. Once the end-user accepts the notification of the event, they will be prompted by the Orchestration SDK on the trusted device to provide their fingerprint as an authentication method.

Finally, you could check the latest events from Risk Analytics to see which events were triggered and which rules were matched. This could be displayed from “SUPERVISE &INVESTIGATE” then “Latest Events” in the menu bar of the Risk Analytics presentation service. As you could see in the screenshot below, CardActivationAttempt rule has been matched. 


Now Risk Analytics is ready to handle a card activation attempt. We have reached the end of our blog. With the steps above completed, you will receive a fingerprint prompt to authenticate on your trusted device after sending the RESTful request. If you have any questions regarding the content, feel free to reach us on the OneSpan Community Portal Forums.

OneSpan Developer: Intelligent Adaptive Authentication – Authenticator Assignment Endpoint

OneSpan Developer Community

Join the OneSpan Developer Community! Forums, blogs, documentation, SDK downloads, and more.

Join Today