Orchestration SDKs

Evaluating risk with PingOne Protect

PingOne Advanced Identity Cloud PingAM Android iOS JavaScript

You can integrate PingOne Protect into your apps to evaluate the risk involved in a transaction.

PingOne Protect is supported in the following servers:

Advanced Identity Cloud

Use the official PingOne Protect nodes

PingAM 7.5 and later

Use the official PingOne Protect nodes

PingAM 7.2 - 7.4

Use the marketplace PingOne Protect nodes
How PingOne Protect WorksA flowchart illustrating how risk predictors evaluate many different data points to determine whether to allow a user access or prompt mitigation. The flow chart also shows that there are many allow options, including “Remember me” selection, Updated terms of service prompt, and Send email correspondence, as well as many mitigate options, including, display QR Code, prompt password reset, Identity Verification, in addition to just MFA.UserTransactionEvaluateRisk PredictorsAllowMitigateBotDetectionIP VelocityUser VelocityGeovelocity AnomalyUser Location VelocityIP ReputationAnonymous NetworkUser Risk BehaviorUser-based Risk ModelNew DeviceSuspicious DeviceCustom /Third PartyAccess Granted"Trust Device" Selection"Remember Me" SelectionUpdated Terms of Service PromptUpdated Privacy Policy PomptSend Email CorrespondenceQR CodeSend Email - Magic LinkPassword ResetUser EducationBiometric PromptSend to Customer SupportDeny UserIdentity VerificationMFAKill SessionHow PingOne Protect Works
Figure 1. A flowchart illustrating how risk predictors evaluate many different data points.

Your app can gather information during a transaction, return this information to PingOne Protect, and request a risk evaluation.

Based on the response from PingOne Protect, you can choose whether to allow or deny the transaction or perform additional mitigation, such as bot detection measures.

You can use the audit functionality in PingOne to view the risk evaluations:

Risk evaluation records in the PingOne audit viewer.
Figure 2. Risk evaluation records in the PingOne audit viewer.

Configuring Advanced Identity Cloud and PingAM for PingOne Protect

You must set up your PingOne Advanced Identity Cloud or PingAM server, and your PingOne instance to perform risk evaluations.

For example, you create a worker application in PingOne and configure your server to access it. You also create an authentication journey that uses the relevant nodes.

Integrate client apps with PingOne Protect auth journeys

Select your platform to discover how to configure your client application to perform PingOne Protect risk evaluations when you are using Advanced Identity Cloud or PingAM auth journeys:

Android

Integrate Android apps with PingOne Protect auth journeys
iOS

Integrate iOS apps with PingOne Protect auth journeys
JavaScript

Integrate JavaScript apps with PingOne Protect auth journeys