Hi, i have the following use case for risk authentication:
i just need to check if the device used by the user is associated to the user
So i guess i can cover that requirement with the OOTB rule:
User Not Associated with DeviceID (USERDEVICENOTASSOCIATED)
and define a ruleset with only that rule enabled
Anyway, based on my understanding, the above rule relies on deviceID in order to query the ARRFUSERDEVICEASSO table and check if a device with given deviceID exists in that table for the user
That said i have a doubt: in case deviceID is not available i can still use reverse lookup feature to recover deviceID, but what sounds strange to me is that the reverse lookup relies on reverse lookup threshold that is configurable inside the rule
Device MFP Not Match
So my question is: in order to have reverse lookup enabled, MUST i also need to enable the
Device MFP Not Match rule?
In other word, with a ruleset with only User Not Associated with DeviceID (USERDEVICENOTASSOCIATED) enabled, Will the reverse lookup still works?
Best Regards