Skip to main content
Skip table of contents

Environment Risk Policy

An environment risk policy is a set of rules that computes the first risk score based on the user’s device (IP address, user-agent, last use date, etc).

The system checks this policy before the:

Each tenant must have one and only one environment risk policy. This policy includes one or more rules that increase or reduce the risk score. The system always applies every rule.

When you write these rules, consider the following groovy context variables:

image-20250721-091626.png

Configuration

🎯 To access the Environment Risk Policy page, click:

  • Access Risk -> Environment Risk Policy

  • System -> Configurations -> Access Risk Service and import or export a file.

Property Name

Type

Mandatory

Description

riskRules

List <RiskRule>

MANDATORY

The definition of the risk rules to apply.

Define the criteria of each rule inside a riskRule property.

Default value: An empty list

riskRule

Property Name

Type

Mandatory

Description

name

String

MANDATORY

The name of the rule.

The system returns this value in the RBA output if the rule matched.

enabled

Boolean

OPTIONAL

  • true: Enable the rule

  • false: Disable the rule

Default value: true

riskCorrection

Int

MANDATORY

The risk correction to apply if matchingCondition matches.

Enter a:

  • Positive value to increase the risk.

  • Negative value to decrease the risk.

Default value: 0.

matchingCondition

RuleDefinition

MANDATORY

Enter a ConditionRule in groovy script to determine whether this rule matches or not.

If there is no conditionRule the policy always matches.

To know more, see RBA Rule definition.

Example

XML 
<kit:DataSet xmlns:kit="http://www.memority.com/toolkit/1_0" xmlns:riskrba="http://www.memority.com/risk/rba/1_0" xmlns:rule="http://www.memority.com/toolkit/rule/1_0" xmlns:search="http://www.memority.com/toolkit/search-expression/1_0" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" tenant="memority" env="embedded,test,no-dev">
   <riskrba:EnvironmentRiskPolicy>
      <riskRules>
         <riskRule>
            <enabled>true</enabled>
            <matchingCondition>
               <script><![CDATA[
                 // Device not used since 30 days
DYN.device.lastAuthenticationInterval >= 30]]></script>
            </matchingCondition>
            <name>ENV-RR-DEV-1</name>
            <riskCorrection>10</riskCorrection>
         </riskRule>
         <riskRule>
            <enabled>true</enabled>
            <matchingCondition>
               <script><![CDATA[
                 // Device not used since 90 days
DYN.device.lastAuthenticationInterval >= 90]]></script>
            </matchingCondition>
            <name>ENV-RR-DEV-2</name>
            <riskCorrection>15</riskCorrection>
         </riskRule>
      </riskRules>
   </riskrba:EnvironmentRiskPolicy>
</kit:DataSet>

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close