Skip to main content
Version: 1.0.x.x LTS

Risk score mapping for nevisAdapt

For a proper functioning of the nevisAdapt service, you need to specify the mapping of the risk scores. You do this in the riskscore-mapping.propertiesfile - the complete file path is /var/opt/nevisadapt/conf/riskscore-mapping.properties.

The table below lists all properties that you can set in the riskscore-mapping.properties file. These properties correspond with the results of the observations made by the modules in regard to a user's HTTP request. Such observations are, for example, whether the user device is known, private or shared, or whether the request comes from a suspicious or trusted country. By mapping a risk score to a property/result, you express the severity of the security risk represented by this result: The higher the risk score, the higher the risk.

The risk score calculation for a user request is based on the risk score mapping defined in the riskscore-mapping.properties file. Each user request results in three different risk scores: one for the Device Recognition module, one for the Fingerprint module, and one for the Geolocation module. The risk score per module is the sum of the risk scores of the module's analyzers. The maximum possible risk score for a module is "1.0" (as defined in nevisDetect).

For an sample calculation of a risk score, see Example - Calculating the risk score for the Fingerprint module.

Risk score definitions and default values

NevisAdaptDeviceRecognition

Analyzer: Device cookie

Property name: nevisadapt.riskscore.device.unknown

Default risk score: 0.5

The user never used this device or browser before.

NevisAdaptDeviceRecognition

Analyzer: Device cookie

Property name: nevisadapt.riskscore.device.known

Default risk score: 0.25

The user used this device or browser at least once before.

NevisAdaptDeviceRecognition

Analyzer: Device cookie

Property name: nevisadapt.riskscore.device.established

Default risk score: 0

The user used this device or browser several times before.

NevisAdaptDeviceRecognition

Analyzer: Device sharing

Property name: nevisadapt.riskscore.device.private

Default risk score: 0

The device or browser is only used by this user.

NevisAdaptDeviceRecognition

Analyzer: Device sharing

Property name: nevisadapt.riskscore.device.shared

Default risk score: 0.3

Several users share this device or browser.

NevisAdaptDeviceFingerprint

Analyzer: Fingerprint

Property name: nevisadapt.riskscore.fingerprint.unknown

Default risk score: 0.5

The user never used this device or browser before.

NevisAdaptDeviceFingerprint

Analyzer: Fingerprint

Property name: nevisadapt.riskscore.fingerprint.known

Default risk score: 0.25

The user used this device or browser at least once before.

NevisAdaptDeviceFingerprint

Analyzer: Fingerprint

Property name: nevisadapt.riskscore.fingerprint.established

Default risk score: 0

The user used this device or browser several times before.

NevisAdaptDeviceFingerprint

Analyzer: Fingerprint sharing

Property name: nevisadapt.riskscore.fingerprint.private

Default risk score: 0

The device or browser is only used by this user.

NevisAdaptDeviceFingerprint

Analyzer: Fingerprint sharing

Property name: nevisadapt.riskscore.fingerprint.shared

Default risk score: 0.3

Several users share this device or browser.

NevisAdaptGeolocation

Analyzer: Geolocation

Property name: nevisadapt.riskscore.country.unknown

Default risk score: 0.5

The request comes from an unknown country, that is, the user never made a request from this country before.

NevisAdaptGeolocation

Analyzer: Geolocation

Property name: nevisadapt.riskscore.country.known

Default risk score: 0.25

The request comes from a known country, that is, the user accessed the application at least once before from this country.

NevisAdaptGeolocation

Analyzer: Geolocation

Property name: nevisadapt.riskscore.country.established

Default risk score: 0

The request comes from an established country, that is, the user regurarly accesses the application from this country.

NevisAdaptGeolocation

Analyzer: Suspicious country

Property name: nevisadapt.riskscore.country.suspicious

Default risk score: 0.7

The request to access the application comes from a suspicious country.

NevisAdaptGeolocation

Analyzer: Suspicious country

Property name: nevisadapt.riskscore.country.trusted

Default risk score: 0

The request to access the application comes from a trusted/non-s uspicious country.