If a fraudulent request is detected, the system creates a rule and notifies nevisProxy.
The communication mode specifies how to propagate the created rule to nevisProxy:
- In case of a synchronous communication mode, nevisProxy is notified before the fraudulent request is passed on to the application in the backend. The request will be blocked.
- In the asynchronous communication mode, the fraudulent request is passed on to the application in the backend. Not this request, but the (over)next request of the same user will be blocked by nevisProxy.
The two figures below show the different kinds of processing a fraudulent request.
Beside the synchronous and asynchronous communication mode, a third variant called Batch exists. This variant is similar to the asynchronous communication with the main difference that a configurable amount of request data will be collected and processed together.
From a security point of view, the synchronous communication mode is to be preferred. The drawback is the decreasing performance of the overall system. To find a good trade-off between security and performance, it is possible to configure the communication mode per request. By doing so, more sensitive requests are processed synchronously, whereas the other requests are processed asynchronously.