Overview

Architecture

OIP Risk Management SDK is a smart risk-assessment platform in the Cloud that allows banks to assess every online banking session in real-time to protect user accounts from being misused. Part of the OIP Risk Management solution is the OIP Risk Management SDK, which collects various device attributes(signals) such as OS name and version, IP addresses, device ID, time zones, languages, jailbreak/root detection and behavioral biometric data. The OIP Risk Management SDK sends the data collected on the device to the OIP Risk Management backend server for risk calculation. The Mobile SDK provides the visitID received from the OIP Risk Management backend, this visitID is then used to reference the collected signals.

The following figure illustrates the flow of how the signals are collected on the device, send to the OIP Risk Management backend and referenced by the Bank application backend.

Where:

1. The application requests the visitID from OIP Risk Management SDK (also referred to as "the SDK")
2. (Optional) Proprietary signal collection will send information to proprietary signal’s own back end.
3. (Optional) Gets response (for example, a proprietary ID) from proprietary signal’s own backend.
4. SDK then sends the signals to the OIP Risk Management backend.
5. OIP Risk Management backend server returns a visitID to the SDK.
6. The SDK returns the visitID to the application.
7. The application now requests the application backend for the next step decision based on the visitID.
8. The application backend server then enquires the risk score from the OIP Risk Management backend server against the same visitID.
9. (Optional) OIP Risk Management backend server requests the proprietary risk score from proprietary signal’s own backend with known information such as a proprietary ID.
10. (Optional) OIP Risk Management backend server gets the information for risk calculation from proprietary signals own back end and generates a cumulative risk score.
11. OIP Risk Management backend server returns the Decision based on the cumulative risk score to the Application backend server.
12. Finally, the application backend server returns the next step, Decision to the Application, which can now be used for further authentication.

Note

• Steps 2 and 3 are applicable only for ThreatMetrix signal groups.
• Steps 9 and 10 are applicable only for ThreatMetrix, BehavioSec signal groups.

Refer to Signal Groups and corresponding Signals for details on proprietary signals used for the risk calculation.

The following figure depicts the sequence of operations among the host application, OIP Risk Management SDK, OIP Risk Management backend server and proprietary backend servers.

The following figure depicts the component diagram of OIP Risk Management and its ecosystem.

OIP Risk Management SDK flow

The following figure depicts the OIP Risk Management SDK flow with the user, application and the backend server.

Where:

1. The user launches the mobile application.
2. The signals to be collected are configured during SDK initialization.
3. Starts the prefetching of signals. The signal collection is done in the background.
4. Requesting of the prefetch status by the application.
5. Receiving of the prefetch status from the SDK.
6. User starts the operation in the mobile application (login/fund transfer).
7. Application requests visit ID from the SDK.
8. SDK sends signals to the IdCloud Fraud prevention backend.
9. SDK retrieves the visit ID from OIP Risk Management backend.
10. SDK provides visit ID to the application.