Signal Collection for a Multi Page Website

The risk assessment in OIP Risk Management is based on the analysis of signals provided by the end user’s devices (browsers, handsets). The first integration step is to provide those signals to the OIP Risk Management’s signal collector for each page including a risk assessment.

Include the line below your HTML page:

<script src="<%= signalCollectorUrl %>/api/v1/tenants/<%= tenantId %>/scripts"></script>

When the web page is loaded, the browser requests the signal collection scripts from the signal-collector of OIP Risk Management.

The downloaded script includes the definition of a property called visitId. This is assigned by the OIP Risk Management back-end for this connection. The visitId is unique and identifies the signals collected during this visit to the page. The visitId will be used later on, to make calls to the OIP Risk Management back-end.

Caution

The collected signals request takes a few milliseconds to reach the OIP Risk Management back-end and to be processed. As a result, a minimal delay of a few milliseconds should be respected before calling the OIP Risk Management back-end for a policy evaluation.

Visit identifier

In order to communicate with the OIP Risk Management back-end, you need to obtain a visitId value before using it in your code.
This value is embedded in the signal collection scripts returned by OIP Risk Management. It is stored in a property called revisitid (Risk Engine Visit Id).

If you are using an HTML form to submit your data, simply include a hidden field with id="revisitid" in your form:

<input style=”display:none;” type="text" id="revisitid" name="revisitid"/>

The visitId will be automatically populated in this field, and it will come along with the other parameters of the form in your back-end.

If you are using an Ajax call to authenticate, you can just use revisitid as a global variable in the page, and add it in your Ajax call as a new parameter.

Next

Click here to integrate with ThreatMetrix.