Conditions

Using Risk Score

A risk score is generated for a user based on multiple parameters determined by Cloudflare. Its a dynamic security measure designed to facilitate risk-based authentication. This risk score can be used as a context key in conditional flows prefixed with riskInfo to query against. Based on the risk tolerance, one can control the flow to prompt users to complete an additional step of Multi-Factor Authentication (MFA) . Users can also integrate this score in third-party fraud related connectors like Google's reCAPTCHA, TeleSign and others.

How is it calculated?

Descope calculates the risk score using a mixture of signals. These indicators come from various online security and threat intelligence signals accessible to the flow during runtime. The result is a numerical value representing the risk score associated with a user's behavior or activity. The risk score ranges from 0 to 1, where values closer to 0 indicate a lower level of risk, and values nearer to 1 suggest a higher level of risk.

Example in a flow

Risk score example in condition in a flow

Risk score flow

This flow example routes the users to MFA only when the risk score of the user corresponds to 0.5-1 range.

Was this helpful?

Previous

IP Address Check

Next

Checking for Disposable Email Type

On this page

Using Risk ScoreHow is it calculated?Example in a flow