Policy Decisions

As an output of any identity verification event, the AXN produces a list of Assertions, which can be thought of as test results. There is a full list of assertions with descriptions at the Assertion dictionary.

An example of the assertions returned for a verification event can be found in the userAssertionList object below:

"userAssertionList": [
{
"provider": "Experian",
"serviceOffering": "Experian Precise ID",
"dateAsserted": "01/22/2018 19:10:01",
"assertions": {
"link.ssn_candidate": "fail",
"test.ssnIssueDateVerified": "pass",
"test.ssnNotDeceased": "pass",
"link.fullName_candidate": "fail",
"test.addressIsResidential": "pass",
"link.address_candidate": "fail"
            }
        }
    ]

It is up to the customer to determine how to use these test results. Typically, the assertions are fed into a policy engine to make a decision. This could be an off the shelf enterprise product (like Axiomatics, PingFederate, or Okta,) an open source alternative (like ForgeRock, CloudFoundry UAA, or Drools,) or even custom code.

Example Policy Decision

As an example, a customer may implement the following logic:

IF (link.ssn_candidate == TRUE && address_candidate == TRUE) { 
    return pass }
ELSE IF (link.fullName_candidate == TRUE && address_candidate == TRUE && test.ssnNotDeceased == TRUE) {
    return PASS }
Else {
    return FAIL }

📘

AXN Policy Engine

AXN has a fully managed policy engine available. This includes the ability to map conditions to PASS, FAIL, or STEP UP. For more information, please speak to your ID DataWeb account rep.