The basic workflow of Control starts with collecting data from the device. When end users log in with valid credentials, you make a POST to the Kount Login API to get a response of Accept, Block, or Challenge.
Depending on the response and based on your policies, you may either allow access, deny access, or challenge your end user using your existing step-up authentication.
After your end user’s login credentials have been posted to your authentication service, there are two paths:
- Valid Credentials — If your end user presented valid credentials, you POST to the Kount Login Decision API prior to granting access. The response to this API call is Allow, Block, or Challenge.
- Invalid Credentials — If your end user fails authentication, you decline access and POST to the failed-attempt API. This API increases velocities and informs the Kount ML and AI models for future login attempts.
If the login decision results in a Challenge, send the outcome of the login challenge to Kount to better update our AI models and to update information for use within the portal.