Using Rules

Rules enable you to implement business decisions by defining the parameters by which customers can access your systems and data. Each rule can contain one or more signals (or expressions) to determine whether the data associated with an account is valid or potentially risky. You can create any number of rules to implement the security requirements of your business, while providing a simple registration experience for your safest customers.

Rules Page

Rules Page

For example, you may want customers to sign up for your company’s new service. Registration may require a username, email address, and phone number. To be safe, you want to make sure each email address is valid, not found in any known breaches, and not from countries your company has restricted. You could create two types of rules to perform these safety checks.

Valid Email Rule - Create a rule and add the following signals for to check the validity of each incoming email address:
Is this email a known malicious account?
Is this email disposable?
Is this email present in any current breaches?

If any of these are true for an incoming email, you can set the outcome of the rule to deny access, or you could have the outcome trigger additional security checks in your registration flow.

Country Access Rule - Create a rule and add the following signals to determine if the IP address is associated with an account coming from a country with which your company does not do business: == 'RU'
Is the IP address is coming from Russia? == 'CN'
Is the IP address is coming from China?

If it is determined that an account is coming from a restricted country, you can set the outcome of the rule to deny access and prompt for a customer-friendly message about service area restrictions.

Rules can be created, imported, and exported in the Verosint interface or through the Rules API. Rules defined in the Verosint interface can be exported and evaluated with the verosint tool. Imported and exported rules are in JSON format.


Rules and Auth0

All properties from the Auth0 event object (Actions Triggers: post-login - Event Object ) are available to reference from rulesunder parameters.<Auth0 property name>. You can set a rule outcome to ALLOW and have Auth0 prompt Login Success. You can also set an outcome to ALLOW_WITH_MFA to prompt Auth0 to require MFA. Set an outcome to DENY to reject a login attempt.