11 Device Registration

Device registration allows a user to flag the computer, PDA, mobile phone, or other devices he is logging in with as a safe device.

The device is added to the user's profile as a registered device.

Enabling Device Registration in Native Integration

In native integration, to enable device registration:

1. Set bharosa.tracker.send.devideId to true, so the device ID can be captured.

2. Call these APIs directly:

   • handleTrackerRequest

   • updateLog

   • markDeviceSafe

   • IsDeviceMarkedSafe

   • clearSafeDeviceList

   • processRules

Enabling Device Registration Out-of-the-Box

In Oracle Adaptive Access Manager out-of-the-box, to enable device registration for all applications:

1. Add the following properties to bharosa_server.properties:

   # Adds device registration to the challenge question registration page
   bharosa.uio.default.register.questions.registerdevice.enabled=true
   
   # Adds device registration to the Contact Information registration page
   bharosa.uio.default.register.userinfo.registerdevice.enabled=true
   
   # Enables device registration
   bharosa.uio.default.registerdevice.enabled=true
   
   # Enables user to be able to unregister current device in user preferences
   bharosa.uio.default.userpreferences.unregister.this.enabled=true
   
   # Enables user to be able to unregister all devices in user preferences
   bharosa.uio.default.userpreferences.unregister.all.enabled=true
   

   To enable the features on an application-specific bases, "default" can be replaced with the appropriate appId in each of the prior property names.

2. Follow the instructions in Chapter 12, "Customizing Oracle Adaptive Access Manager" to add the customizations to Oracle Adaptive Access Manager.

Create Policies to Use Device Information

Once the feature is enabled, information about the device is collected for that user. If you want to make use of the information you are collecting, you must create policies and configure them properly. For example, you can create a policy with rules to challenge a user that is not logging in from one of the registered devices.

Resetting Registration

A customer reset action to unregister all devices for a user is available in CSR type cases. The "Unregister Devices" action will delete all registered devices from the user's profile.