Risk evaluation is done using a set of rules. You can configure the in-built rules that are provided in the product. If you have a requirement that is not achievable using these rules, then you can write your own custom rule.
Risk Engine evaluates all configured rules one-by-one, and evaluates the Risk Score with Risk Level for the connecting user.
Risk Engine collects all activity details of the connecting user and sends these to the rules for evaluation. These include IP address of the connecting client, HTTP headers, Cookies, User attributes, user historical data, and so forth.
The Risk Engine architecture provides a programming interface that allows you to create a custom rule class. This rule can be configured like any other rule for Risk Engine. Whenever the Risk Engine evaluates this rule, corresponding risk core is added when the rule (condition) fails.