Event Analysis is a tool for fraud agents and customer service agents to investigate specific users, devices, or login events.
- Log into the Kount Portal.
- On the left navigation bar, select the Event Analysis icon.
- In the search box, enter the Username or User ID to search, and then press Enter.
NOTE: Searches are not case sensitive, but they must be exact character matches. Partial searches are not allowed.
- The Event Analysis for the Username or User ID displays.
NOTE: Username and Account Creation Date are optional integration data elements. If this information is not passed to Kount at the time of login, this information will not be displayed on screen.
From the results on the Events Analysis screens, several options are available to further drill-down information for better analysis.
Event Analysis Single Device
- From the Single User screen, under Past Events, click a Device ID to display all events and trusted user information for that device.
NOTE: Username is an optional integration data element. If this information is not passed to Kount at the time of login, this information will not be displayed on screen.
Login Event Details
- From the Single Device or Single User screen, under Event Type, click Login, if available.
- Login Event Details display. All information is a snapshot of information at the time of the event. If the trust state of the device for the user has changed since the time of the transaction, the change is not reflected in the historical view.
- If the event resulted in a Challenge or a Block, click View Policies to display all policies that caused the Challenge or Block.
- If the decision was Allow, no policies are displayed.
- In the Information pane, click Expand All to display the details of the Device Attributes, Location, Browser, and Network at the time of the login event.
Failed Attempt Details
- From the Single Device or Single User screen, under Event Type, click Failed Attempt, if available.
- The Failed Attempt Event Details screen shows information about the failed login attempt. If the failed login attempt was due to the username not being on record for the company, the User ID is blank.
Trusted Device Manager
The Trusted Device Manager allows Portal users to add and modify a trust state for a user’s device. All devices that an end user has logged in with be displayed either in Known Trust States or Unknown Trust States.
- To Add a device to the Known Trust States, click the + and enter the trust state. You may optionally add a friendly name. If not, one will be added by the system.
- To modify a trusted device, click the Edit icon and make any desired changes.
NOTE: Modifying the trust state of a device does not change the Past Events view – it only affects future events.