Deleting IA data stored on user devices
IA uses information about a device to measure the risk of an access event. To perform this assessment, IA may store data in cookies and local storage on the device. This information is securely stored on the device, and is stored on the Symantec system in an encrypted format. The VIP IA JavaScript can be used to remove the IA data stored on a user's device. Use the
IaDfp.removeIaData()
function to clean up and remove any data which IA has stored on the device, including any cookies, timestamps, or device tag data which IA may have used to assist in recognizing the device. For example, if an
evaluateRisk
call determines that the transaction is risky, you may wish to invoke removeIaData
at that time to to remove any identifying IA data from the device. The VIP Service may choose to remove the remembered device from it's server-side storage in this case. Note that removeIaData
does not explicitly have to be invoked at this time.
- IfremoveIaDatais not invoked and the user passes an additional challenge,awriteTagcall is made to remember the device. The existing IA data is overwritten with the new tag information.
- IfremoveIaDatais not invoked and the user does not pass an additional challenge or choose to remember the device, the stale IA data will remain on the device and continue to be passed to the VIP Service when evaluating risk. In such a case, the VIP Service will return that the transaction is risky, with a risk reason ofinvalid tag, until the user passes a challenge and remembers the device again with a new tag.
- IfremoveIaDatais invoked, and unless the device is recognized by the enhanced fingerprinting algorithm, the VIP Service returns the same risk evaluation result (the transaction is risky). However, rather than a risk reason ofinvalid tag, it will note in the response that the device appears to be a new, unrecognized device.
If the device has no IA data stored on it, then the
removeIAData
function has no effect.Invoke the
IaDfp.removeIaData()
function as follows. Note the following: - You must invoke theIaDfp.setParentDomain()function before you invoke any otherIaDfpfunction.
- TheIaDfp.removeIaData()function requires the latest version of the IA device fingerprinting JavaScript. If you are adding the remove function to an existing JavaScript implementation, you must replaceiadfp.jswithiadfp_1.2.jsor later wherever you invoke theiadfpJavaScript function.Symantec recommends that you always upgrade to the latest version of the IA device fingerprinting JavaScript.
<!-- Include VIP IA JavaScript Library --> <script type="text/javascript" src=" https://userservices.vip.symantec.com/vipuserservices/static/v_1_0/scripts/iadfp_1.3.js"></script> <!-- If you set the parent domain prior to originally writing a tag, also set the parent domain. Use the correct domain for your application. --> <script type="text/javascript">IaDfp.setParentDomain(".base.domain.com")</script> <!-- Remove IA data stored for the domain from the device --> <script type="text/javascript">IaDfp.removeIaData();</script>