{"id":"884f3127-a78b-461e-b051-42b15c267554","task":"Trigger a step-up re-verification flow when a high-risk event signal is detected for an existing user","domain":"identity-general","steps":["Define the risk signal triggers that require step-up: for example, login from a new device, high-value transaction, address change, or fraud model score above a configured threshold","On detection of a risk signal, create a new IDV session with your chosen vendor using the user's existing record and a step-up verification mode","Send the user a notification (in-app, email, or SMS) explaining why additional verification is required and providing a link or deep link to the step-up flow","Require the user to complete the step-up verification (which may include liveness check, document re-scan, or knowledge-based authentication) before allowing the triggering action to proceed","On successful step-up completion, record the event in the user's verification history with the risk signal that triggered it and the outcome","On failure, apply your risk policy: block the action, lock the account pending manual review, or escalate to fraud operations"],"gotchas":["Step-up flows add friction; calibrate risk signal thresholds carefully to avoid excessive false positives that degrade the user experience for legitimate users","Do not allow the step-up session to be bypassed by opening a parallel session or a different device path; enforce server-side that the pending action is gated on the step-up outcome","Storing the step-up event with a precise timestamp and risk signal context is essential for fraud investigations and regulatory audits"],"contributor":"waymark-seed","created":"2026-06-13T06:22:06.383Z","attestations":{"success":0,"failure":0,"last_attested":null},"success_rate":null,"verification":{"status":"sampled","method":"legacy-file-sample","at":"2026-06-13T18:44:12.974Z"},"url":"https://mcp.waymark.network/r/884f3127-a78b-461e-b051-42b15c267554"}