RiskControl User Access
Marqeta uses role-based access control for Real-Time Decisioning. Access is controlled by a number of permissions, which are described below in User roles and permissions.
Each permission enables a user to access a particular function of the Real-Time Decisioning dashboard. Each permission relates to an area of Real-Time Decisioning, and if a user has no permissions related to a particular section, they cannot see or access that area of Real-Time Decisioning.
The permissions a user has depends on the role or roles assigned to that user’s Real-Time Decisioning user account. Users can have a single role, or multiple roles. If they have multiple roles, they have all the permissions associated with all of their roles.
Default user roles
Copy section link
The following roles available to your users:
-
Analyst – The Analyst role allows a user to see entity and event details, and to search and filter events. This role is typically assigned to someone with a job title such as fraud agent, financial crime analyst or AML investigator.
-
Supervisor – The Supervisor role allows a user to manage queues and workflows and approve changes to analytics made by an Analytics Specialist (see below).
-
Analytics Specialist – The Analytics Specialist role allows a user to view and edit analytics, including business rules and positive or negative lists.
-
User Administrator – The Administrator role grants a user all the permissions available to other user roles. In addition, this role allows a user to create other users, and manage the roles assigned to other users. There is also a Super User role, which grants all user permissions.
User roles and permissions
Copy section link
The lists of permissions below show which permissions are assigned, by default, to each user role. The Super User role has all the permissions that are enabled in your system except those marked with an asterisk (*).
In the lists below, permissions that require another permission (referred to as the parent permission) are indented below their parent permission, with a (c) to indicate the parent-child relationship.
Events
Copy section link
| Permission | Description | Users |
|---|---|---|
Events |
Enables the entity search box (in the ARIC header), as well as access to Events in the Real-Time Decisioning dashboard. |
Analyst, Analytics Specialist, Supervisor, User Administrator |
Management information and reports
Copy section link
| Permission | Description | Users |
|---|---|---|
Management Information * |
Enables viewing of Enhanced Reporting dashboards in the Reports area of Real-Time Decisioning, if the Enhanced Reporting optional feature is enabled. |
|
Management Information User Management * |
Enables a user to manage Tableau user permissions, if the Enhanced Reporting optional feature is enabled. This enables a user to create and manage Tableau user accounts and control which Enhanced Reporting dashboards are visible to which users. |
Analytics
Copy section link
| Permission | Description | Users |
|---|---|---|
Aggregators |
Enables the creation and editing of risk score aggregators. |
Analytics Specialist, User Administrator |
Analytics Version Acceptor |
Enables the user to approve or reject changes to analytics configuration which have been submitted for review, and to revert to a previous version. |
Supervisor, User Administrator |
Accept or Reject Own Analytics Changes |
Enables the user to approve or reject changes to analytics configuration from all users that have been submitted for review, including themselves (enables a user to push analytics changes directly to live). |
User Administrator |
Analytics Version Creator |
Enables the user to submit for review changes to analytics configuration. |
Analytics Specialist, User Administrator |
Analytical Workflow Override Settings * |
Enables the user to override Workflow settings and parameter values if the Analytical Workflows feature is enabled. |
|
Analytical Workflow Override Mappings * |
Enables the user to manage which Analytical Workflows apply to which event types if the Analytical Workflows feature is enabled. |
|
Rules |
Ability to create and manage AMDL™ business rules. |
Analytics Specialist, User Administrator |
Rule Templates Manager |
Ability to manage rule templates and rule actions. |
|
Rule Templates |
Ability to use rule templates. |
Analytics Specialist, User Administrator |
Settings
Copy section link
| Permission | Description | Users |
|---|---|---|
Data Lists |
Enables the creation and management of data lists. This also allows the direct addition or deletion of values in data lists, and import of data into data lists in CSV format. |
Analytics Specialist, User Administrator |
Teams |
Enables the creation of teams and assignment of users to teams. |
User Administrator |
Users |
Enables the creation and administration of users and assignment of roles to users. |
User Administrator |
View Unmasked Data |
Enables users to view unmasked data (that would otherwise be masked), if the data masking feature is enabled. |
Analytics Specialist, User Administrator |
System
Copy section link
| Permission | Description | Users |
|---|---|---|
Audit Log |
Enables viewing of the audit log of user interactions using the Real-Time Decisioning dashboard. |
Others
Copy section link
| Permission | Description | Users |
|---|---|---|
Detokenize * |
Enables users to view the original plaintext values of tokenized data, if the optional tokenization integration feature is enabled. |
|
Documentation |
Enables the inline documentation sidebar. |
|
Promote Model Classifier |
Ability to promote a model classifier. |
|
Tokenized Search * |
Enables the user to search tokenized fields using the original non-tokenized value, if the optional tokenization integration feature is enabled. |