How to Add a Deny List to Your Workflows

Overview

Several government agencies and security researchers publish data on known bad actors involved in identity fraud. You can use these as a source of data for a Persona List, then configure a Workflow to automatically flag or deny candidates who match.

You are responsible for reviewing, compiling, and importing any data from external sources. Persona does not sync or ingest third-party lists automatically.

Public sources

Leading government agencies and security researchers publish lists that can serve as a starting point. Some examples:

• FBI Cyber Division – DPRK IT Workers – Names and identities associated with North Korean IT worker fraud schemes.
• CISA North Korea Threat Advisories – Joint advisories from CISA, FBI, and DoD that include IP addresses and other indicators of compromise.

Step 1: Create a List

Using the left-side navigation bar, go to Lists and press the Add New List button. In the popup modal, specify a name for the List and select a list type.

Choose the list type that matches the data you're importing. For example, if you're importing government ID numbers from a fraud alert, select Government ID. If you're importing email addresses, select Email Address.

Different list types require different inputs. See List Types for more information.

Step 2: Add items to your List

Click the Add Item button to add entries individually, or import in bulk via CSV upload. Persona also provides API endpoints to create and manage your Lists as an alternative to using the Dashboard.

Step 3: Configure your Workflow

While a List houses the information, you rely on Workflows to automate actions and decisions when Persona receives information that matches a List.

In your Workflow, add a Conditional Step to check for List matches on each Inquiry. If Persona finds matching information, the Workflow can:

• Automatically decline the Inquiry
• Automatically mark the Inquiry for review
• Create a case for manual review

Things to keep in mind

Auto-decline works best with high-precision identifiers. Government ID numbers and email addresses from verified sources support auto-decline. For name-based lists or research-compiled email lists, route matches to manual review first.

Account for data accuracy. Public lists are not always current, and entries can be based on incomplete or unverified information. The list can become less accurate over time. Review any source before acting on it automatically, and have a process in place to remove entries that turn out to be incorrect.

One layer of a broader workforce security strategy. Lists and Workflows give you a way to act on known fraud signals at the point of identity verification. A complete workforce security program typically spans multiple layers, including identity verification, device and behavioral signals, background screening, and ongoing monitoring. This feature addresses one part of that picture.