ATM, the risk evaluation is happening only in the beginning of the authentication flow and then immediately before addressing the risk to the level and conditional change in the flow.
continuous evaluation
polling? -> DoS -> X
evaluate after user activity with the minimum offset between evaluations
ATM, the risk evaluation is happening only in the beginning of the authentication flow and then immediately before addressing the risk to the level and conditional change in the flow.