Organizations that expose services and business applications on their intranet and extranet are concerned about security, and Fraud and misuse can cause a lot of damage leading to incur both direct and indirect costs for enterprises. Employee and partner accounts are being compromised and misused at the expense of the enterprise. Increased usage of online channels for larger customer loyalty focus can prove to be critical on such situations.
Today organizations are realizing the need for strong authentication to become the de facto standard for assuring user identities in the cyber world. A strong authentication solution not only adds a layer of security on top of existing identity and access management systems, but also operates in a way that is convenient for the end user to make a complete difference in the mode of access granting and identity mapping.
Two-factor authentication, also commonly referred to as multi-factor authentication, alludes to the fact that there are more than one factor, or proof, needed in order for a successful authentication to be made which in turn is the core technology behind Adaptive Authentication.
Why Adaptive Authentication?
As the usage of online portals, SSL VPN applications, and web access management products continue to grow, so does the need for strong authentication to protect against unauthorized access to the information contained within them. Whether driven by compliance or the need to effectively manage information risk, organizations are faced with the challenge of providing strong multi-factor authentication to secure their assets and information while balancing cost and end user convenience. Adaptive Authentication monitors and authenticates user activities based on risk levels, institutional policies and customer segmentation that can be implemented with most existing authentication methods including:
By having the ability to intelligently support existing authentication technologies, organizations can use Adaptive Authentication to find out:
- Invisible authentication: Device identification and profiling
- Out-of-band authentication: Via Phone call, SMS or e-mail
- Challenge questions: Question or knowledge-based authentication
- Multi-credential framework: For those organizations wanting more choices for authentication
- Site-to-user authentication: Ensuring legitimate users access the systems or portals
- How strongly they authenticate end users and distinguish between new and existing end users
- What areas of the business to protect with strong authentication and how to comply with changing regulations,
- What they are willing to accept in terms of risk levels, and how to comply with the various requirements of the regions and countries where they operate
How it works?
Adaptive Authentication is powered by a series of core technologies such as device identification, the Risk engine, the fraud network, the policy Manager and the Multi-credential framework.
- Device Identification: Device Identification enables transparent authentication for the vast majority of users by analyzing the device profile (the device from which the user accesses the server or network) and the behavioral profile (what activities the user typically performs), and matching the current activity against these profiles.
- Risk Engine: The Risk engine is a self-learning technology that evaluates each online activity in real-time, tracking over one hundred indicators in order to detect fraudulent activity. A unique risk score, between 0 and 1000, is generated for each activity. the higher the risk score, the greater the likelihood is that an activity is fraudulent.
- Policy Manager: The policy Manager enables organizations to instantly react to emerging localized fraud patterns and effectively investigate activities flagged as high-risk. the policy Manager is used to translate organizational risk policy into decisions and actions through the use of a comprehensive rules framework that can be configured in real-time.
- Fraud Network: The Fraud Network is a cross-organization database of fraud patterns gleaned from an extensive network of customers, ISP’s and third party contributors across the globe. When a fraud pattern is identified, the fraud data, transaction profile and device fingerprints are moved to a shared data repository. It provides direct feeds to the Risk engine so that when a transaction or activity is attempted from a device or IP that appears in the network data repository
The core technology of Adaptive Authentication- The Risk Engine
The Risk Engine is a core technology of Adaptive Authentication. Combining both online data and traditional offline data, the Risk Engine evaluates each attempted login and activity in real-time, tracking over one hundred indicators in order to detect a login attempt or activity that is suspicious or high-risk. The factors that the Risk Engine considers include:
- Positive device identification – A unique device identifier that is placed on the user’s device to positively identify that device in subsequent interactions between that device and the application
- User profiling data – This information is collected, stored and used to build a unique profile of each user that can later serve as the reference point for identifying anomalies in behavior, and thus indicate the likelihood of an activity being high risk.
intiGrow’s Adaptive Authentication Solution offers several additional key benefits such as:
- Stronger: Adaptive Authentication offers strong multi-factor authentication and self-learning capabilities to protect against existing and emerging threats.
- Proven: Adaptive Authentication has been deployed by more than 8,000 organizations across industries such as financial services, healthcare, insurance, retail and government. Currently, it is being used to protect over 250 million user identities and secure access to a variety of applications and systems including websites and portals, SSL VPN applications, and WAM applications.
- Cost-effective: Adaptive Authentication is cost-effective because it eliminates the need to deploy physical devices and enables users to self-enroll. It is an ideal solution for organizations deploying strong authentication to large user populations.
- Convenient: Adaptive Authentication provides for a majority of users to be authenticated behind the scenes. The only time a user is challenged is in the event of a high-risk login or activity. Users are not required to carry physical hardware and can still securely login from an unrecognized device through the use of step-up authentication