We see that online frauds are increasing day by day, that's why online users need for protection against fraudsters is also increasing, but not many solutions are coming.
As I see it, Adaptive Authentication is augmented and enhanced approach to ensure that sensitive online operations--such as data access, financial transactions, business processes etc-- remain secured. We all use user login & passwords credentials everyday. But we need more robust systems, which guarantee us that our transactions, operations are highly secured from the word go. Adaptive authentication does exactly that, because it provides and uses real-time RISK analytics, risk-based authentication. It also uses anti-phishing, and anti-malware capabilities.
In the given diagram, I have tried to present you the basic flow of things, when Adaptive Authentication is in action.
Adaptive authentication will adjust itself based upon the following parameters. Of course, this consideration will happen in real-time based on machine-learning, or AI.
Geolocation-based parameters:
It is an important authentication scenario that a typical user faces. For example, a credit card transaction is performed on behalf of a user and requires authentication. Geolocation based adaptive authentication is configured for this specific use case. The location details for the user are collected by either their IP address, GPS coordinates or triangulating cellular signals (collected from the user’s personal mobile phone). This data will be processed against the location provided by the credit card transaction. If a suspicious geolocation comparison is evaluated, adaptive authentication will use the user’s phone for additional authentication to reduce the risk of a potential credit card scam.
Device Types-based parameters:
In the modern world, a typical user would use several devices for authentication. Therefore a stolen device is a potential security threat in any authentication process based on that device. In this use case, device-based adaptive authentication can be applied in the following manner. Once configured, adaptive authentication will check whether the device is a stolen device using the information given prior to the authentication. The authentication process can be immediately terminated for a stolen device. Device-based authentication can also be applied to tighten the security for a new device that logs in to ensure reduced risk of potential security threats as well.
Attributes-based parameters:
In a corporation, there are levels of users that are differentiated by attributes. Not all of them are required to have the same authentication flow. This is a good use case where we can apply attribute-based adaptive authentication. During the authentication process, user attributes can be checked and simpler authentication steps can be provided for a general user like a cashier in a shop. For an administrator, authorization levels are higher. In this case, more security steps can be provided for authentication.
Behavior-based parameters:
An important factor in an authentication flow of a user is the behavior pattern. A typical user usually follows a login pattern where they log in at certain times. In use cases like this, behavior-based adaptive authentication can be applied. During the authentication, user login times will be monitored and compared with past login information. If an unusual behavior is detected, the user will be provided with additional authentication steps to increase the security level. Behavior-based adaptive authentication can also be used for geo velocity based scenarios as well. If a user logs in from Sri Lanka at a particular time and another login request occurs from London after a few minutes, the authentication process will monitor this unusual behavior and responds with additional security steps.
Risk-based parameters:
There is one more important scenario to look at. The risk of a certain authentication request can be calculated from facts like outputs from risk calculating algorithms, criticality of a system and firewall status of a device. In a case like this, risk-based adaptive authentication can be used with certain methods to calculate a risk score and provide additional security steps based on that value as necessary. There is RSA Risk Engine also which updates itself everyday…
Adaptive authentication is a dynamic authentication mechanism that makes changes the level of security using a range of factors such as user behavior, geolocation, device type, and risk. Depending on the resource and user, the complexity of the authentication is adjusted without the knowledge of the user. It resolves all most every problem we face with strong authentication. Adaptive authentication strikes the perfect balance between security and convenience.
This Article Was Written & published by Meena R, Senior Manager - IT, at Luminis Consulting Services Pvt. Ltd, India.
Over the past 16 years, Meena has built a following of IT professionals, particularly in Cybersecurity, Cisco Technologies, and Networking...
She is so obsessed with Cybersecurity domain that she is going out of her way and sharing hugely valuable posts and writings about Cybersecurity on website, and social media platforms.
34,000+ professionals are following her on Facebook and mesmerized by the quality of content of her posts on Facebook.
If you haven't yet been touched by her enthusiastic work of sharing quality info about Cybersecurity, then you can follow her on Facebook:
Click Here to follow her: Cybersecurity PRISM