We all know that single factor authentication, just providing, say, a username and password, is no longer secure enough to verify a user’s identity. By now, most of us are familiar with, and have had to use ourselves, at least somewhere, multi-factor authentication (MFA). There is at least one application or website out there that you need to access where you are not only being prompted to provide a username and password but must also provide additional authentication information such as a one-time password (OTP). And that OTP is being sent to you via email or on your phone. We accept this and understand that these extra security measures are put into place to protect us against hackers who might have stolen our usernames and passwords. Fine.
The problem is that those hackers can be pretty clever and they have found ways to hijack accounts and get those additional authentication pieces like the OTPs. So we need to be even more clever than they are, thus, risk-based authentication (RBA), otherwise known as adaptive authentication, has entered the scene. This form of authentication takes into account a user’s behaviors when authenticating the user. Most Identity and Access Management (IAM) systems out there provide some form of adaptive authentication. OneLogin’s SmartFactor AuthenticationTM feature includes adaptive authentication that is backed by our own risk engine, Vigilance AITM.
You might be familiar with adaptive authentication and have it implemented in your own systems, but how much do you know about how it works and how it actually determines whether or not a login attempt is coming from a valid user or from a hacker?
To find out more about how a risk engine works, how it scores each login attempt, how it calculates what is often referred to as a Risk Score, and what types of factors it analyzes, download and read our newest cheatsheet: The Quick Guide to Risk-Based Scoring for Multi-Factor Authentication.