Adaptive Authentication
Why should we think about Adaptive Authentication?
Depending on a simple username and a password for authentication purposes are simply not enough in today’s world. With the massive development in the IT industry, cyber attacks and their impacts have also grown in leaps and bounds and cost heavily to compromised enterprises.
Multi-Factor Authentication
In order to overcome the risk of breaking into business applications and data with the use of a simple username and password the mechanism of Multi-Factor Authentication was introduced. With MFA users are required to provide at least two factors when logging in. But if MFA is implemented in the wrong manner it will constantly prompt the user for a second factor and will make the authentication procedure a hassle and very less user-friendly.
Adaptive Authentication
To provide customers with a smoother experience when logging in without compromising the security, the adoption of adaptive MFA, the next logical evolution was launched.
As the name implies the Adaptive Authentication is a type of MFA where the steps of authentication can be adapted; configured and deployed. The right multiple authentication factors are decided by the identity service provider (IDP) system based on several aspects. Such as the user’s risk profile and the behaviour related to a particular user access request.
No matter how the risk levels are defined, adaptive authentication adjusts to that risk level and proposes suitable levels of authentication for the given level of risks. Adaptive authentication makes sure the low-risk activities are not unnecessarily burdensome or high-risk activities are way too easy to hack
Adaptive authentication considers few factors when defining the steps for authentication:
- The device profile: the system from which the request comes from, a familiar device, corporate-issued one.
- Location Awareness: From where the request comes from, risky country, risky IP range, not the usual login location, how did the user get from a certain country to another within an hour etc.
- User behavior: why does this user access servers, data or applications that aren’t accessed usually.
The concept of adaptive authentication is identifying authentication elevation as an element of a continuous process of handling access to certain applications and resources. In other words, the risk evaluation and elevation is not only performed during the authentication process. It is continued as a part of the process of accessing information by deciding whether to allow a certain request or to elevate the authentication and confront the user with further authentication factors during a questionable event. In such suspicious behaviors, the user should be prompted for additional factors of authentication.
References
- What is Adaptive Authentication? https://blog.centrify.com/adaptive-multi-factor-authentication-mfa-2/
- What is Adaptive Multi-factor Authentication (MFA) https://blog.centrify.com/what-is-adaptive-authentication/
