Adaptive authentication is an extensive fraud detection system in which risk-based multi-factor authentication is used to ensure the protection of users accessing websites, portals, browsers or applications. The system is purpose-built to measure the risk of a user’s login, along with their post-login activities, vhealthportal.com/product-category/cholesterol/, to determine the level of threat that may exist. This is performed depending on the perceived level of confidence in the authentication achieved and in relation to a particular resource or transaction request. After implementing this risk and rules-based approach, the system then looks to obtain additional assurances from the user. Looking beyond binary authentication to adaptive risk-based solutions allows companies to maintain strong data security but not at the expense of usability.
Who uses adaptive authentication?
Adaptive authentication has been successfully applied to verify the identity of access requestors across a variety of sectors, particularly in government services and banking. As the popularity of the system increases, so too does the information gathered in order to provide a risk of fraud level. Information such as geolocations, behavioural profiling and device profiling allow for an increasingly varied data range that is enabling adaptive authentication to become perpetually smarter and more efficient.
How to deploy adaptive authentication
‘Intelligent’ adaptive authentication solutions adapt to the circumstances of the user’s access to a service, taking into account the level of security required and the gravity of the access request, in line with the firm’s risk policies and profiling.
Swivel Secure’s adaptive solution, Authcontrol, includes a ‘policy engine’, which allows companies to determine what form of authentication is appropriate for any given user. Using a set of rules, and a points system, an enterprise is able to allocate the level of security required on a per user, per application basis, enabling its authentication solution to be entirely parameterised around the network users. Additional authentication is, for example, only demanded when risks dictate it. Data is protected but not to the inconvenience of the network’s legitimate users or to the detriment of the business. For example, if an employee uses a lower risk connection, like connecting their laptop to the corporate network while working in the office, an adaptive authentication platform could apply only a basic authentication challenge, such as a username and password, in response to the access request. Should the employee take their laptop beyond the network perimeter, to a coffee shop for example, and attempt to connect via the public Wi-Fi, the platform would automatically recognise the increased in risk posed by the request and apply a stronger form of authentication challenge before granting access.
Easy, secure and flexible authentication, but only when needed makes certain business sense. As security needs involve in today’s rapidly expanding virtual perimeter, this will increase productivity and decision making will be faster. Those who embrace adaptive authentication will ultimately have the competitive advantage.
About Swivel Secure:
Swivel Secure is a pioneering network security solutions provider. Their award winning range of intelligent authentication solutions can be tailored to suit your business needs and budget, and all under one license. Whatever you need to access and whatever devices you want to use – securely and seamlessly, with mix and match authentication options: Mobile App. Token, SMS, Voice and Image, with the free use of PINsafe, their patented encryption process for an extra layer of security.
We have traditionally always used hardware based tokens for VPN authentication for our remote users, but this proved very expensive, impractical and inconvenient to support internally. Our users found them complicated to operate, and yet another device to remember to carry around. Swivel has given us greater flexibility and the mobile app has proven to be very popular and extremely easy to use, with the added benefit of minimising the logistical support issues we experienced with the use of the hardware tokens.
Graham Woods, ISS
Keen to learn more? Check out Swivel Secure’s approach to adaptive authentication.
Share this story: