One of the challenge for today’s IT security professionals is to protect data from unauthorised access. With passwords becoming easily ‘hackable’, organisations are shifting towards Multi Factor Authentication which includes an additional security question, SMS, voice calls etc. The main challenge with Multi Factor Authentication is that one size does not fit all and friction from the users as this affects usability. To balance between managing risk and user convenience, Adaptive Authentication comes to rescue.
What is Adaptive Authentication ?
- New device
- Type of OS
- New or infrequently used OS
- New or infrequently used browser
- Blacklisted country
- New country or city
- User changed from one country to another in a short time
- IP reputation
- Tor network
- Blacklisted IP address
- New IP address
- Unusual time of day
- Unusual user movement
- Access from two distinct locations
- User is accessing something that he has never done before.
- User logging outside business/regular hours.
MultiFactor Authentication like OTP, biometric can improve security but may not be as user friendly and convenient as the users would like. Adaptive Authentication evaluates each access request and only steps-up the authentication when it finds a logon as a risk. Adaptive authentication adds a layer of security, helping companies protect their data from unauthorised access, while allowing users to access the system without frustrating them. However, adaptive authentication is still at a nascent stage and there is still a lot to be done.
We can say that Multi-Factor Authentication is the present while Adaptive Authentication is the future of secure authentication.
Please feel free to share your thoughts and queries in comment below.