Risk-Based Authentication
My-Access provides Risk-Based Authentication (RBA) capabilities allowing to assess user’s context when authenticating. Hence, Memority can determine whether further authentication steps are required to finalize the process.
Risk-Based Authentication relies on dynamic factors outside of the administrator’s control to compute a Risk Score and adapt authentication levels based on it. It is highly dependent on context and user behavior.
For example, Memority first authenticates the users based on login/password method. Upon success, Memority assesses the risk based on implemented settings:
If the risk score is LOWER than the configured threshold → Memority accepts the authentication process without requiring further credentials and redirects the user to the application.
If the risk score is HIGHER than the configured threshold → Memority requires a strong authentication process: user must provide an additional one-time password (or any other implemented additional factor).
Risk-Based Authentication can rely on the following factors:
User agents transmitted by user’s web browser
User attributes
Targetted application
Timezone and device geolocation → Memority can compute distance between to logon attempts and infer a session theft (impossible travel)
IP Address range based on user history
Known and unknown devices based on user history
Time since last successful logon
Risk-Based Authentication is an especially powerful tool when applied to end users, consumers or citizens. Check our Adaptive Authentication capabilities for our workforce-oriented solutions. It is also a great tool to identify session theft.