Adaptive Authentication

Multi-Layers of Defense

Adaptive Authentication works quietly in the background to step up security when needed without burdening the end user.
Image

Adaptive Authentication In Action

Adaptive Authentication provides world-class security without impacting usability. That’s because risk checks are done without users even being aware of it — and multi-factor authentication is applied only if risks are detected.

Like layers in a bulletproof vest, SecureAuth IdP analyzes multiple factors to determine the legitimacy of every login attempt, thwart attacks in-process, and prevent your organization from becoming the next breach headline.

Scroll down through each layer below to see how Adaptive Authentication works in real time.

Image

This Isn't the Correct Device.

SecureAuth IdP checks to make sure the device being used is familiar and known.

Device settings allow SecureAuth IdP to create a unique device profile for each user, utilizing settings like web browser configuration, language, installed fonts, browser plugins, IP address, screen resolution and more.

Image

The IP is Suspect.

SecureAuth IdP compares IP addresses to a known, continually updated list of threats in real time.
 

The user’s IP is examined across millions of nodes to determine if it is associated with any bad actors, anomalous behavior or blacklisted IP addresses. If a threat is detected, the Security Operations Center (SOC) is given contextual and actionable intelligence to thwart present and future attacks.

Learn More

Image

The Identity Profile Doesn't Match Our Standard Practices.

SecureAuth IdP double-checks the user’s identity profile against a known directory. If it doesn’t match, access can be denied or stepped up to multi-factor authentication.
 

Attackers that infiltrate organizations often create new profiles so they can easily blend in with everyday traffic and avoid detection. SecureAuth IdP compares each profile with standard practices so abnormal profiles are flagged for multi-factor authentication or outright denial.

Image

This Isn't the User's Typical Location.

SecureAuth IdP can tell where users are located when they are logging in and thwart attacks based on location.

If an access request is coming from a location where the organization has no known employees, contractors, business partners, or customers, SecureAuth IdP can deny the request or automatically step up to multi-factor authentication.

Image

The User Was Home an Hour Ago and Can't Get Across the Country That Fast.

SecureAuth IdP knows where and when users log-in — and impossible travel events will signal suspicious activity.

If a valid access request occurred at 10:00 AM in California and that same user tries to log in two hours later from New York, something is obviously amiss. SecureAuth IdP will flag this request and either deny it outright, require multi-factor authentication, or redirect to a safe zone.

 

Image

A User is Making an Access Request from Outside/Inside a Geographic Barrier.

SecureAuth can treat access requests differently depending on a geographic barrier you determine.
 

Don’t have customers, suppliers, contractors, or employees in a particular region? Put an invisible barrier around access request locations. If outside the barrier, scrutinize request with multi-factor and adaptive authentication.

 

Image

Access Request Looks Legit, but Do We Really Know?

SecureAuth IdP can block access requests from phone numbers recently ported, coming from particular carriers, by phone type, and can limit the number of one time passcodes allowed in a given time period.

Often times a bad actor will impersonate a legitimate user’s phone number to trick authentication safeguards and gain access. Other times they will spam random one time passcodes in an attempt to guess the correct one. SecureAuth can identify these vulnerabilities and block access attempts when used.

Image

This User’s Keystrokes and Mouse Movements Are Suspicious.

Over time, SecureAuth IdP builds and maintains a unique behavioral biometric template for each user that is up to 99% accurate.

The ultimate in security protection, Behavioral Biometrics builds a template based on how a user interacts with their device, including keystrokes and mouse movement. These movements and patterns are as unique as a person’s fingerprint. It is nearly impossible for bad actors to emulate these nuances, rendering compromised credentials useless.

Learn More

Image

This User Has Entitlements to Sensitive Information, Proceed with Caution!

Handle access requests differently from users with entitlements to sensitive information.

Through SecureAuth’s partnership with SailPoint, we can identify and respond differently to high risk score authentications versus lower risk requests. We can adapt the authentication, higher or lower, depending on the risk score from SailPoint.

Image

A User’s Behavior is Out of the Ordinary.

Handle access requests differently when user’s behavior deviates from the normal.

Through SecureAuth’s partnership with Exabeam, we can require additional authentication steps if a particular user’s behavior strays from the ordinary. Attackers don’t know typical daily user routines. Identifying behavior anomalies can help identify and thwart attacks before infiltration.

Authentication That Adapts to You

Customized Workflows

SecureAuth enables its customers to tailor the authentication process for different groups and types of users based on the vulnerabilities associated with each.

Authentication Without Annoyance

Because Adaptive Authentication works in the background, users don't even know it is taking place, minimizing interruptions and ensuring broad adoption.

Growing Confidence

Users are identified by behavioral patterns that go beyond an ID and password - and behavioral templates grow more accurate with each login.

Post Authentication Continuous Protection

SecureAuth uses ongoing behavioral biometrics to continually monitor users and devices for inconsistencies throughout the day — protection against insider threats.

Success Stories

See how our customers protect their applications and data.

 

 

EXPLORE

SecureAuth Threat Service Infographic

Get an in-depth look at how our Threat Service works in this infographic.

VIEW INFOGRAPHIC

Latest Analyst Report

Read what the market is saying as KuppingerCole names SecureAuth as Leader for Product and Innovation in Adaptive Authentication.

Learn More