Hello there!

Need Help? We are right here!

support
miniOrange Email Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Adaptive Authentication

Adaptive Authentication provides an additional layer of multi-factor authentication security based on risk and access provided by the security admin to control user access.





Adaptive Authentication Passwordless Authentication flow diagram



What is Adaptive Authentication?

Adaptive Authentication (Risk-Based Authentication), an advanced form of multi-factor authentication (MFA) is a process of selecting the right authentication factors depending on a user’s risk profile defined and tends to adapt the type of authorization factors. Adaptive authentication prompts Multi-Authentication Factors counting on the behavior, device IP, Geo-Location of the user which directly improves security level to the very best. Simply stated, the type of authentication methods get adapted based on real-time situations. Enabling Adaptive Authentication to any of your applications/websites lessens the security burden enforcing strong authentication where it's needed the foremost. Adaptive Authentication can be deployed in a way like:

Regardless of how you’ve defined your risk levels, adaptive authentication adapts to that risk level, enforcing the appropriate level of authentication for the given level of user risk.






miniOrange provides easy to set up Adaptive Authentication Solution for secure login access to your site. It adds an extra layer of security to your site based on IP, Device, Location, and time of access. 1-click configuration and easy to set up for any admin or a user.




FEATURES



Dynamic Risk Assessments

Adaptive Authentication collects the user session attributes at runtime and calculates the precise decision result on the go with the required MFA prompt.


Platform Independent

miniOrange Adaptive Authentication Engine works in any device supporting a Web Browser. Additionally, we also provide the same functionality using API's.


Real-time Restriction Methods

Adaptive Multi-factor authentication (MFA) restricts user access based on attributes such as IP Address, Device ID, Geo-Location & Time of Access.


Real-Time User Access Restrictions

Eliminates the need for a fixed approach that forces frequent user authentication. User session attributes are fetched at runtime to calculate the risk and decision result.


Improved Security with Multi-Factor Authentication

Appropriate Multi-Factor Authentication (MFA) challenges are presented based on the decision result which forces the user to authenticate using the configured MFA method with improved security.


One Universal Security Mechanism

Fraud Prevention, as a web service, eliminates the need for each custom application to develop specific security access methods. Additionally, we also provide the same functionality using API's.






Adaptive Authentication Benefits




Enhanced Data Security

Having Adaptive Authentication enabled helps in runtime risk analysis which decreases the chance of an unauthorized user gaining access to corporate sensitive information.

Increase productivity

As Adaptive MFA prompts for authentication only when required most, it minimizes user efforts to log in multiple times which helps users to focus on work improving the organization’s productivity.

Fraud Prevention

Adaptive Multi-factor authentication creates a situation where any successful account breach or fraudulent transaction requires additional efforts and resources.


Flexible Setup

With a miniOrange Adaptive Authentication dynamic setup, you can easily configure any of the restriction methods on any of your devices.

Reduced IT Costs

When you have Adaptive Authentication, you’ll have less suspicious activity on user accounts, which means you’ll spend less money on security management.

API Integration

You can use our Adaptive Authentication APIs to integrate additional security into your applications on any device that supports a web-Browser.





ADAPTIVE AUTHENTICATION METHODS



IP Restriction


In the Adaptive IP restriction method, the admin configures and enlists all IP addresses to allow or deny access. When a user tries to login into any of the applications configured with adaptive authentication, his IP address is checked against the configured IP list, and based on that the action is decided as per the configuration (.i.e. Allow, Deny or Challenge).


Learn More  


Adaptive Authentication through configuring IP Restriction

Adaptive Authentication Device Restriction limiting device count


Device Restriction


In this Device restriction Adaptive method, the admin allows end-users to add a fixed number of trusted devices for their account (A device here refers to a Browser Session). Once a device is registered for a user, then that user will be allowed to log in without any Restriction If the user's registered Device exceeds the total registered device limit specified by the admin, in that case, the user will be either Challenged or Denied as specified in the policy by the admin.


Learn More  


Location Restriction


In Location-based Adaptive restriction, the admin shortlist and configure a list of Geo-locations where they want to allow end-users to either login or deny based on the location set by the admin. When a user tries to login with adaptive authentication enabled, his Location Attributes such as (Latitude, Longitude, and Country Code) are verified against the Location list configured by the admin, and based on this user will be either allowed, challenged, or denied.


Learn More  


Adaptive Authentication based on Geo location Restriction


Risk-Based Authentication considering Time Restriction


Time Restriction


Time Restriction configuration starts with admin configuring a time zone with Start and End Time’s for that time zone and users are either allowed, denied, or challenged based on the condition in the policy. When an end-user tries to login with the adaptive authentication enabled, his time zone-related attributes such as Time-Zone and current System time are verified against the list configured by the admin, and based on the configuration the user is either allowed, denied, or challenged.


Learn More  


How does Adaptive Authentication work?

When you decide to implement Adaptive (Risk-based) Authentication in your organization, you need to define basic login requirements for users or a user group. These requirements may vary user by user based on location, role, and resource value risk. Adaptive authentication starts with creating a profile for each user or user group, which includes info around the user's geographical location, registered devices, role, and more. Each time a user tries to authenticate, the request is evaluated and assigned a risk score. Depending on the risk score, the user may be required to provide additional authentication factors to prove the identity. For example, if a user tries to access applications via an unregistered device, they may be prompted to register it. If the user logs in from a geographical location other than their office, they may have to answer a security question. Adaptive MFA determines the response to requests with different risk scores. In any given scenario, the user may be allowed to authenticate, may be prevented from accessing, or may even be challenged to prove his or her identity.



Our Other Identity & Access Management Products