Risk Based Access Approach

• Traditional access control environments use static credential details like group and role membership and extended profile attributes to make a policy decision.
• Using context (device, environment, identity, resource, and behavioral patterns) ,takes it to the next level.
• Risk-based access complements the existing traditional access control by using contextual elements to allow for a more dynamic policy decision.
• The contextual elements are used to calculate a risk or confidence level for the current user’s transaction. The risk/confidence level is used as input into the final policy decision.

• How Does Risk Based Access Works?

• Key Consideration For Risk Based Access

Device ID, Location and Time of access as a factor for authentication

miniOrange supports a combination of the Device id, Location and Time of access as multi-factor authentication that can detect and block fraud in real-time, without any interaction with the user. Each method is a single tool within an overall solution.

Device


Device ID also known as Device Authentication, Device Fingerprinting, Device Identification can provide valuable data on identity morphing, authentication and repeat fraud. We can take a digital fingerprint for your device (laptop, desktop, mobile phone - android or iPhone,browser) which is unique and act as something you have. We then compare it with the fingerprint of the device that you registered with us earlier and let you carry on your transaction only if they match.

Location


miniOrange can only allow users coming in from a particular location to authenticate. Users from any other location are denied or challenged(KBA/OTP over alternate email) for login.

Behavior


miniOrange incorporates comprehensive details about user identities and behavior—such as usernames, passwords, email address, associated devices, and more into a dynamic Persona ID. User behavior is used as a factor of authentication.

Time Of Access


miniOrange can also only allow user to authenticate in between a particular start and end time, which reduces risk of unauthorized access.