Hello there!

Need Help? We are right here!

Support Icon
miniOrange Email Support
success

Thanks for your enquiry. Our team will soon reach out to you.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Search Results:

×

Risk Based 
Authentication

Enhance the authentication process based on the Risk Profile of the user for better access management.

Try Cloud Try On-Premise Request a Demo
Risk-Based Athentication





What is Risk-Based Authentication (RBA)?

Risk-Based Authentication (RBA), also known as Adaptive Authentication, is an authentication procedure that uses extra levels of authentication and identification depending on the risk profile to verify that the user requesting to authenticate is who they claim to be. The verification procedure grows more extensive and restricted as the amount of danger rises.
On the one hand, the goal is to lessen the authentication load on users and give a better experience, while on the other hand, strong authentication is enforced when it is most needed. Geographic location, IP address, device used for login and time of access are all common factors for determining risk score.

RBA’s main metric is risk scores, which are used to calculate risk levels which are as follows:


High Risk


The user will either be refused access or will be asked to utilize extra authentication methods.

Medium Risk


Challenge user for extra authentication method to confirm their identity.

Low Risk


Allow access to the user with static username/password if their risk score is low.



Risk-Based Authentication Factors



Risk-Based Authentication through configuring IP Restriction



IP Restriction


When using IP Restriction as risk-based authentication, IP addresses are configured and enlisted by the admin and access is either allowed or denied accordingly. When a user attempts to log into one of the risk-based authentication-enabled apps, his IP address is checked against the preset IP list, and appropriate action is taken (i.e. Allow, Deny or Challenge).




Risk-Based Authentication based on Geo location



Location Restriction


In Location-based Risk-Based Authentication restriction, the admin shortlists and configures a list of Geo-locations. Based on the location restrictions set by the admin, end-users are either allowed or denied the login. When a user tries to login with Risk-Based Authentication enabled, his location attributes such as are verified against the location list configured by the admin, and based on this user will be either allowed, challenged, or denied access to resources.




Risk-Based Authentication Device Restriction - limit device count



Device Restriction


Using Device-based Risk-Based Authentication, the admin allows end-users to add a set number of trusted devices (A device refers to a Browser Session). A registered device allows a person to log in without restriction once it has been registered. An administrator will challenge or deny a person's registration if their registered device exceeds their total limit.




Risk-Based Authentication considering Time Restriction



Time Restriction


Risk-Based Authentication also includes a time restriction, which starts with an admin setting up a time zone with a Start and End Time. Users are permitted, refused, or challenged based on the defined timezone and policies. As soon as an end-user attempts to log in with risk-based authentication enabled, his time zone parameters, such as time zone and system time, are compared to the list defined by the admin, and the user is either granted access, rejected access, or challenged access, depending on his configuration.




Risk-Based Authentication (RBA) Benefits

Enhanced Security

Having Risk-Based Authentication enabled helps in runtime risk analysis which decreases the chance of an unauthorized user gaining access to corporate sensitive information.

Flexible Setup

With a miniOrange Risk-Based Authentication dynamic setup, you can easily configure any of the restriction methods on any of your devices.

Reduced chance of hacking

Dealing with security breaches is costly, and they have the potential to disclose credit card numbers and other sensitive information. RBA, being cost-effective, plays an important role.

Reduced IT Cost

When you have Risk-Based Authentication, you’ll have less suspicious activity on user accounts, which means you’ll spend less money on security management.

Fraud Prevention

With notifications and several verification mechanisms, an RBA solution can help decrease online fraud and improper access.

Improved user Trust

MFA adds an extra layer of security to your business and your user accounts. It safeguards customer information against identity theft.



miniOrange Risk-Based Authentication Applications








Risk-Based Authentication designated features





Adaptive MFA Features

Improved Security with MFA

Users are presented with appropriate Multi-Factor Authentication (MFA) challenges based on risk profile. This forces the user to authenticate using the configured MFA method with enhanced security.

Platform Independent

Any device that supports a Web browser can use Risk-Based Adaptive MFA. In addition, we also provide the same functionality via APIs.

Set granular access security policies

Admin can track all the user activities, manage access and add security policies for users on a granular level.

Real-Time User Access Restrictions

Eliminates the need for frequent authentication through a fixed approach. For the calculation of the threats and decisions, the session attributes of the user are fetched during runtime.

Dynamic Risk Assessments

User attributes like IP address, Device ID, location, and time of access are collected at runtime, and the precise decision result is calculated with the risk-based MFA prompt.

Group and Role-based Assignment

Users can be grouped together and given access to specific applications according to their role based on different access policies.



Want To Schedule A Demo?

Request a Demo
  



Our Other Identity & Access Management Products