4.5 Risk-based Authentication

Traditional password-based authentication systems have their own limitations at implementing security in an organization. Enhancing the strength of the password is inadequate to prevent security threats. Thus, there is a need to explore and apply better authentication techniques such as risk-based authentication.

Risk-based authentication provides context-aware access control that acts to balance the level of trust against risk. It enables organizations to perform the following actions:

  • Address access-related risks and improves user experience.

  • Validate risk of an access request at the run time and take appropriate actions, such as forcing an advanced authentication or denying access.

You can also assess risk in a federated setup with service providers such as Salesforce.com, SAP HR, and Oracle Financial with protocols such as SAML and WS Fed.

Access Gateway can also control access for a protected resource based on the risk score.

The following illustration depicts risk-based authentication process:

The following illustration depicts the risk-based authentication in a federated setup:

This section describes risk-based authentication concepts and how to configure it.