5.8.1 Introduction to Risk-Based Authentication

Traditional password-based authentication systems have their own limitations at implementing security in an organization. Enhancing the strength of the password is inadequate to prevent security threats. Thus, you must explore and apply better authentication techniques such as risk-based authentication.

Risk-based authentication provides context-aware access control that acts to balance the level of trust against risk. It enables organizations to perform the following actions:

  • Address access-related risks and improves user experience.

  • Validate risk of an access request at the run time and take appropriate actions, such as forcing an advanced authentication or denying access.

You can also assess risk in a federated setup with service providers such as Salesforce.com, SAP HR, and Oracle Financial with protocols such as SAML and WS Fed.

Access Gateway can also control access for a protected resource based on the risk score.

Risk-based authentication uses the risk engine for evaluating and assessing rules, including risk score and risk level processing. The risk engine ensures that the risk associated with a login attempt is considered during authentication.

This section describes risk-based authentication concepts.