RSS feed Get our RSS feed

News by Topic

BizReport : Internet : May 18, 2017

Expert: Less friction needed in authentication

Because passwords are easily compromised, multi-factor authentication (MFA) is critical for strengthening security. But traditional MFA tools use static rules that can't keep up with today's constantly evolving security risks.

by Kristina Knight

Kristina: Reducing friction in the authentication process seems to be a new trend. Is this the case? What's prompted security solutions providers to focus on usability?

Al Sargent, Senior Director, OneLogin: For IT, acquiring products to increase security is only half the battle. The other half is getting people to use those technologies. Users aren't going to adapt security products that reduce their productivity.

OneLogin is built on the premise that security has to be frictionless. We started out with Single Sign-on, which saves users the equivalent of three business days per year. Then we added Push MFA, which makes multi-factor authentication as easy as clicking an alert on your phone or watch. With Adaptive Authentication, we make it so that low-risk logins aren't forced to use MFA.

Kristina: How do you see machine learning transforming the identity and access management sector in the next few years? What emerging trends will you be watching?

Al: We believe that machine learning could eventually transform the identity and access management market, by expanding the range of signals that we feed into our machine learning algorithms to find different kinds of risks. These new signals could include biometric data. This will make it increasingly difficult for hackers to defeat authentication systems.

For this reason, it will become increasingly important for IT teams to understand that they need not just MFA, but MFA underpinned by machine learning. IT buyers need to be aware that, just like some vendors have engaged in "cloud -ashing", vendors might start to over-hype their machine learning solutions. We call this "AI-Washing". It's critical to ask your vendors tough questions about their machine learning can actually do.

Kristina: How does OneLogin adaptive authentication use machine learning to secure access to enterprise applications? Can explain how the solution works in a way our readers will understand?

Al: Adaptive Authentication uses machine learning to find anomalies at the time of login. Anomalies can be related to the user's network, geographic location, device fingerprint, velocity, or time of access. If a user always logs in from the same network and location, with the same device, at the same time, that's typically a low risk login. But if something seems off -- for instance, if they're coming from a known botnet, or a new geography or device -- they will be challenged for MFA.

Adaptive Authentication is especially useful for preventing phishing attacks. Typically a phishing attack tries to install malware on a user's computer. From there, the malware, running on a trusted company network, may try repeatedly to log into company apps. Eventually the malware finds the right password, and when it does, it isn't challenged for MFA, because it's running on a trusted company network.

Compare this to Adaptive Auth: the malware would be flagged as a new device fingerprint, and would get challenged for MFA. The malware can't, of course, respond to an MFA prompt, and the hackers is prevented from accessing company apps.

Tags: ecommerce, ecommerce login trends, internet trends, OneLogin, online authentication

Subscribe to BizReport



Copyright © 1999- BizReport. All rights reserved.
Republication or redistribution of BizReport content is expressly prohibited without the prior written consent.
BizReport shall not be liable for any errors in the content, or for any actions taken in reliance thereon.