Adaptive Access Control

The perfect balance between context-aware access and customer experience

Adaptive MFA

Multi-Factor Authentication (MFA) is an important step in defending your brand’s reputation against data breaches and fraud. By adding an additional layer of protection, you can better ensure you know who you’re doing business with.

According to the Verizon Data Breach Investigations Report, 81 percent of breaches involve using stolen or weak credentials.

Adaptive MFA provides all of its capabilities via hosted pages, predefined workflows, and API’s/SDK, ensuring you can leverage these protections in your existing technology investments.

Multi-factor Authentication covers a variety of methods:

SMS OTP

Email OTP

Push OTP

Voice OTP

Push / Accept

Magic Links

TOTP Token

FIDO U2F Token

A common MFA impediment is usability – your customers become frustrated during complicated log-in processes. Striking the right balance between security and usability is critical to developing growth and brand loyalty.

Goodbye old factor authentication, hello Adaptive MFA

Using Adaptive MFA, your brand can achieve the perfect ratio of trust and customer experience.

Establish high levels of trust and identity assurance
Stay out of your customer’s way unless active risk detected
Provide a delightful customer experience

Ensure rapid return on investment with your multi-channel experiences
Maintain flexibility in your customer journeys through configurable workflows

Adaptive MFA: What makes the magic happen?

We don’t like buzz words. You won’t find us talking about learning machines, intelligent clouds or even how new our math is. Instead, we believe in using modern approaches to solve real problems.

Risk analysis is at the core of Adaptive MFA, and Strivacity has the strongest set of risk analysis techniques. By analyzing the broadest number of different risk indicators, we are able to provide the safety net you need, while keeping your users engaged.

Here’s how we detect and minimize risk for your brand:

Device Risk Analysis

Known Device Detection
SIM Swap Detection
Phone Number Reputation
Tampered Phone Detection

Location Risk Analysis

New Location Detection
Location Allow/Deny Lists
Improbable Travel Detection
Geo-fence

Network Risk Analysis

Anonymous Network Detection
Bot Network Detection
Transparent Proxy Detection
New Network Detection
IP Allow/Deny Lists

Password Risk Analysis

Password Stuffing Detection
Breached Password Detection
Password Re-use Detection
Password Brute Force Detection

Optimized Customer Outcomes

Your customer’s experience should be guided by the discovery, assessment, and prioritization of risk. Adaptive MFA provides you the ability to quickly influence and balance the customer’s experience and risk.

Here's how we do it:

Step-up Authentication

Recommend for high-value transactions or when risk is detected

Step-down Authentication

Enhanced customer experience when no risk is detected

Revoke Authentication

Gracefully deny access without compromising the customer experience

Redirection

Granular control over the customer journey

Integration

Ease the pain of integrating customer identities into the rest of your existing technology investments and makes connecting with partners easy if they have their own identity provider (IDP).

During an interaction with your brand, your customers should only log in once to your portal or website, and enjoy a seamless, uninterrupted experience through their customer journey.

Support for all of the major industry-standard integration methods

OpenID

OAuth

SAML

By leveraging these standards, we’re able to quickly and easily integrate to solve the most common problems brands face:

Your customers’ data may live in silos throughout your organization. Getting your customer-facing portal or application access to each of these silos can be tricky.

This increases the cost of managing the data and complicates regulatory privacy compliance, meaning you may not have a complete marketing view when it comes to getting the most value from insights and market segmentation.

Unifying your customer identities using federated integrations allow your customers to log in once and use their profiles anywhere you want them to – even if you have multiple brands that share customer data and/or infrastructure.

Additionally, you can use either the Strivacity Identity Store, or any identity stores of your choosing, whether it’s on-premises or cloud-based.

Social Registration and Log-In

Leveraging social media logins can greatly speed up registration time and reduce abandonment.

Continuous Access

Mitigate business risk with the highest fidelity Identity Corroboration.

Your authentication system should discover, assess and prioritize risk. When risk is identified, proactive measures are needed to safeguard a customer’s credentials and your brand – in a way that does not impact customer experience.

Risk is always present

Traditional authentication schemes address risk as a one-time event. This approach puts too much focus on a singular allow or deny decision, versus the continual increase of trust, and reduction or outright revocation of access.

Strivacity Fusion provides all of its capabilities via hosted pages, predefined workflows, and API’s/SDK, ensuring you can leverage these protections in your existing technology investments.

Our philosophy on risk analysis is simple. We look carefully at all signals attackers exhibit when they orchestrate identity-related attacks against your brand.

Continuous Access: signals of risk

Location-based Signals of Risk

Activity from undesired locations or based on improbable travel

Device-based Signals of Risk

Activity from new, unknown or tampered device

Network-based Signals of Risk

Activity from anonymous, malicious, unknown or bot networks

Password-based Signals of Risk

Attempted activity using password stuffing, brute-forcing or a breached password

Because Continuous Access is always looking for risk throughout the entire time that a customer is engaged (and not just once at authentication) it means you can take immediate action to notify and take proactive steps to revoke access or ask the customer to prove that they are who they claim to be.

With this approach, rest assured you will always be at the forefront of continuously detecting identity-related risk throughout your customers’ omnichannel interactions with your brand.

Identity Threat Detection

Adaptive MFA and Continuous Access provide great customer experience while safeguarding your brand and most importantly your customers.

While this continuously discovers, assesses and mitigates steps against authentication risk, coverage shouldn't stop there.

Your security posture wouldn't be complete without the ability to monitor customer identity risk, and provide the information and visibility to your existing monitoring or managed security investment.

Traditional network perimeters, as we have known them, are disappearing. With the proliferation of devices and BYOD, policy and security control has diminished, making it harder than ever to detect and respond to threats.

When incident response or security teams are responding to a threat, obtaining transactional identity-related information to help follow the breadcrumbs takes longer and costs more time than obtaining network or endpoint information. That shouldn’t be the case.

This is more challenging because identity security-related data often lives in silos – on domain controllers, in cloud applications, in on-premises applications and often in different eventing formats.

The sheer importance of using identity-related data to aid the discovery and monitoring of threats is often an after thought or not a consideration of authentication providers. That simply shouldn't be the case.

How we help

We understand the importance of using identity-related data to discover, monitor and hunt for threats. We also understand how difficult this can be in practice. Here’s how we help:

Strivacity Fusion acts as an authoritative provider of all customer identity authentication, offering protection (using Adaptive MFA and Continuous Access), while also integrating all identity-related risk information used to make those decisions.

We play nice with others to provide full visibility and response. We understand that identity data is a piece of the overall threat detection puzzle. Our goal is to add identity-related security data to your SIEM or UEBA investments.

Using a managed security or managed detection and response (MDR) service? We can give the service provider the customer- related identity information needed to enhance visibility.

Tell us what service provider you’re using, and we’ll tell you how we can integrate.