Identification is an essential part of all security systems. The authentication process guarantees the identity of the other party, and its strength directly impacts on the reliability of security systems.
The ideal authentication method that provides the maximum security while being easy to use in all contexts does not exist. Determining the right authentication method is crucial and not doing so can result in higher costs and foregoing improvements in security. For example:
- While the password is a widely accepted method, it provides an insufficient level of security. It can be copied with keyloggers and discovered by brute force attacks or simply by looking over the user's shoulder.
- OTP hardware tokens offer the maximum security, but they interfere with the user experience, especially in consumer-oriented systems requiring mobility. They are also more costly.
Furthermore, SaaS applications in the Cloud are increasingly being seen as an extension of corporate applications, and there is a tendency to extend the management of corporate access control and the auditing system to the Cloud.
Adaptive authentication entails combining authentication methods to provide the ideal compromise between security, costs and ease of use in each scenario. Different factors are used in each case, depending on system parameters, the context or user behavior.
Layered Security Approach
The TrustedX platform acts as an additional and transparent layer of security. It combines different authentication factors to increase the accuracy and security assurance of the electronic identification system in place.
- This approach minimizes the risk of fraud through effective measures against phishing and pharming attacks and has next to no impact on the user experience. Users can continue using their passwords. They are only prompted for an additional factor when a determined risk threshold is passed.
- Log record information is consolidated and report reliability is improved. This approach enables certifying the correct and reliable operation of the authentication process, establishing more controls and improving the rapid response to security problems.
Adaptive Authentication and Federation
The factors analyzed by TrustedX depends on system configuration and user habits. Biometric parameters can be analyzed, including:
- Recognition of user devices to detect when the connection is not made from a usual device.
- Behavior biometrics to detect when the user is not the owner of the password submitted.
- Use context to detect changes in system configuration, incoherent changes of IP address or time range changes.
TrustedX can be integrated into corporate Web applications. TrustedX is SaaS scalable, for which it provides single sign-on (SSO). It:
- Is easy to integrate in Web applications and corporate portals for consumers, employees, partners and suppliers.
- Provides controlled access to external applications, such as Salesforce and Google Apps, from anywhere.
System management is 100% centralized and done via policies that allow adapting the authentication factors for each user group (employees, partners, clients, etc.) and for each application according to the security level required in each case.