KuppingerCole Leadership Compass - Adaptive Authentication
A Resource Guide for CIOs and Security Professionals
This research can be used as a guide to aid information security professionals who are evaluating the attributes of risk-based policies. The goal of Adaptive Authentication is to provide the appropriate risk-mitigating assurance levels for access to sensitive resources. This latest report on Adaptive Authentication names ForgeRock as an Overall, Product and Innovation Leader.
Read the report to learn:
- Why ForgeRock is named an Overall, Product and Innovation Leader
- A comparative assessment: How eleven technology providers compare along vectors of product and innovation leadership
-
What is Adaptive Authentication?
-
Adaptive Authentication is the process of gathering additional attributes about users and their environments and evaluating the attributes in the context of risk-based policies. The goal of Adaptive Authentication is to provide the appropriate risk-mitigating assurance levels for access to sensitive resources by requiring users to further demonstrate that they are who they say they are. This is usually implemented by "step-up" authentication. Different kinds of authenticators can be used to achieve this, some of which are unobtrusive to the user experience. Examples of step-up authenticators include phone/email/SMS One Time Passwords (OTPs), mobile apps for push notifications, mobile apps with native biometrics, FIDO U2F or UAF transactions, hardware tokens, SmartCards, and behavioral biometrics. Behavioral biometrics can provide a framework for continuous authentication, by constantly evaluating user behavior to a baseline set of patterns. Behavioral biometrics usually involves keystroke analysis, mobile "swipe" analysis, and even mobile gyroscopic analysis.
Download the report for a more in depth definition of Adaptive Authentication.
KuppingerCole's research publications are the opinions of KuppingerCole's research organization.