KuppingerCole Leadership Compass - Adaptive Authentication
A Resource Guide for CIOs and Security Professionals
This research can be used as a guide to aid information security professionals who are evaluating the attributes of risk-based policies. The goal of Adaptive Authentication is to provide the appropriate risk-mitigating assurance levels for access to sensitive resources. This latest report on Adaptive Authentication names ForgeRock as an Overall, Product and Innovation Leader.
Read the report to learn:
- Why ForgeRock is named an Overall, Product and Innovation Leader
- A comparative assessment: How eleven technology providers compare along vectors of product and innovation leadership
What is Adaptive Authentication?
Adaptive Authentication is the process of gathering additional attributes about users and their environments and evaluating the attributes in the context of risk-based policies. The goal of Adaptive Authentication is to provide the appropriate risk-mitigating assurance levels for access to sensitive resources by requiring users to further demonstrate that they are who they say they are. This is usually implemented by "step-up" authentication. Different kinds of authenticators can be used to achieve this, some of which are unobtrusive to the user experience. Examples of step-up authenticators include phone/email/SMS One Time Passwords (OTPs), mobile apps for push notifications, mobile apps with native biometrics, FIDO U2F or UAF transactions, hardware tokens, SmartCards, and behavioral biometrics. Behavioral biometrics can provide a framework for continuous authentication, by constantly evaluating user behavior to a baseline set of patterns. Behavioral biometrics usually involves keystroke analysis, mobile "swipe" analysis, and even mobile gyroscopic analysis.
Download the report for a more in depth definition of Adaptive Authentication.
KuppingerCole's research publications are the opinions of KuppingerCole's research organization.