It used to be that adaptive authentication (also called risk-based authentication or RBA) forced a trade-off between usability and security, but that is no longer the case. A few years ago, security managers placed security above usability, forcing users to be like Chicago voters: authenticate early and often. Today’s RBA tools can improve overall customer experience and help compliance regulations as well as simplifying a patchwork of numerous legacy banking technologies.
Based on my experience with some of these products, RBA has matured and become more compelling, particularly when compared to static and more traditional multi-factor authentication (MFA) methods. RBA has also become more compelling as the typical enterprise attack surface has expanded and evolved.
In this article for CSOonline, I discuss some of these compelling reasons for RBA, some of the leading RBA vendors, and what potential buyers should consider.