Introduction to Adaptive Authentication

It is not a good idea to use a username and a static password as the authentication method for logins since it dramatically increases the risk of unauthorized access to services and information against the number of growing cyber-attacks. The next step is having MFA. MFA means Multi-Factor Authentication. It is a security system that verifies a user’s identity by requiring multiple credentials. Rather than just asking for a username and password.

Although Multi-factor authentication (MFA) can help to reduce the risk, does MFA affect usability? I think it affects, security and ease of use are often directly in conflict with each other. People do not like to enter OTPs or answer security questions whenever they try to login to a system. In this case, Adaptive authentication coming to play their role.

Adaptive MFA improves the user experience while also improving security. Users are only asked to provide an additional authentication factor when necessary. The reason is adaptive authentication users authenticate with a first factor, which is usually username and password. Then the authentication process checks contextual information such as IP, tenant, user role, etc. If the context doesn’t match the predefined policy, then only the system requests a second authentication method. Therefor adaptive authentication is a secure and flexible form of authentication.

Example used by the WSO2 Identity Server

The WSO2 Identity Server (IS) management console provides an authentication script editor that allows you to define authentication scripts using JavaScript. The script editor provides a set of predefined templates that you can use to easily set up adaptive authentication for some of the most common authentication scenarios.

The authentication script editor of the WSO2 Identity Server Management Console

Some of predefined templates of adaptive scripts in WSO2 Identity Server.
1.Role-Based Adaptive Authentication
2.Tenant-Based Adaptive Authentication
3.New-Device-Based Adaptive Authentication
4.IP-Based Adaptive Authentication

WSO2 Identity Server

As we discussed adaptive authentication enables ensuring security without impacting usability at the time of authentication thereby providing an enhanced user experience. If you are looking to add adaptive authentication to your system, use the WSO2 Identity server for a better and secure experience.

Have a Good Day!!

Reference — WSO2 Documentation