Risk-Based Authentication: What's Context Got to Do with It?

By Troy Pressley ·

With the threat landscape increasing daily, it is necessary for organizations to ensure their authentication processes are a step above. In my 7+ years of working with RSA Authentication Manager, I truly believe understanding the context around risk-based authentication is a key practice for your security efforts. In the post "Risked-Based Authentication: What's Context Got to Do with It," the team from RSA explains how security technologies that take contextual data and potential consequences into account can help make intelligent, timely decisions.

"In the dynamic world in which we live, context is everything.  This holds true in the online world, too.  In our everyday lives, we constantly make decisions based on contextual data and potential consequences. Why shouldn’t our security technologies make decisions in similar, intelligent ways?  

As attackers adapt their methods and continue to steal mass batches of login credentials, static usernames and passwords provide little assurance of the true identity of the user behind the password. As a result, context-aware user authentication has become a necessary weapon in the battle to protect online identities. To be effective in today’s world, our authentication methods must be able to understand the context of a login attempt, analyze that context to determine risk and adapt requirements accordingly. This is precisely the goal of risk-based authentication." Read more.