Combine risk-based step-up MFA with passive contextual authentication for optimal cost effectiveness, usability and security
While contextual authentication is seen as complementary to active and explicit authentication factors today, Ping Identity expects things to change in the future. We see contextual authentication becoming the norm and explicit authentication used less frequently.
This white paper proposes best practices for customer and enterprise deployments of step-up multi-factor authentication (MFA). It explores a risk-based approach that combines dynamic step-up authentication with passive contextual mechanisms, such as geolocation and time of day, for the optimal combination of cost-effectiveness, usability and security.
Download this white paper to learn about:
- Authentication in depth, including its vocabulary, mechanisms and signals
- Choosing the right MFA mechanisms for your environment
- Applying a risk-based model to step-up MFA
- Best practices in step-up MFA, including risk analysis, choice of authentication factors, privacy, lock-out, registration, user opt-in, suspension and bypass, self-service, native applications, initial authentication and multiple touch points/channels