Context Based Authentication for Customer Single Sign-On

Customers expect a single sign-on experience to all the services you offer. But when their authentication is based on passwords alone, neither you nor your customers are sufficiently protected. ThreatMetrix™ easily integrates with customer Single Sign-On (SSO) solutions to provide frictionless two-factor, context based authentication – significantly strengthening the system’s security – without impacting your customers’ experience.

Many enterprises today offer their customers access to numerous internal and external applications and services. Providing a SSO experience to this mash-up of applications is critical. Unfortunately, most SSO solutions rely on traditional fixed passwords – which are easily compromised and are no longer considered best practice for many businesses.

Context based authentication has emerged as a straight forward, yet very secure mechanism to augment passwords – significantly improving the security and strength of customer authentication without altering their experience.

ThreatMetrix can easily integrate with any single sign-on solution, providing enterprises with a context based authentication solution for their customer base that is both quick to implement and cost effective.

 

diagram-customers-web

ThreatMetrix Context Based Authentication for SSO Systems

ThreatMetrix utilizes real-time advanced device profiling and data from the largest shared global trust intelligence network to evaluate the entire context surrounding each customer authentication. This includes:

  • Device analytics: Composed of uniquely identifying each device, determining its location, association with the customer, and ties to criminal activity or hacker rings; detecting the presence of anonymizers, bots or malware; and exposing other anomalies that may indicate hacking or a compromised device.
  • Identity analytics: Pinpointing customer association(s) with the service provider and other trusted entities, and reporting any history or affiliation with crime, fraud, or hacking activities.
  • Behavior analytics: Analyzes normal login patterns such as login frequencies, locations, typical access times, login names, and devices used.

This completely transparent authentication system not only evaluates the entire login context, but adds two-factor authentication capabilities by verifying something the customer has (one or more known specific devices), and something the customer actually is (their Persona ID).

ThreatMetrix SSO Integration Overview

ThreatMetrix can collaborate with any SSO vendor to add context based authentication to your customer facing portals and applications. The integrated solution works in three distinct steps:

  • When customers log into the SSO system, ThreatMetrix – in real time – analyzes the connecting device, associated online personas, transaction context and past behavior
  • The resulting analysis is used by a global policy engine that lets businesses define appropriate risk and trust levels to determine access
  • Based on achieving a predefined level of trust, customers are granted access through the SSO system to all associated applications and online resources

Click here to learn about an example ThreatMetrix SSO integration with Ping Identity.