September 20, 2018
Corporate network perimeters are fast disappearing. Sensitive applications are being exposed to hackers across the globe because organizations are adopting cloud-based applications and allowing increased access from the Internet, as well as responding to the evolution of Bring Your Own Device (BYOD). As a result, traditional password-based authentication is no longer a strong enough security measure to protect user accounts.
Passwords Alone are Ineffective
Passwords are often the weak link in the security chain. Studies show that despite security training and policies, most users continue to select weak passwords. Even so-called “strong passwords” can be cracked by skilled hackers within minutes, or purchased on the dark web as a result of an earlier breach.
Relying on passwords alone can be a dangerous strategy for any security-conscious organization, particularly one deploying single sign-on. In such a scenario, only one password is needed to access all applications. If that single password was hacked or compromised, unauthorized users or criminals could access every one of the systems available via single sign-on.
While software and hardware tokens are available to strengthen security with two-factor authentication, they can be expensive, taking significant resources to roll out and support. Such solutions also require substantial user interaction and care, often leading to user resistance.
ThreatMetrix Context-Based Authentication for PingFederate
ThreatMetrix brings two-factor, context-based authentication to PingFederate enterprise deployments by adopting a layered approach to effectively distinguish between legitimate customers and cybercriminals in real time. It positively identifies users and their devices, providing advanced security without negatively impacting the user. No tokens, servers, or other infrastructure elements are required. Authentication is invoked with a single call, making integration straightforward and cost effective. Key features of the ThreatMetrix Platform include:
The ThreatMetrix Digital Identity Network
The ThreatMetrix Digital Identity Network leverages global shared intelligence from millions of daily consumer interactions including logins, payments and new account originations. This establishes a unique picture of true digital identity by analyzing myriad connections between devices, locations and anonymized personal information.
Defining User Identity and Behavior Patterns to Identify Threats
Digital Identities within the ThreatMetrix Digital Identity Network show a pattern of trusted behavior by incorporating anonymized non-regulated personal information such as user name, password and email address with device identifiers, connection and location characteristics.
Device Profiling to Detect High-Risk Anomalies
ThreatMetrix profiles all devices requesting access (desktops, laptops, smartphones, or tablets), to identify the presence of malware or other anomalies that might indicate a high-risk transaction.
Benefits of Ping Identity Integration
Enterprises using PingFederate who enhance their security with the ThreatMetrix Cybercrime Protection Platform can experience the following benefits:
- Confidence to deploy Ping Identity solutions, knowing that the system is protected with two-factor, context-based authentication.
- Frictionless, transparent authentication, allowing legitimate users easy access without the use of tokens.
- A strong and inexpensive authentication solution that is easy to acquire, deploy, and manage.
- An extension of strong authentication to all cloud and Internet-accessible applications.
- The ability to take advantage of social or other federated password systems without worry.
- Strengthened security for your remote employees and workforce.
- Compliance with industry regulations, such as HIPPA, COBIT and SOX, that require the use of strong authentication.
- Cost effectiveness through working with existing infrastructures, (the platform integrates directly through PingFederate and can be implemented in hours).
The ThreatMetrix Advantage
ThreatMetrix offers the broadest combination of defenses available, all in a solution that does not burden your IT resources or your users.
Rapid, lightweight deployment:
The SaaS-based ThreatMetrix Cybercrime Protection Platform secures access to your applications without the need to add or deploy servers, user tokens, or additional infrastructure.
Login protection without additional friction:
Unlike strong authentication solutions that require token deployments and extra user steps to login, the ThreatMetrix solution easily secures all logins without any added burden on users.
A Personalized Solution for your Business:
ThreatMetrix offers a powerful yet easily customizable Policy Engine that allows you to incorporate your own business processes and tolerance for risk.
Up-to-date, global insight:
Integration with the ThreatMetrix Digital Identity Network gives you constant access to current fraud intelligence, including known botnets, global device behavior, and the identity of known fraudsters.
ThreatMetrix delivers near instant real-time insight, so you can identify fraudsters before they compromise your business.
Detailed Analysis and Reporting:
ThreatMetrix provides visualizations and analytical reports to enable your analysts to understand enterprise application activity, and take proactive steps to improve security and reduce fraud.