Identity theft, data breaches and online fraud are becoming more common and sophisticated every day. Millions of passwords are stolen or phished each year. In this environment it is clear that there is a need for something more than just password-based protection for employee, partner and customer access to valuable online resources. At the same time it is important to maintain a simple and positive experience for end users. Adaptive or risk-based authentication can allow you to evaluate a set of contextual factors related to an access attempt or transaction to better estimate the risk involved, without impacting the experience for legitimate users.
CA Risk Authentication is a powerful risk-based, adaptive authentication solution that works in real time to evaluate context, calculate a risk score, recommend actions and provide alerts/case management. It has a strong set of prebuilt rules to detect risk and an easy-to-use risk management console to adjust parameters or create new rules. The risk engine examines many factors including device identification, geolocation, IP address and user activity to evaluate risk. The calculated risk score is then fed into your policies to decide whether to authorize the current activity, request step-up authentication and/or send an alert or block the activity. This provides your organization with a transparent layer of protection against identity theft, data breaches and fraud.
CA Risk Authentication can be used to reduce fraud and protect users from Internet attacks whether they are shopping online or accessing confidential or private information via a Web portal or application. It also provides organizations the ability to enforce different levels of authentication depending on the user activity, transaction value and the calculated risk score.