Advanced contextual-based feature only triggered by risky logins, mitigating hacking attacks and reducing threat of data breaches while preserving user experience
Auth0, the identity platform for application teams, today launched Adaptive Multi-factor Authentication (MFA, a sophisticated security feature that helps reduce the threat of hacks and data breaches. Adaptive MFA is an important addition to Auth0鈥檚 expanding security portfolio鈥攚hich also includes Bot Detection, Breached Password Detection, Brute Force Protection, and Suspicious IP Throttling鈥攁nd is one of the platform鈥檚 most advanced context-based security features.
Adaptive MFA is designed to help companies address the inherent challenges of enabling security while preserving user experience. Unlike traditional MFA, which is triggered upon every login attempt and creates an additional step for the end user, Adaptive MFA only appears when a login is deemed risky. This is calculated by an overall risk score that measures abnormal behavior from known devices, impossible travel, and/or IP reputation. Customers can have the confidence that with Adaptive MFA, their end users are asked for secondary authentication only when behavioral signals don鈥檛 conform to usual patterns for a particular user.
For example, for a user who normally signs into their account at the same time every morning in San Francisco from a personal laptop, Adaptive MFA would only present a second factor authenticator if login was attempted outside of the region, usual timeframe, or from a different computer or IP address. Developers can determine how much weight each signal is given to define the risk score that sets off the trigger.
Many companies are reluctant to implement MFA鈥攑roven to be an effective defense against account hacking attacks鈥攐ut of fear of negatively impacting user experience and thus their conversion and retention performance. However, additional friction during the signup, login, or checkout experiences can affect user conversion/retention, resulting in lost sales, and can potentially increase support incidents. Forrester predicts that the MFA market will grow to $2 billion by 2023,聽and this anticipated growth signals the need for a more intelligent and contextually-based MFA solution.
鈥淎uth0鈥檚 mission is to provide secure access for everyone. Securing identities is core to that mission and this new capability adds to the already powerful features in our security profile, designed to counter a variety of sophisticated threats, such as automated attacks, account takeovers, and phishing attacks,鈥 said Shiven Ramji, Chief Product Officer at Auth0. 鈥淎daptive MFA should be a key consideration for any enterprise that has previously had to make a tradeoff between security and user experience. The ability to reduce friction while increasing security is a competitive differentiator for our customers.鈥
More detailed information on Adaptive MFA can be found here: When is MFA the Right Choice?(whitepaper) and on Auth0鈥檚 Multi-factor Authentication聽page.
About Auth0
Auth0 provides a platform to authenticate, authorise, and secure access for applications, devices, and users. Security and application teams rely on Auth0’s simplicity, extensibility, and expertise to make identity work for everyone. Safeguarding billions of login transactions each month, Auth0 secures identities so innovators can innovate, and empowers global enterprises to deliver trusted, superior digital experiences to their customers around the world.
