Once users have access to a portal or applications, it is important to identify that the same users are returning in order to maintain security of the system and guard against account take-over, data loss and theft. Multifactor authentication is a simple yet secure way of knowing who is using your applications and ensuring that they are exactly who you expect them to be.
Our strong, multi-factor authentication product offers a range of layered, secure authentication methods in a single integrated platform. It delivers secure one-time passcodes via multiple vectors:
SMS (text messages)
Mobile app
Voice message (IVR)
Hard token
Out-of-band delivery of quickly expiring, one-time passcodes confirms that the person possessing the passcode is the one attempting to access your systems. Multiple authentication vectors ensure high-level security with user-required flexibility and usability.
If a biometric method is required or desired, two-factor authentication can also be done through voice biometrics – a secure, software-based method that doesn't require special hardware or detailed training.
Progressive authentication is our term for the best practice we pioneered—using an integrated set of tools and processes for situation-based authentication of known users seeking access to secure networks, data, and applications.
Based on your policy decisions, our solution will trigger authentication challenges at login or when suspicious transactions, unknown or risky devices, or out-of-norm behavior is recognized. These security authentication parameters can be customized in real-time for users both inside and outside your organization, progressively presenting authentication challenges based upon the latest threat assessment.
CA Risk Authentication is a powerful risk-based, adaptive authentication solution that works in real time to evaluate context, calculate a risk score, recommend actions and provide alerts/case management. It has a strong set of prebuilt rules to detect risk and an easy-to-use risk management console to adjust parameters or create new rules. The risk engine examines many factors including device identification, geolocation, IP address and user activity to evaluate risk. The calculated risk score is then fed into your policies to decide whether to authorize the current activity, request step-up authentication and/or send an alert or block the activity. This provides your organization with a transparent layer of protection against identity theft, data breaches and fraud. CA Risk Authentication can be used to reduce fraud and protect users from Internet attacks whether they are shopping online or accessing confidential or private information via a Web portal or application. It also provides organizations the ability to enforce different levels of authentication depending on the user activity, transaction value and the calculated risk score.