preloder
Close
Skip to content
Reve Secure

Reve Secure

Reve Secure | Two Factor Authentication | Server Security | 2FA | Token based authentication

  • Product
  • App
  • Documentation
  • Pricing
  • Blog
  • Contact
  • Free Trial
  • Dashboard

Tag: Account Security

How adaptive authentication security decreases the probability of data breaches?

How adaptive authentication security decreases the probability of data breaches?

In our previous blogs, we discussed what is adaptive authentication , the need for adaptive two factor authentication, and how it works. With all the talk about adaptive authentication security and adaptability, adaptive authentication security layer proves to be a formidable. But, does it benefit organizations in reducing the number of attacks? Is it worth adding another complex technology to intricate security measures that are already in practice? What are the advantages of adaptive authentication?

Using Risk Profiles

Each end-user has a risk profile. This risk profile is compiled through machine learning. The adaptive authentication security algorithm learns from the end-users habits and behaviors, time of login, location history, IP address of the login request, and many more factors. The number of factors that are evaluated or analyzed depends on the needs of the organization. They can be tailored to fit the tolerance of the end-user or the regulatory requirements. These risk profiles are used as a standard while evaluating a user’s login, and they’re updated with each login attempt.

Using Risk Scores for Authentication

Adaptive authentication security algorithms use risk scores generated from the evaluation of variables and factors associated with a login. The factors used in generating risk scores may vary depending on the service provider. Each risk score is weighed against the user’s risk profile by the risk engine. The policy management server uses the outcomes of the evaluation to decide the course of action to be taken. Based on the results and security risks accompanying the login attempt, it may take any of the three actions:

  1. Step-up authentication for a high-risk login: employ additional authentication on the login request, ask the end-user to authenticate further, e.g. if the attempt originated from an unknown device or location
  2. Step-down authentication for low-risk requests: allow the user to bypass any additional authentication, e.g. if the attempt was made from a registered device from the same location and time it is always accessed from
  3. Deny login for critical requests: for login requests that have extremely high security risks, the adaptive authentication security service may deny the login request altogether to keep the account safe. E.g. if the login request originates from a malicious IP, or from a location that is quite impossible for the owner to be present at, the login request may be denied or put to further scrutiny

Advantages of Adaptive Authentication towards Security and Usability

Apart from its typical use, based on the risk score of the login, end-user’s access to resources may be controlled. Infinite factors can be put towards authentication, and because the evaluation takes place on the authentication server, there is no loss of resources or time on the user’s end. The risk score can be further used to limit access to information and resources available to the end-user for that specific login. The major benefit of adaptive authentication is that a single algorithm can be used to fulfill the security requirements of a large number of users and organizations.

Once adaptive authentication security is employed on a login server and the risk factors are defined for the login, the need to monitor or control logins and access to resources is greatly diminished. Adaptive authentication algorithms can learn both through supervised and unsupervised learning. A strong adaptive algorithm will deliver a foolproof security to the login process.

A single factor of authentication cannot fit all users and provide the same level of security for each of them. Adding more factors in a multi factor authentication process increases the friction and complexity of the entire system. Only through tailoring and modifying the authentication factors for each user can a balance between security and usability be maintained and adaptive authentication does a good job at delivering both.

Author Abhijeet GuhaPosted on July 9, 2018August 30, 2019Categories BlogTags Account Security, Adaptive Authentication, Adaptive Authentication Factors, Adaptive Authentication Security, Advantages of adaptive authentication, Cybersecurity, Risk Factor, Risk Profile, Risk Score

Twitter to support third-party 2FA apps

Twitter to support third-party 2FA apps

Security of valuable and vulnerable online available business and user’s data should be the utmost priority for the organizations. Recently, Twitter announced the approval of leveraging third party applications to support two-factor authentication (2FA) in strengthening Twitter’s users account security. Twitter announcement to support third-party 2FA apps may be seen as a major update in terms of improving security for their users.

The microblogging site is being used by millions of users including celebrities, well-known personalities and many large & small organizations across the globe. With the increasing users, large amount of user data and associated sensitive information, Twitter much needed this major security update as SMS based 2FA was not reliable and trusted. Even personalities like John McAfee, founder of McAfee, are finding themselves miserable in getting their twitter account secured and protected using existing security.

 

 

 

What made Twitter to upgrade its 2FA security ?

Earlier, Twitter used to deliver two-factor authentication to verify logins via SMS code, getting received on user’s registered mobile number or on mobile app. However, this 2FA method was identified with the probability of getting breached by intercepting the text messages, owing to the weakness in SS7 cell phone network, and thus these messages could be easily exploited and compromised.

Further, SMS based authentication involves the risk of getting SMS (stored in mobile and not deleted) accessed by some unauthorized user by any mean to gain account access. But, with twitter’s recent security update, users can now leverage the third-party’s two-factor authentication solutions like Google Authenticator and REVE Secure, which not only allow users to receive unique security code (that automatically gets refreshed or deleted after few seconds) on their devices, but delivers other convenient yet secure options of getting themselves authenticated.

Twitter’s rollout plan of allowing and enabling third party 2fa solutions is likely to improve the security of their users. If you are still securing your twitter account using only password or existing SMS-based authentication or protecting any other web-applications using single-factor(password) authentication, then you need to move on to a better & guaranteed 2FA solution like REVE Secure, which guarantees fullest protection to your accounts in a simplest and most effective manner.

Author Abhijeet GuhaPosted on January 2, 2018February 19, 2019Categories Blog, Two Factor AuthenticationTags 2FA, 2fa apps, Account Security, Online Accounts Security, sms based authentication, twitter

Posts navigation

Page 1 Page 2 Next page

To get our news feeds

Follow us

About

REVE Secure is a vertical of the REVE Group, a Singapore based conglomerate engaged in offering security solutions to enterprises through its products REVE Secure Multi-Factor Authentication, REVE Endpoint Security Solution and Secured Visitor Registration System.

Company

  • About Us
  • Contact Us
  • Blog

Product

  • REVE Secure 2FA Solution
  • Pricing
Privacy Policy Cookie Policy
Copyright © 2019, REVE Secure
 Logo Header Menu
Right Menu Icon
  • Product
  • App
  • Documentation
  • Pricing
  • Blog
  • Contact
  • Free Trial
  • Dashboard







* Special Characters not allowed