Combine a friction-free user experience with optimal security. Offer your user the authentication solution that suits their phase in the customer journey and takes into account their location, device reputation or the value of a transaction.
TrustBuilder helps you select the best suited authentication mechanism based on the sensitivity of the accessed application or resource and based on the user session context.
TrustBuilder uses Attribute-based Access Control (ABAC), which allows organizations to easily decide what attributes are needed for what level of authentication. Organizations can even create their own attributes to tailor the solution to their own particular requirements.
As TrustBuilder is built on the principles of openness and connectivity, we support different authentication mechanisms that an organization wants to use: from username / password to Multi-Factor Authentication, social identities, behavioral authentication. This allows organizations like retail banks to adapt the authentication mechanism to a resource’s level of sensitivity.
The Workflow Engine uses a graphical user interface to define dynamic authentication policies. Organizations can define the level of authentication required and what attributes are in play for what authentication, based on the customer journey.
Applications are not born equal, nor are resources or data. When granting users access to applications or resources, it is critical to know what level of authentication needs to be imposed on the user in question. Different authentication methods and mechanisms may need to apply.
Offer your customer authentication methods based on their behavior. Simple authentication for logging into your banks’ mobile app and additional authentication for making a financial transactions. And whenever the monetary value of transaction bypasses a certain threshold, the system will prompt a next step, for instance by using 2 Factor authentication.
Adaptive authentication is all about combining various methods and solutions to build an authentication journey based on the security sensitivity of the performed user action. Based on what resource a user wants to access, the context will be verified in order to derive the user’s privileges.
If a customer visits the website of a bank, no security is required: the marketing pages of a bank are open for everyone to see, even when a user wants to make a calculation for a loan. Based on some attributes such as the computer or IP address, the marketing department can already identify their customer to give the best rates. However, as soon as the user wants to consult his accounts, additional security will be requested, for instance by verifying a fingerprint or providing a pin number.
That might be sufficient for making a small payment or updating your beneficiaries, but whenever the monetary value of a transaction exceeds a certain threshold, the system will trigger and prompt a next step, for instance by using 2 Factor authentication, a software authenticator or even a hardware token. Or whenever the transaction is initiated from an unusual location, additional verification steps might be triggered.
In the above examples, the nature of the session (account balance check, payments, update beneficiaries, location…) are all attributes of a specific context and can invoke different or additional security policies.
Adaptive authentication is interesting, both for the consumer and for the organization giving access to its resources.
Consumers don’t want to be bothered with entering credentials when that is not needed. By applying adaptive authentication, you only ask customers for extra information when it is needed. By using lightweight and easy authentication mechanisms, companies can reduce the burden on their customers.
When organizations map out the customer journey, they can define at what moment stronger authentication is needed and incorporate diverse authentication methods like biometrics to enable passwordless login to eliminate bad user experiences, without compromising security.
Interested in more implementation info?
Check out our long read on the 5 keys to a successful implementation of your IAM.
In a real-world environment, adhering to just one standard or protocol is not enough.
Since openness is at the heart of TrustBuilder Identity Hub, we support multiple external repositories, third-party authentication technologies and external vendor solutions.
We support authentication through directories (Azure Active Directory, Microsoft AD), social login (Facebook, Google, LinkedIn), Identity Providers (eHerkenning, itsme, iDIN), and next to our own mobile authentication solution, we also support specialized security providers (Gemalto, HID, OneSpan, RSA).
If you do not find your preferred application or authentication method in our overview,
no worries: contact us to find our how we can deliver that connection.
Subscribe
Register for our newsletter and stay updated on IAM and TrustBuilder.
Engage in a chat with our product people to discuss IAM trends and challenges, and our solutions.
Take our Maturity Assessment to find out how you can accelerate your digital transformation.
Experience the power of TrustBuilder.io Suite through a demo, personalized to your challenges.
Visit our offices, send us a mail, call us, or simply fill out a contact form.
