Context-based authentication offers convenient, frictionless strong authentication while maintaining the flexibility and agility to add protection with stronger methods of security in higher risk situations.
Combined with “step-up” authentication, context-based authentication optimizes a layered approach to access security by assessing user login attributes and matching them against pre-defined security policies. When security policies are met, users are granted immediate access. When security policies are not met, users are asked to step up security by providing an additional authentication factor, eliminating the risk of unauthorized access.
A step up second factor could be a PKI token or a one-time passcode received via SMS text message, or generated on a mobile device or hardware token, depending on organizational policies.