SecureAuth Named a Leader in KuppingerCole Leadership Compass Report for Customer Identity and Access Management

Continuous Authentication: How Authentication Can Continue Post Authorization

Dr. Abdulrahman Kaitoua
December 26, 2019

Get the latest from the SecureAuth Blog

Authentication shouldn’t stop at sign in. Learn how continuous authentication can enhance network security post-authorization.

A staggering 81% of corporate data breaches are a direct result of poor password practices or stolen passwords.

What does that mean for your business? It means that once a cybercriminal gets ahold of an employee’s password, they have their level of access to your data and other accounts.

This is why we believe that authentication shouldn’t stop once your password is accepted. Furthermore, we recommend using continuous authentication which can lock out a criminal before they get far enough to do any damage.

Keep reading to learn more about continuous user authentication and behavioral biometrics.

What is Continuous Authentication?

Traditional authentication required users to include one or more of the following to access an account:

  • Something they know, such as a password or date of birth
  • Something they have, such as a second device that can receive a code
  • Something they are, such as a fingerprint

Two-step authorization was developed after one-step authentication was no longer enough to protect people from cyberattacks. However, with advances in technology, even two-step authentication is no longer the best option.

This is where continuous authentication comes into play. This constantly tracks the activity of the user to determine how likely it is the current user is actually authorized.

If there are any red flags, they may be asked to provide additional authentication to continue or be prevented from performing certain actions until their identity can be confirmed.

How Behavioral Biometrics Work

One of the most common types of continuous authentication is known as behavioral biometrics or biobehavioral authentication.

The most simple way to explain it is that a computer program studies the way a user acts normally and uses those metrics to determine if someone else may have taken over the account.

For example, let’s say you have an employee that spends nearly all of their time using a marketing program and their average typing speed is 90 words per minute. They also stop working at exactly 5 pm every day.

If someone tried to take over their session at 9 pm, immediately accessed accounting software, and was only typing around 20 words per minute, this would alert your system to a possible breach.

At that point, whoever was attempting to use that person’s account could be locked out, preventing them from getting into your company’s files. You could then look into the situation to determine if a breach occurred or there was a more benign explanation.

In addition to having this system work automatically, you can also set up specific parameters for security. For example, you can prevent anyone from logging in outside of specified hours or from any outside devices.

Let Us Protect Your Company

Now you know how continuous authentication works and how using behavioral biometrics will protect your company’s data. As you can see, these add a layer of security that is unmatched by passwords alone.

Here at Acceptto, we only adhere to the highest industry standards when it comes to data security. Let us help your company reach those standards as well by contacting us today.

Related Stories

Pin It on Pinterest

Share This