Ping launches service to combat MFA fatigue with behavioral biometrics and risk profiles

Adaptive authentication can combat MFA fatigue attacks to prevent account takeovers, according to Ping Identity. PingOne Protect is a new service from Ping that uses mitigation tools to block attacks and make it easier for legitimate users to authenticate, according to a company announcement.

PingOne Protect detects and prevents bots from log-in attempts by using UEBA to determine unusual behavior. The service also develops a risk score for users to drive identification, authentication, and authorization policies.

It determines the score by evaluating multiple risk signals such as user and entity behavior analytics, behavioral biometrics, IP and network reputation telemetry, and device telemetry, among others. By evaluating risk for an individual, the service can prompt second-factor authentication only when necessary.

Low-risk users can use ‘remember me’ and 'trusted device’ passwordless login features while users with moderate risk may be prompted to go through a password reset process, use biometric identification, or be asked to use a QR code. High risk users may be outright denied or their session may be killed.

The service also provides insights for organizations to determine their risk posture. Insights include risk events distribution, high-risk locations, riskiest users, and browser and operating systems distribution.

By using both IAM and intelligent fraud mitigation into a single platform, "businesses gain greater agility and visibility into the user journey and can deliver a tailored approach to preventing fraudulent activity based on the individual's level of risk," says Andre Durand, CEO and founder of Ping Identity.

The 1Kosmos BlockID distributed identity cloud service is now listed on AWS Marketplace, making it easier for customers to procure, test and deploy the software that runs on AWS. The service unifies identity verification and passwordless authentication in one integrated platform.

The BlockID cloud service prevents identity impersonation, account takeover, and fraud while streamlining the login experience. The service features a simple user onboarding process, user-managed privacy controls, and developer-friendly SDK, APIs and over 50 built-in integrations. The service's advanced live biometric authentication eliminates spoofing and verifies users with over 99 percent accuracy, the company says.

The AWS Marketplace features Block ID Workforce and Block ID Verify. Block ID Workforce is designed to give IT and security teams the flexibility to tailor levels of identity assurance to different workers or users. BlockID Verify streamlines the onboarding process with self-service identity verification. The service has a 99.6 percent Target Accept Rate and 0.01 percent False Accept Rate, according to the announcement.

BlockID performs millions of authentications each day for some of the world's largest banks, telecommunications, and healthcare organizations. The platform is certified for NIST 800.63.3, FIDO2, PAD-2 and ISO 27001. It is also compliant with GDPR and SOC2 requirements.

"AWS Marketplace makes BlockID accessible to AWS customers with a streamlined procurement process," says 1Kosmos COO Huzefa Olia. "Meanwhile, our DevX environment eliminates the need for prospects to install the 1Kosmos BlockID platform to perform proof of concept trials."

This site uses Akismet to reduce spam. Learn how your comment data is processed.