Best Risk-based Authentication Software

Risk-based authentication (RBA) solutions are identity management products that weigh user variables to determine and identify threats. Companies use RBA software to increase the effectiveness of user governance and authentication procedures. Users who are determined to be riskier are required to provide additional authentication information. These analyze IP addresses, devices, behaviors and identities to set customized authentication methods for each individual user attempting to access the network. Non-suspicious users accessing applications from known devices, locations, and networks may be automatically signed in. Suspicious users may be required to prompted to provide SMS code, biometric verification, or email confirmation actions to properly verify their identity.

Risk-based authentication products often contain multi-factor authentication features, but set unique requirements based the administrators configuration. RBA tools may work in sync with cloud identity and access management products, but typically only provide the authentication component, rather than the application access and governance components.

To qualify for inclusion in the risk-based authentication category, a product must:

  • Assess a user’s unique network, device, and behavior to determine risk
  • Prompt authentication measures after assessment
  • Utilize authentication methods such as SMS, questioning, or email confirmation
  • Periodically store and update suspicious networks, devices, and behaviors
Compare Risk-based Authentication Software
    Results: 36

    Star Rating

    Risk-based Authentication reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.

    Centrify Application Services improves end-user productivity and secures every user’s access to apps. IT teams that leverage Centrify's Application Services are able to support internal users (employees, contractors) and external users (partners, customers), wherever they are. Components of Centrify Application Services: Single Sign-On – One-click access to your cloud, mobile and on-premises apps. No more forgotten passwords, no more user confusion. Adaptive MFA for App Access – A common sense approach to multi-factor authentication with risk-based policy that does not hinder end-user productivity. Workflow & Lifecycle Management – Automatically route application requests, create accounts, manage entitlements within those accounts, and revoke access when necessary. Provision users across apps, all from a central control point. Mobility Management – Manage devices, secure native mobile apps and provide context for smarter access decisions. App Gateway – Provide your IT administration teams with secure, granular access to infrastructure regardless of location and without the hassles of a VPN. More about Centrify: Centrify delivers Zero Trust Security through the power of Next-Gen Access. Centrify verifies every user, validates their devices, and limits access and privilege.   Centrify’s Next-Gen Access is the only industry-recognized solution that uniquely converges Identity-as-a Service (IDaaS), enterprise mobility management (EMM) and privileged access management (PAM). 
 Founded in 2004 by Tom Kemp, Adam Au and Paul Moore, Centrify is customer funded by over 5,000 customers and backed by top tier investors including Accel Partners, Mayfield, Sigma West, Index Ventures, Samsung Ventures, NTT Docomo and Fortinet.

    Okta's Adaptive Multi-Factor Authentication is designed to be a security solution for all applications.

    Apache Sentry is a system for enforcing fine grained role based authorization to data and metadata stored on a Hadoop cluster.

    RSA Adaptive Authentication is a complete fraud detection platform that leverages risk-based, multifactor authentication to protect users accessing websites, online portals, mobile browsers and mobile apps.

    Silverfort delivers strong authentication and adaptive Multi-Factor Authentication (MFA) across corporate systems including on-premise, cloud and hybrid environments, from a unified platform, without deploying any software agents or gateways and without modifications to endpoint or servers.

    ThreatMetrix is a digital identity company that provides cloud solutions for authenticating digital personas and transactions on the internet.

    Clearlogin Single Sign-On & Cloud Identity App Dashboard integrates with hundreds of apps and supports custom integrations. Grant and revoke access for groups and individuals with a single click. Give users access to the apps they use every day, from anywhere. Receive reports and alerts on all aspects of user access, including unsuccessful login attempts, password changes, geography and browser data. Mitigate potential risks and take comfort in an extra layer of security with enhanced authentication features.

    IBM Security Risk Based Authentication Solution provides transparent evidence-based fraud protection coupled with user access management.

    RSA SecurID Risk-Based Authentication is designed to enhance the traditional username and password log-in experience with a risk scoring engine that validates the legitimacy of user access requests.

    Acceptto is a cybersecurity company providing identity protection and Cognitive Continuous Authentication, threat modeling and analytics in a SaaS-based operating model.

    Authenticate: Desktop is an identity management software that checks identity and age.

    BehavioSec provides a layer of security that lets your customers authenticate themselves through the unique ways they type, swipe and hold their devices.

    BioCatch offers behavioral authentication and malware detection for web and mobile applications.

    CA Advanced Authentication is designed to provide a secure, user-convenient and cost-effective way to protect mobile and web applications.

    Every day the threats from cybercrime are evolving, meaning the traditional one-size-fits-all approach to cyber security risk management either results in too much or too little security. Forget the stress and risk of outdated password-based logins. Callsign makes it easy with a secure authentication solution that works the way you and your users want. Protect your Enterprise with seamless authentication, anywhere, anytime. It’s smooth sailing for you and your users because behind the scenes we run a highly configurable Intelligence Driven Authentication platform, that uses multiple layers to recognize users through deep learning based upon location, behavior, device and biometrics. Unlike anything else, Callsign is an innovative and agile solution that future-proofs authentication and puts you back in control.

    CA Risk Authentication is a powerful risk-based, adaptive authentication solution that works in real time to evaluate context, calculate a risk score, recommend actions and provide alerts/case management. It has a strong set of prebuilt rules to detect risk and an easy-to-use risk management console to adjust parameters or create new rules. The risk engine examines many factors including device identification, geolocation, IP address and user activity to evaluate risk. The calculated risk score is then fed into your policies to decide whether to authorize the current activity, request step-up authentication and/or send an alert or block the activity. This provides your organization with a transparent layer of protection against identity theft, data breaches and fraud.

    Frictionless Authentication for Digital Channels. It's a mobile-driven world now, and authentication must innovate to keep up with customer demands for convenience without compromising on security.

    DIGIPASS for Apps Behavioral Authentication is designed to provide an invisible layer of security that continuously authenticates end users by the unique ways they interact with their computer or mobile device via keystroke, swipe pattern, mouse movement and more.

    Insider Threat Protect intellectual property and detect insider threats to data and critical systems with user analytics, behavior profiling and rich context to user actions.

    User & Entity Behavior Analytics: AI-fueled behavior analytics to identify real entity risk

    HYPR provides decentralized biometric security for the Internet of Things.

    IdentityGuard adaptive authentication is designed to provide strong, transparent security to authenticate users and transactions based on risk profiles.

    Launching active User Behavior Analytics (UBA) to protect your organization from internal and external cybersecurity threats.

    Developed specifically for online payment service providers, Kount Central protects payment processors, payment gateways, acquiring banks, ecommerce platforms, hosted pay (shopping cart) pages, and the merchants they serve from the devastating effects of fraud, all while delivering new revenue opportunities. Kount Central is a comprehensive fraud prevention suite for online payment processors, payment gateways, hosted payment pages and ecommerce platforms. Kount Central was developed to protect both the payment service provider and their entire merchant portfolio while offering new, value-added services and additional revenue streams.

    Modirum 3D Secure is a XML-based messaging protocol designed to enable cardholders to authenticate themselves with their card issuer while making card-not-present (CNP) online purchases.

    NetIQ Advanced Authentication is a two-factor authentication solutions that includes event logging, high availability, multi-factor authentication, and broad platform support.

    NuDetect provides solutions designed to prevent high-risk account creation by detecting unwanted users, anomalies, and automation.

    Pindrop solutions identify fraudsters based on anomalies in their calls, allowing us to detect spoofing, forwarding, suspicious call origins, and other indications of fraud.

    At the heart of the Platform are a set of core capabilities including multi-dimensional data analysis, behavioral analytics, continuous risk assessment, adaptive response enforcement and a robust and flexible policy engine. These capabilities help to power the Platform for delivering a scalable set of applications that help customers prevent threats and support broad set of use cases. The applications include:

    SecureAuth IdP streamlines secure access into all applications and resources with one set of credentials; regardless of cloud, mobile, web or VPN resources. IdP enables any device with any identity type to authenticate to any identity store using any VPN to access any application — offering unparalleled choice and flexibility. SecureAuth puts strong adaptive authentication in front of SSO across all applications (on-premises, cloud, mobile and homegrown) to ensure maximum protection without compromising the user experience.

    LexisNexis Small Business Risk Score leverages our vast repository of consumer and business public records content and applies advanced analytics to create a non-traditional business credit check that includes a blended risk scoring solution to assess businesses that don't have an established line of credit.

    Smart Authentication (SA) is the ultimate solution for customer authentication and transaction signing, based on behavioural and risk based continuous evaluation, designed for innovative e-payment services.

    CryptoDocument Orchestrator Module has the ability to orchestrate the encryption of tens of millions of documents within a business application.

    Typing biometrics is a keystroke dynamics verification technology suitable for SaaS, web apps, eLearning(LMS), ePayments and devices.

    The Next Generation Platform for Identity and Authentication Hate passwords? So do we. We believe that within five years, passwords will no longer be the predominant method of authentication. We are UnifyID, a company that is building a revolutionary identity platform based on implicit authentication. Our solution allows people to identify themselves in a unique way that is extremely difficult to forge or crack. Best of all, we are doing it in a way that respects user privacy. We are developing a revolutionary new technique for authentication that relies on implicit authentication. These are factors that are unique to you but don’t require any user action, such as your location, your habits, and various signals from the devices you carry and the sensors around you. We use proprietary machine learning algorithms to discover what makes you unique and calculate a confidence level of how likely it is you based on these signals.

    Zighra is a mobile security company that provifes patented continuous authentication and behavioral fraud detection powered by artificial intelligence.