RSA’s Authentication Manager 8 Intro’s the Era of the “Infinite Factor”
RSA’s SecureID tokens may be the most ubiquitous example’s of “something your have” but, with the introduction of Authentication Manager 8, the company takes multi-factor authentication to a whole new level. The Authentication Manager is the brains behind RSA’s dynamic, risk-based authentication rules engine. As Manoj Nair, Sr. vice president and general manager of RSA Identity & Data Protection business group pointed out at a recent briefing, it’s high time to use profiles that take into account “the rich set of all factors available” for setting risk thresholds and supporting user authentication in real time.
RSA’s research has shown that, in spite of high awareness of the need to employ something more than PINs and Passwords, only 20% of enterprise IT departments deploy any form of “strong authentication. The result is significant fraud loss, due to weak identity authentication practices.
Authentication Manager 8 brings “Big Data Analyatics” to bear to support risk assessment and authentication thresholds in real-time. It takes into account factors that are provided in an active way – such as providing “one-time passwords” or entering a PIN, as well as the hundreds of passive factors that may include location, device characteristics, IP addresses and the like. RSA reasons that there literally hundreds of factors that can be taken into account and near-infinite combinations to support strong, dynamic, risk-aware authentication.
What’s interesting from the point of view of voice biometrics specialists is the all-encompassing nature of RSA’s vision for multifactor, indeed “infinite factor” authentication. It means that there is definitely a place at the table for voice-based authentication, as was true when Opus Research first looked at RSA’s Adaptive Authentication in 2006, when the company bought voice biometrics specialist Vocent.
The need was emphasized by the growth of mobile computing, Bring-Your-Own-Device (BYOD) and persistent threats to information security. IT and security specialists in companies of all sizes can no longer hide behind firewalls and session border controllers. Executives literally walk outside company boundaries on a regular basis. Customers, by definition, live outside the firewall and, highly personalized, “trusted” customer care will always require strong, dynamic user authentication.”Infinite factor authentication” makes trusted, conversational commerce possible.