What is Continuous Authentication?
- IAM Glossary
- What is Continuous Authentication?
Continuous authentication is a security method that continuously validates a user throughout an entire session based on their behavioral patterns. Unlike traditional authentication, which only verifies a user when they initially log in, continuous authentication takes it a step further by taking into account changes in risk factors like location, device posture and other behavioral information.
Continue reading to find out more about how continuous authentication works, why it’s important and what kinds of continuous authentication methods there are.
How continuous authentication works
Continuous authentication begins with traditional authentication, where a user is asked to confirm their identity when logging into an account or application – typically with a username and password. After the user logs in, continuous authentication keeps track of their activity and collects information about them to build a persona. The user persona is based on their actions, behavioral patterns, biometric data, browser activity, IP address and time of access, as well as geographic device posture. A device posture check assesses the risk a device presents to a company and its networks. Suppose the application detects unusual behavior from the user. In that case, it will pause the session and ask them to verify their identity again using security questions or Time-Based One-Time Password (TOTP). If the user is unable to verify their identity, their access is revoked immediately.
How token-based authentication works
Continuous authentication is important because it protects confidential data from being accessed by unauthorized users. Cybercriminals can compromise a set of login credentials to access an account and steal Personally Identifiable Information (PII) to commit identity theft, financial fraud or other crimes.
Instead of implicitly trusting the user with the set of login credentials, continuous authentication constantly monitors the user’s activity and verifies their identity to ensure that the user who is logged in is truly who they say they are.
Types of continuous authentication methods
Continuous authentication uses different authentication methods to monitor and verify a user’s identity. Here are the types of authentication methods used in continuous authentication.
Password authentication
Password authentication uses a username and password to authenticate an individual. This is primarily used at the initial point of logging in when a user inputs their login credentials to access a system or account. Continuous authentication also uses password authentication to re-verify a user’s identity if it detects any abnormal behavior.
Biometric authentication
Biometrics are the physical and behavioral characteristics used to recognize an individual. This includes the person’s fingerprints, facial features, voice patterns, typing style, swiping patterns, physical movement and finger pressure. Biometric authentication is often used as a form of Multi-Factor Authentication (MFA). However, continuous authentication can monitor an individual’s biometrics to validate their identity throughout the session.
Adaptive authentication
Adaptive authentication scans the user’s devices both before and throughout the session. It looks at the context of the login, device posture and behavioral patterns to define how a user is authenticated and authorized in order to continuously evaluate users and enforce the proper security measures as needed.
Risk-based authentication
Risk-based authentication uses Artificial Intelligence (AI) to gain real-time visibility into the context of any login. It creates a risk score according to the context of the user’s request for access such as the type of device, location, network used, time of login and sensitivity of the requested resources. If the request for access exceeds the risk score, then the system will ask for more information such as a TOTP, security questions or biometrics.
Examples of continuous authentication
Here are some examples of continuous authentication.
Example 1: Max uses his phone to log in to his bank account every day at 7 PM from his New York City home. He checks his spending and looks for any unusual activity. However, Max’s bank noticed that he logged in from Germany at 2 AM from a desktop computer. Continuous authentication would have detected this suspicious behavior and would have revoked unauthorized access to Max’s bank account.
Example 2: Lauren logs in to her work email account every weekday morning at 9 AM from her work laptop in her San Francisco office. However, the IT administrators at her job noticed that she failed two times to log in to her account and successfully logged in the third time. Continuous authentication flags the suspicious login attempts and asks Lauren to re-verify her identity. She is successful, but continuous authentication continues to monitor her activity. It does not notice any further suspicious activity and lets Lauren continue to access her work email.
Advantages of continuous authentication
Here are the advantages of continuous authentication.
Enhances security
Continuous authentication helps enhance an organization’s security by ensuring authorized access. It discourages cybercriminals from exploiting attack vectors to gain unauthorized access since they can easily be detected and removed immediately. By continuously monitoring and verifying a user’s activity throughout a session, organizations can detect abnormal behavior and prevent unauthorized access and malicious activities by cybercriminals.
Improves user experience
Continuous authentication runs in the background and ensures constant security checks without inconveniencing the user. It also improves the workflow of IT administrators by automating the authentication process.
Disadvantages of continuous authentication
Here are the disadvantages of continuous authentication.
Privacy concerns
Continuous authentication brings many privacy concerns as it passively monitors a user’s activity. Some see continuous authentication as a breach of privacy and worry about how the collected data is being used. Organizations also have to ensure continuous authentication does not violate any regulatory compliance regarding privacy.
Technical issues
Although continuous authentication is made possible with the current technology, it still suffers from many technical issues. Continuous authentication is not always accurate and can issue false flags.