BELLEVUE, Wash. – Dec. 15, 2020 – Auth0, the identity platform for application teams, today launched Adaptive Multi-factor Authentication (MFA), a sophisticated security feature that helps reduce the threat of hacks and data breaches. Adaptive MFA is an important addition to Auth0's expanding security portfolio—which also includes Bot Detection, Breached Password Detection, Brute Force Protection, and Suspicious IP Throttling—and is one of the platform's most advanced context-based security features.
Adaptive MFA is designed to help companies address the inherent challenges of enabling security while preserving user experience. Unlike traditional MFA, which is triggered upon every login attempt and creates an additional step for the end user, Adaptive MFA only appears when a login is deemed risky. This is calculated by an overall risk score that measures abnormal behavior from known devices, impossible travel, and/or IP reputation. Customers can have the confidence that with Adaptive MFA, their end users are asked for secondary authentication only when behavioral signals don't conform to usual patterns for a particular user.
For example, for a user who normally signs into their account at the same time every morning in San Francisco from a personal laptop, Adaptive MFA would only present a second-factor authenticator if login was attempted outside of the region, usual timeframe, or from a different computer or IP address. Developers can determine how much weight each signal is given to define the risk score that sets off the trigger.
Many companies are reluctant to implement MFA—proven to be an effective defense against account hacking attacks—out of fear of negatively impacting user experience and thus their conversion and retention performance. However, additional friction during the signup, login, or checkout experiences can affect user conversion/retention, resulting in lost sales, and can potentially increase support incidents. Forrester predicts that the MFA market will grow to $2 billion by 2023, and this anticipated growth signals the need for a more intelligent and contextually-based MFA solution.
"Auth0's mission is to provide secure access for everyone. Securing identities is core to that mission, and this new capability adds to the already powerful features in our security profile, designed to counter a variety of sophisticated threats, such as automated attacks, account takeovers, and phishing attacks," said Shiven Ramji, Chief Product Officer at Auth0. "Adaptive MFA should be a key consideration for any enterprise that has previously had to make a tradeoff between security and user experience. The ability to reduce friction while increasing security is a competitive differentiator for our customers."
Auth0’s modern approach to identity enables organizations to provide secure access to any application, for any user. The Auth0 platform is a highly customizable identity operating system that is as simple as development teams want and as flexible as they need. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. For more information, visit https://auth0.com.
Matter for Auth0
(1): Forrester Analytics: IAM Software Forecast, 2018 to 2023 (Global)