RSA Adaptive Authentication for Web

Home > Products > RSA > RSA Adaptive Authentication for Web

Introduction: RSA Adaptive Authentication for Web

One Size Does Not Fit All

Different account types require different levels of security.
Different transactions are riskier than others.
Different customers prefer different types of protection.

How do you achieve the right balance of authentication without compromising the user experience or the bottom line?

Introducing RSA® Adaptive Authentication for Web.

RSA® Adaptive Authentication for Web is a comprehensive authentication platform providing cost-effective protection for your entire end user base. At the core of Adaptive Authentication for Web is Risk-based Authentication, a system that operates behind-the-scenes and applies to all users, regardless of the way they authenticate themselves. Fully deployed at dozens of leading organizations around the globe, Adaptive Authentication for Web has processed and protected over 2 billion transactions to date.

What Powers Risk-based Authentication?

The Risk-based Authentication system is supported by three underlying technologies - the RSA® Risk Engine, the RSA® eFraudNetworkTM, and the RSA® Policy Manager.

RSA Risk Engine: Protecting Against Tomorrow's Threats

The RSA® Risk Engine is a proven, self-learning technology that is uniquely designed to answer the needs of the rapidly changing online environment. The Risk Engine evaluates each online activity in real-time, tracking hundreds of indicators in order to detect fraudulent activity. A unique risk score between 0 - 1000 is generated for each activity. The higher the risk score, the greater the likelihood is that an activity is fraudulent. Available as an add-on feature, the Transaction Monitoring capability provides additional authentication beyond login activities.

RSA eFraudNetwork: Joining Forces to Fight Fraud

The RSA® eFraudNetworkTM is a cross-organization data repository of fraud patterns gleaned from RSA's extensive network of customers, ISPs, and third party contributors across the globe. When a fraud pattern is identified, the fraud data, transaction profile, and device fingerprints are moved to a shared data repository. The eFraudNetwork enables real-time proactive protection to hundreds of millions of online users worldwide that are actively connected to the network and is one of the many sources that feeds the Risk Engine in determining risk.

RSA Policy Manager: Defining Risk Policy

The RSA® Policy Manager allows organizations to customize their rule sets based on institutional risk policy, thus enabling instant reaction to emerging localized fraud patterns and effective investigation of any transactions deemed high risk. The Policy Manager translates institutional risk policy into decisions and actions through the use of a web-based Rules Management application, comprehensive rules framework, real-time configuration, and Performance Simulator for testing prior to production implementation.

The Most Choice in Authentication

Adaptive Authentication for Web enables organizations to choose from a host of secondary authentication methods, depending on the needs of end users. The Risk Engine can also help identify those users that require a second form of strong authentication. The various authentication choices offered include: