Adaptive Security Identity Theft? – No Problem Thanks to Smart Solutions

Identity thefts are on the rise. At the same time, we have a growing potential for damage. New authentication solutions prevent misuse of stolen identities and help affected users to regain control over their identities after a theft.

Successful cyber attacks often start with someone stealing someone else's identity. You can do a lot of harm with stolen identities, from sending spam and accessing personal information and social networks to cyber mobbing and abuse of trading platforms and e-banking. Identities are often stolen by installing Trojans and other malware on the user's device. Malware is still mostly introduced by phishing methods, yet attacks via drive-by infections are gaining ground. In the arena of identity theft, badly maintained desktop systems, slowly reacting software providers and careless end users are an easy prey for highly professional attackers.

Authentication step-up on demand

This means, in other words, that identity theft cannot always be prevented. And while strong authentication methods largely prevent abusive logins, they make the login procedure rather cumbersome and should  only be used when necessary. Modern authentication solutions are capable of asking for strong authentication only for specific transactions, or on detecting an unusual access or use pattern. However, most internet services still rely on classic authentication methods. They are unable to recognize that some access is unusual and therefore might be done via a stolen identity. Identity theft therefore often remains undetected for too long, resulting in considerable potential for damage.

Recognize abuse and respond intelligently

The latest generation of authentication solutions is capable of detecting unusual behavior and responding intelligently. On the basis of characteristics such as a device fingerprint, geo-location, or time of day, the authentication solution assesses whether a standard login procedure is sufficient or unusual behavior such as access from a different device than usual calls for additional security. In the case of unsual circumstances or use patterns, the system can be configured to respond by, for example:

  • using additional authentication mechanisms (security question, mTAN, OTP …)
  • informing the user via a separate channel (SMS, e-mail …) about the access with the request to end the login session via a link if it was initiated by someone else
  • granting access to the service or application, but with restricted permissions (e.g., only displaying of information, no transactions)

Combine measures

The above measures can be combined and orchestrated as required to comply with the specific needs of an internet service. For example, when a suspicious pattern is detected, it is possible to allow access with reduced permissions, while simultaneously contacting the rightful owner of the identity via SMS. The SMS prompts the user to either confirm the access' lawfulness, or to block the unauthorized access and change the password. Alternatively, the system can grant access with restricted permissions and require additional authentication before executing a critical operation or transaction.

Of course, the distinction between normal and abnormal behavior requires an appropriate learning phase. This may mean that initially, the system increasingly requires strong authentication until the anomaly detection becomes effective. Alternatively, the system can start by applying a reasonable minimal security level, which is then increased step by step as the system gets to know user behavior and can apply adaptive security.

Conclusion: flexibility is key

Modern authentication solutions with built-in anomaly detection and adaptive security can significantly reduce the potential for damage in the case of identity thefts. However, for the solutions to be effective and accepted by the users, it is crucial that they are adapted to the specific needs of an application or service. In other words, flexibility is a key factor of success for intelligent authentication solutions.