Risk-Based Strong Customer Authentication

Clients are complex entities, they interact through multiple devices, from different locations and channels. ThreatMark understands unique features of a digital identity, and can enhance your business flow by upgrading your curent authentication model to modern risk-based strong customer authentication, fully compliant with PSD2 requirements.

Enhance your Business Flow

The ThreatMark solution gathers data about devices, user behavior, transactions and other contextual data across digital channels, and validates each event. It combines machine learning-based threat intelligence, transaction monitoring and behavioral biometrics to tell whether each authentication step or transaction is performed by a legitimate user or an attacker. Each event is scored in real time, and the score is used by the backend system to decide whether a user can be authenticated, a transaction authorized, or an additional factor should be required to validate the operation. As most users will be classified as legitimate, they will experience frictionless authentication and transaction authorization. The system will invoke strong authentication for high-risk logins and transactions only, meeting the PSD2 requirements. As a result, less than 15 % of logins will need to go through manual multi-factor authentication, which will reduce friction dramatically.

PSD2 states that the behavioral biometrics can be used as a independent authentication factor (inherence), so all users go through multi-factor strong customer authentication, but with minimal friction, as they only have to enter the first factor (typically login and password). The multiple factor authentication is augmented by passive behavioral biometrics, and the required level of security and user experience is kept.

Strong and seamless authentication prevents account and session takeover, decreases friction by reducing the number of second factor authentication and authorization requests, and also saves money on SMS OTPs. Our case study shows that a bank with two million uses can save up to one million euro a year by implementing this adaptive authentication approach.