Risk-based Authentication (RBA) provides a flexible layer of security to your websites and applications that increases the level of authentication required for end users only when necessary. For example:

  • When the user’s past behavior, or Client Reputation, indicates an increased security risk
  • When the user attempts a sensitive action, or High-value Transaction, such as making a purchase or accessing personal account information

This means trusted users can simply log in with a password or their social account to access your site, an easy and low-friction experience. Meanwhile, risky users or actions are required to supply an additional form of authentication before they can continue.

This section will guide you through implementing RBA in Hosted Login.