To create a Risk Based Access sign-on solution for this financial service company, it would require a Multi-Factor Authentication for transactions that are evaluated as “risky”, and provide a web single sign-on solution for applications within the company.
Created a Risk Profile for users and evaluate them through Risk Based Authentication with their device fingerprints using IBM Security Access Manager (ISAM) for Web and ISAM for Mobile.
Integrated the ISAM for Web and Mobile products with an SMS solution that provides users with text messages for Multi-Factor Authentication.
Protected the bank’s applications/resources against unwanted access using ISAM for Web.
In addition to the traditional password based authentication, users will be evaluated by their device fingerprints and allowed access based on the risk evaluation. They will be required to provide a secondary authentication for “risky” transactions. Also, users will no longer be required to sign-on to each of the bank’s applications and only authenticate once per session. This enhances the security of the bank while maintaining the ease of use for authorized users.