Overview of context-based access

Edit online

Context-based access provides access decision and enforcement that is based on a dynamic risk assessment or confidence level of a transaction. Context-based access uses behavioral and contextual data analytics to calculate risk.

Context-based access:

Improves security during authentication and authorization of business transactions.
Assesses risk based on static, contextual, and analytically calculated attributes.
Calculates a risk score based on multiple weighted attributes.
Provides policy rules that determine whether an access request must be permitted, denied, or challenged.

You can configure context-based access to:

Silently register or require users to register devices that they commonly use.
Associate the registered devices with user credentials.
Present a challenge or request additional authentication, if the user attempts to authenticate with the same credentials from another unregistered device.
Enforce specific authentication mechanisms to access a particular protected resource.
Use the behavioral patterns of the user as a factor in risk score calculation. For example, a user might attempt to access a protected resource at a time outside of normal business hours. You can configure the context-based access policy to deny access or force the user access to authenticate with a secondary challenge.