David Gormley, Sr. Principal CA Technologies, Security Business Unit
Enabling more sensitive online activities and transactions for a diverse user community (customers, partners, administrators) creates the need to have a high level of confidence that the person is who they say they are. At the same time the “Consumerization of IT” has raised user expectations for a smooth, intuitive online experience at anytime, from anywhere and from any device. This presents a real challenge because the historical relationship between authentication security and user convenience is inverse: as the strength of the authentication method goes up the user experience usually goes down.
With the emergence of new online threats, new device types and the increase in the amount of sensitive data available online, no one authentication method can meet all requirements to protect sensitive data and reduce fraud. There is a need for a flexible authentication system that can intelligently assess the risk of an activity and then require the appropriate authentication methods based on factors like the user, device, activity context and the activity itself. In this webcast, we will discuss the key requirements for a layered security approach that can enable a risk-appropriate and just-in-time authentication process which provides the security level required, while optimizing, or at least minimizing any negative impact on the customer experience.