What is continuous authentication?
Continuous authentication is a method for authenticating users and granting access to corporate resources. It’s based on the level of risk and contextual information about the user, such as role, location, and type of device.
Unlike traditional authentication methods, this mechanism is enforced from login through the end of the user session.
Explore additional continuous authentication topics:
- How does continuous authentication work?
- What are the different types of authentication?
- Continuous authentication methods
- Examples of continuous authentication
- How does continuous authentication help the user experience?
- Does continuous authentication prevent fraud?
- Continuous authentication solutions by Citrix
Continuous authentication works by assessing user behavior patterns on an ongoing basis. Unlike traditional authentication, which evaluates users just once at login, continuous authentication considers changing risk factors such as location, device posture, and other behavioral data.
Continuous authentication provides security for hybrid workforces by allowing authentication to the corporate network while restricting access if suspicious activity is detected.
Authentication methods can be categorized according to different factors. Here are some common authentication methods:
- Passwords: This is the most widely used form of authentication. It relies on the user picking a unique, strong password and linking the account and username. When the correct password is entered, the system recognizes the user. The downside of passwords is that users often lose or forget them. They can also be stolen by an attacker.
- Token: This is a type of property-based authentication, such as an access card with an RFID chip or a key fob. Token-based authentication mechanisms offer more security since they require the attacker to gain physical access to the token item.
- Behavioral biometrics: Behavioral biometric authentication identifies a user based on the patterns of behavior they exhibit when interacting with a tablet, smartphone, or computer keyboard. Behavioral biometric authentication will consider the finger pressure, how fast the user types, or how they use their phone to create a behavioral pattern. This type of authentication is used for online payments, e-commerce, and online banking.
- Physiological biometrics: This type of authentication uses physical characteristics, such as fingerprints, retina scans, or heartbeat patterns. Biometrics are a popular means of authentication because they are difficult to fake.
- Multi-factor authentication (MFA): No single factor is completely secure. Therefore, many companies are implementing multiple authentication methods—for instance, a password and a token. A typical example of multi-factor authentication is two-factor authentication (2FA). This method requires the user to give two types of authentication to confirm their identity, such as a password and a code or a token sent to the user's device.
- Certificate-based authenticationThis type of authentication uses a digital certificate to identify a user. The certificate has a key encrypting the user’s digital signature, which allows for a secure sign-up.
How the approach to cybersecurity and zero trust network access has evolved
See how ZTNA has become mainstream to meet the needs of a hybrid organization.
Continuous user authentication goes beyond traditional authentication methods to take security to the next level. Authentication scores are continuously assessed based on factors like device posture and location, which help indicate when suspicious activity or attempts at unauthorized access are taking place. If the authentication score doesn’t show a sufficient confidence level, the system requests another type of authentication. You can set different confidence scores according to the type of action or resource involved.
Adaptive authentication allows scanning of end user devices both before and throughout a user session to corporate applications. Based on location, device posture assessment, or user risk score, an admin can define how a user is authenticated and authorized to access their apps. With adaptive authentication, these risk factors are evaluated continuously so admins can enforce (and adapt) policies as needed.
Risk-based authentication uses AI to gain a real-time view of the context of any login. The solution responds to a user's request for access by analyzing factors such as the type of device, location, the network used, time of log-in, and the sensitivity of the requested resources to make a risk assessment for the user—a risk score. If the request doesn’t meet the requirement, the system will ask for more information. The additional information may include a temporary code, a security question, biometric data, or codes sent to a smartphone.
What are the use cases where organizations may need continuous authentication? Here are some potential areas continuous authentication can help address:
Attack vectors in hybrid and remote workforces: Hybrid and remote work environments have increased cybersecurity risks. Whether users bring their own BYOD devices or use work laptops, it can be challenging for IT departments to maintain the security of unmanaged devices. Poorly protected networks can allow attackers to access the system, causing data leaks and intrusions. Employees using unsecured or weak Wi-Fi networks can be infected by malware or botnets.
Continuous authentication solutions prevent unauthorized users from accessing the system by detecting access requests from non-secure networks or devices.
Insecure passwords for remote employees’ accounts: Allowing employees to choose passwords for work-related accounts may seem convenient, but it can also create vulnerabilities. Allowing employees to use inadequate passwords, recycled passwords, or passwords shared with coworkers is a risky practice common in organizations. With most data breaches leveraging compromised credentials, securing passwords is critical.
By analyzing the entire context surrounding the user access request—and not only validating the password—continuous authentication solutions provide a more secure alternative.
A good user experience increases productivity and improves workflows. However, when users need to log in again every time they switch applications, the result is often lowered productivity. With continuous authentication, employees can log in once and gain access to all their normal applications and resources. Behavioral continuous authentication not only discourages attackers, imposters, and bots, but it does so without affecting the user experience.
In several industries, such as finance, continuous authentication is used to prevent fraud. The system collects data from different components of a customer’s session or interaction with mobile devices, such as swipe patterns or keystrokes. This information is used to develop a user profile. When the system finds a deviation from this pattern, it alerts or requests further user identity verification.
Continuous authentication enables the profiles to work with the bank’s risk solution. This integration helps determine the most accurate risk score to detect fraud. The advantage of continuous risk-based authentication is that it allows security teams to match the risk to the transaction requested. When combined, the authentication system and anti-fraud technology can expand the security coverage over a more extensive attack surface.
Citrix provides leading solutions based on the zero trust approach. With Citrix Secure Private Access, organizations can provide secure access to applications— without compromising productivity. This solution delivers adaptive authentication and SSO so your hybrid workforce can securely access applications.