Adaptive Authentication

  • TYPE: Combined Session DATE: Wednesday, May 10, 2017 TIME: 14:30-15:30 LOCATION: AMMERSEE II


Identity and Access Management (IAM) systems have continued to evolve significantly over the last two decades. Increasing security and improving usability have both been contributing factors to this evolution. Data owners and IT architects have pushed for better ways to authenticate and authorize users, based on changing risks and newer technologies. Businesses have lobbied for these security checks to become less obtrusive and provide a better user experience (UX). One of these such enhancements is Adaptive Authentication.

Adaptive Authentication (AA) is the process of gathering additional attributes about users and their environments and evaluating the attributes in the context of risk-based policies. The goal of AA is to provide the appropriate risk-mitigating assurance levels for access to sensitive resources by requiring users to further demonstrate that they are who they say they are. This is usually implemented by “step-up” authentication. Different kinds of authenticators can be used to achieve this, some of which are unobtrusive to the user experience. Examples of step-up authenticators include phone/email/SMS One Time Passwords (OTPs), mobile apps for push notifications, mobile apps with native biometrics, FIDO U2F or UAF transactions, SmartCards, and behavioral biometrics. Behavioral biometrics can provide a framework for continuous authentication, by constantly evaluating user behavior to a baseline set of patterns. Behavioral biometrics usually involve collecting environment data (such as IP addresses, geo-location, nearby WiFi SSIDs, etc.), keystroke analysis, mobile “swipe” analysis, and even mobile gyroscopic analysis.

The Leadership Compass presented in this session provides an overview and analysis of the Adaptive Authentication solutions within the IAM market. These solutions are sometimes referred to as Contextual Authentication, or just Step-Up Authentication. All registered EIC delegates have access to this Leadership Compass and the complete KuppingerCole Research until End of May 2017.


Background: John Tolbert is a Lead Analyst and Managing Director of KuppingerCole, Inc (US). As Lead Analyst, John covers a number of different research areas, outlined below. John also advises cybersecurity and IAM vendors, from startups to Fortune 500 companies, regarding their product and...

With all the attempts for killing the password over the past years, the question remains: Will it ever happen? Passwords and other weak means of authentication such as PIN numbers are still the by far most widely used way to authenticate. On the other hand, we observe an uptake for strong(er) authentication, be it the built-in biometrics in mobile devices, be it cloud-based MFA, or be it easy-to-use and rather cheap tokens. Thus, the question is: Are we already reaching the "break-even" for strong authentication, the point where strong authentication finally starts displacing passwords as the main way for authentication? If not, when will we reach that point, if ever? What does it need for doing so? Is it having cheaper, easier-to-use, more flexible authenticators? Is it thinking authentication from the customer, making it adaptive to all devices and use cases, instead of dictating a certain means of strong authentication? Who will be the providers that benefit? Will it be the technology suppliers to banks, mobile phone manufacturers, or governments? Will it be independent sellers of strong authentication tokens? Will it be cloud-based services?

There are many open questions – the experts in the panel will provide their view on this already "classical" topic. Maybe we are finally approaching the "password dawn".


As CEO, Dr. Amir Alsbih manages the worldwide strategic and operational business, as well as the technological development of KeyIdentity GmbH. He is responsible for the global business processes and technological innovations of the leading provider of highly scalable and quickly deployable...

Anthony Nadalin is a partner architect in the Government Engagement Team leading the Standards and Public Policy practice. Anthony had spent the last 27 years with IBM where he was the Chief Security Architect responsible for the security strategy for software group products. Anthony...

Don is President and Chairman of the Open Identity Exchange (OIX) a non-profit organization of leaders from competing sectors, including enterprise, data services, telecommunications, consulting services, SaaS, banking, retail and government. OIX is helping to build solutions to roadblocks for...

Log in to download the presentation:  


Session Links

Munich, Germany


European Identity & Cloud Conference 2017

Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • May 09 - 12, 2017 Munich, Germany