Smartfactor Auhtentication

With cyber attacks on the rise, it’s more important than ever to defend against phishing and account compromise. The Verizon 2022 Data Breach Investigations Report indicated that nearly 50% of breaches involve the use of stolen credentials¹. Although Multi-Factor Authentication (MFA) has emerged as a common tool to protect user credentials and sensitive company data, traditional solutions create annoyances for end-users and negatively impact productivity.

Ask for a demo
Smart Factor Authentication One Login
On this page Kappa Data informs you how Smartfactor Authentication can help you to reduce increase your authentication security by automated configuration of the login flows and MFA use. 

OneLogin Smartfactor authentication

Standard multi-factor authentication (MFA) uses static rules requiring users to authenticate every time they log into an application. However, this can impact the user experience and does not always effectively protect an organization from more advanced threats like spear-phishing and brute force attacks. SmartFactor Authentication leverages our Vigilance AI™ risk score to dynamically adjust authentication requirements in real-time based on the level of risk for each login, balancing security with usability.
Smartfactor authentication prodct risk score image

How SmartFactor Authentication works

Vigilance AI support for SmartFactor Authentication

OneLogin’s SmartFactor Authentication uses machine learning to analyze a broad range of inputs, such as location, device, and user behavior, to calculate a risk score and determine the most appropriate security action to take for each login attempt. Depending on the detected level of risk, SmartFactor Authentication adjusts the number of authentication factors needed to log in.

Configurable Authentication flows

OneLogin lets you define authentication flows based on user policy to defend against brute force attacks, reduce account lockout, and enable frictionless logins for low-risk users.

  • Enable passwordless authentication for users on a trusted device
  • Check the user’s ID and device first and then, based on the risk score, prompt for an additional factor only if needed
  • Use OneLogin Protect to remove friction by letting users simply respond to an MFA push notification on their mobile device.
 
 
 
Mobile Device Protection with Vigilance AI Smartfactor authentication

Windows domain authentication

OneLogin only prompts users for credentials when necessary. Users who are already signed into their corporate Windows domain get automatically signed into OneLogin using Integrated Windows Authentication.

Application launch links and deep linking

Users don't always have to access apps via OneLogin's SSO portal. Many times, apps are launched via links in emails, such as document sharing notifications or meeting invites. Just click the link and OneLogin gets you signed in automatically.

SMS authentication

One-time passwords are sent over SMS as an additional layer of security for self-service password reset or MFA.

Voice MFA

As an alternative to SMS or email, voice MFA allows users to receive a phone call to their mobile phone or landline, verifying their identity to the OneLogin Portal.

Frequently asked questions

Check our FAQ section where you can find the first questions that have been asked to us during the last months.

Contact us

  • How can administrators configure and manage SmartFactor Authentication in OneLogin?

    Administrators can configure and manage SmartFactor Authentication in OneLogin by:

    1. Enabling SmartFactor Authentication: Turning on the feature in the OneLogin admin portal.
    2. Setting Risk Thresholds: Defining risk thresholds for various actions (e.g., when to prompt for additional authentication or block access).
    3. Customizing Policies: Creating policies tailored to the organization’s security needs, specifying which factors to consider and how to handle different risk levels.
    4. Monitoring and Reporting: Using OneLogin’s reporting tools to monitor login attempts, review risk assessments, and adjust policies as needed to improve security.

  • How can organizations benefit from using SmartFactor Authentication?

    Organizations benefit from using SmartFactor Authentication by enhancing security and reducing the risk of account breaches. It provides a seamless user experience by requiring additional verification only when necessary. This approach balances security and convenience, reducing user frustration and increasing productivity.

  • How does SmartFactor Authentication determine the risk of a login attempt?

    SmartFactor Authentication evaluates various factors to determine the risk of a login attempt, including user behavior patterns, device reputation, geolocation, IP address, and the time of access. By analyzing these factors, it can detect anomalies and assign a risk score to each login attempt.

  • What actions does SmartFactor Authentication take based on the risk score?

    Based on the risk score, SmartFactor Authentication can take different actions:

    • Low-Risk: Allow the user to log in without additional verification.
    • Medium-Risk: Prompt the user for additional authentication, such as a one-time password (OTP) or a second factor.
    • High-Risk: Block the login attempt and alert the administrator for further investigation.

  • What is SmartFactor Authentication in OneLogin?

    SmartFactor Authentication in OneLogin is an advanced security feature that uses machine learning and behavioral analytics to assess the risk of a login attempt. It dynamically adjusts the authentication requirements based on the risk score, providing stronger security without compromising user convenience.

Contact us for a demo

Are you curious to learn how Onelogin can minimize malicious login-attempts as a part of your Identity Access Management solution? Contact us for a demo via the below button. 

Ask for a demo