IK-SEC and context-based authentication for Fa-Link platform
IK-SEC is a keycloak module developed by Ikerlan. The objective of IK-SEC context-based module is to strengthen authentication, thus preventing hackers or intruders from accessing protected corporate resources, but without compromising the user experience. IK-SEC context-based module is integrated as a transparent layer of continuous authentication, based on the context and user behavior through geolocation mechanisms, browser and device detection, which allows real-time analysis of unusual characteristics, thus being able to detect cases of identity theft in time.
IK-SEC uses Multi Factor Authentication (MFA), and the main goal is to improve user experience supporting to execute MFA in a conditional way. Integrating IK-SEC and user context, provides a way to stablish the different number of factors to ask to other user of a cloud platform (FA-LINK platform in this case):
- If the context is known, the FALINK platform WEB user interfaces only will require user and password.
- If the context is unknown or exists any anomaly, multi factor authentication will be asked.
The context of IK-SEC has three dimensions: time, location and device. For example, if a user access at same time, from the same personal computer pc and at same location, MFA will not be required. But if the cloud platform’s user changes the device from which access to the platform, an anomaly is detected, and it triggers to ask MFA.