What is Continuous Authentication?
Access is what facilitates the productivity that fuels business-- but it also represents the site of greatest vulnerability. Attackers already have the information they need to compromise these critical gateways to your company's information, commerce, and technology. Effective authentication is impossible when using passwords and traditional two-factor authentication approaches. Even with the strongest passwords, multi-factor authentication (MFA) and single sign on (SSO) in place, there's little protection and visibility after initial authentication.

According to this Pulse.qa survey, 74% of IT executives say that traditional passwords and authentication methods are no longer sufficient enough for securing user access.

In a world where identity is persistently attacked, your credentials have already been compromised, or soon will be. Two-factor authentication (2FA) security is temporal, causes high friction and can be easily intercepted during transmission. MFA lacks context and relies on too few attributes.

Authentication is not a single event, with a start and end, nor is it a simple binary “yes” or “no.” It is rather a continuum.

The same Pulse.qa survey found that 90% of IT executives agree that more advanced MFA tools that provide continuous authentication, would improve their company’s security posture.
What is Continuous Authentication?
Continuous authentication is a verification method that provides ongoing confirmation of user identity to ensure your organization’s security. Through constant and consistent monitoring of user context and behavior, continuous authentication validates the user throughout their session, including post-authorization. Continuous authentication utilizes machine learning (AI/ML) to create an enriched user profile within each application landscape, negating the need for vulnerable and costly passwords.

Traditional verification methods lack the ability to continuously validate a user’s identity. Single-factor authentication (SFA) provides a layer of protection at login, with two-factor (2FA) supplying a second layer. Neither of these methods secure you past initial authorization, leaving your organization vulnerable. With the increasingly rapid advancements in cybercrime, new authentication methods must account for what to do once threat actors get in.
How does Continuous Authentication work?
Continuous authentication constantly collects information about a user’s regular behaviors to help distinguish who the user is through machine learning. By collecting this data on users, the technology is able to verify who the user is by analyzing the behaviors to create a risk score that determines the proper level of access or prompt a user to provide additional verification through step up authentication or secondary authentication method such as a push notification, fingerprint or card.

Throughout the user session, the system continuously measures the user's behavior characteristics to check for inconsistencies in the user’s behavior. If the system deems a user’s behavior as compromised or irregular, access is reduced, or outright revoked, leading to the termination of the user’s session. By delivering varying levels of authentication depending on this behavior and context, a risk-based step-up authentication is enabled. Continuous authentication systems can look for changes across many different domains, as outlined in the next section.
What are the different Authentication Methods?
With the growing number of technologies that support continuous authentication, authentication methods are also increasing. Below are some of the most popular forms of authentication methods with continuous authentication.
  1. Behavioral - All users have unique behavior patterns that can be monitored continuously, such as how fast a user types or how hard they tap, finger pressure, how long they hold keys on a keyboard or how they swipe or use a mouse.
  2. Biometrics - Voice patterns such as changes in pitch and frequency can be used for continuous authentication. Facial identification is widely used for authentication purposes to access mobile devices but can also be used to authenticate users continuously. Fingerprints and retina scanners are also commonly used methods.
  3. Physical Location - Physical GPS coordinates of a user can be used and analyzed to determine the user’s legitimacy. The locations of where we choose to connect to our devices, networks and applications become a unique attribute that can be used as one factor to verify a user.
Why should I consider Continuous Authentication?
No matter how comprehensive your security posture, it has one key vulnerability: people. Because human behavior is based on patterns, it’s historically been seen as a weakness--easily exploited by bad actors, cyber criminals, or other system threats. By using these unique behaviors and attributes, you can make verification stronger and more reliable. Implementing a continuous authentication solution, you create a unique representation of the human for precise identification which is extremely difficult for hackers to mimic and even harder to clean their trails from interfering with actual legitimate data.

Authentication has traditionally been viewed as a singular event of verifying oneself. After the initial verification, further inquiries into one’s identity are not performed on legacy platforms. Authorization, in this same perspective, is then the event of verifying the access rights of a given individual. Put another way: authentication is proclaiming who’s at the door, and authorization is letting them inside.

Yet if we were to suspect our guests were not who they say they are, we wouldn’t dismiss that concern--we would look closer. And we hardly let guests into our house and give them free reign to rifle through our belongings.

This is what we mean by authentication being a continuum--there’s a marked difference between accessing enterprise applications at a standard time of work and accessing confidential work documents well after work hours. These events both require authentication and authorization, but one needs more monitoring for suspicious activity than the other.

In the end, continuous authentication is the way forward in keeping your organization protected against looming threats, while confirming your users pre-authentication, during authentication and post authorization and improving your users experience overall by removing unnecessary friction.