Skip to main content

What is Adaptive Access

When organizations grant users access to their digital apps and services, they face the challenge of having to balance risk considerations with user experience. Businesses must protect their systems from malicious access and avoid user frustration in dealing with unnecessary and sometimes cumbersome authentication procedures. IBM® Security Verify Adaptive Access helps businesses to efficiently reconcile both needs without compromise.

Verify Adaptive Access uses deep identity insights, through a sophisticated risk calculation engine (powered by IBM Trusteer® technology), to accurately match access policies to the user profile throughout their digital interaction with the application. Use Verify Adaptive Access to enforce the appropriate level of authentication and to block access only when needed so that trusted users can freely interact with your system.

If you want to know more, see the following resources:

How can I use Adaptive Access to protect my developed applications?

Adaptive Access is available on the IBM Security Verify Platform. It can be used in the following ways today:

  • As part of a federated single sign on policy for a standard SAML or OIDC based web or mobile application.
  • When developing a true native web application, powered by our policy based authentication flows.
  • Passing the discovered risk attributes with the identity attribute data.

What information is available?

IBM Security Verify Adaptive Access is intended to be simple to consume. In most cases, you can simply take advantage of our inclusive risk level. We transform a continuous and complex session risk assessment, calculated from every digital interaction of the user with the system, into a single easy-to-understand risk level.

riskLevel

For more information on risk levels, see the Knowledge Center.

Where additional insight is required, specific risk indicators are available in policy rules. These indicators include:

  • New Device Flag
  • New Location Flag
  • Risky Connection Indicator
  • Risky Device Indicator
  • Behavioral Anomaly Indicator

For more information on these attributes see the Knowledge Center