Continuous Authentication explained.

Continuous authentication/continuous 2FA is an advanced method of identity verification. This mechanism runs the authentication protocol an ongoing basis from the start of a session to the end. Rather than authenticating just at the start, the authentication mechanism continues to re-verify the user’s identity throughout the whole session. Continuous authentication fits the dynamic needs of IT managers managing higher-risk scenarios.

So let’s say you login using 2FA, then what? Continuous authentication then utilizes one or more factors to determine whether to keep the user logged on or not depending on the determined “risk level”. Factors that continuous 2FA solutions can use to maintain authentication can include proximity, user location, IP address, time, keyboard activity, mouse activity, infrared sensors, motion sensors, user behavior, and more. Utilize continuous authentication to increase cyber security for all user sessions.

Benefits of continuous authentication.

Unlike static authentication (one-time), which is going through a checkpoint once, continuous 2FA is the checkpoint following everyone until they leave the secure area. Authenticating continuously has major advantages compared to authenticating once, especially since the system will lock itself as soon as the risk factor is no longer acceptable. Traditional 2FA is like a check-in at the gate, but then no one checks anything after. This means security is only at the “front door”. We need security that checks at all levels with vigilance and discipline. 

User convenience can also be much more seamless with continuous authentication. The authentication mechanism will not interrupt the user’s workflow after logging in, yet maintain stronger security. Inactivity timeouts are generally used to lock the system after a user leaves, but the system is left vulnerable to account takeover and all associated risks. If there’s a short timeout policy, users get locked out while working. There’s no winning this conundrum using a simple timeout policy.

Types of continuous 2FA.

Some authentication solutions are more sophisticated than others. An early version used a heat detector to see if a person was still in front of the computer. The obvious drawbacks is there’s no identity management solution to differentiate users. Also, the user must sit directly in front of their computer (limiting user mobility for the solution to work). This early continuous authentication method only worked under certain circumstances and is not suitable for an enterprise organization.

More common mechanisms of continuous authentication involves assessing time and location factors. But these limit the ability to use continuous authentication in more dynamic circumstances. However, many organizations benefit from a basic level of continuous authentication as a fraud prevention mechanism. More sophisticated factors used by risk engines include keyboard cadence, mouse movement, and even the person’s motions.

A more advanced and secure form of continuous 2FA is the presence of a security key as the hardware component. User have to manually plug tokens into the computer during the whole session, then remember to unplug when leaving. Other tokens use proximity, allowing a more seamless continuous authentication process. Users keep their device with them (in proximity) to continue authentication. The system continuously searches for the presence of the security key’s signal within the immediate proximity. If the security token is no longer present, the computer will automatically lock. It was also found that security keys were the most effective at preventing multiple account takeover attacks, according to a study by Google. Deploy continuous security to protect users and workstations from modern cyber threats.