Multi-factor Authentication Best Practices for Securing the Modern Digital Enterprise

Ping-whitepaper-thumbCombine Risk-based Step-up MFA with Passive Contextual Authentication to Get the Best Combination of Cost Effectiveness, Usability, and Security

Step-up multi-factor authentication (MFA) is a dynamic authentication model where the user—either a customer or an employee—is required to perform additional authentication operations, as needed, based on policy.

This white paper proposes best practices for customer and enterprise deployments of step-up MFA. It explores a risk-based approach that combines dynamic step-up authentication with passive contextual mechanisms, such as geolocation and time of day.

In this white paper, you’ll learn about:

  •  Authentication in depth, including its vocabulary, mechanisms, and signals.
  •  Choosing the right MFA mechanisms for your environment.
  •  Applying a risk-based model to step-up MFA.
  •  Best practices in step-up MFA, including risk analysis, choice of authentication factors, privacy, lock-out, registration, user opt-in, suspension and bypass, self-service, native applications, initial authentication and multiple touch points/channels.
Best Practices Series Ping Identity

Register to download this best practices white paper from Ping Identity: