Adaptive Authentication rules can be assigned to any SSO application to force users to undergo further identity proofing before they can access that application under certain circumstances. EmpowerID provides the following Adaptive Authentication rules that can be assigned to policies out of the box:
CheckLoginSpeed — – This rule checks the current time and location of the person attempting to login against the time and location of their last login to determine whether that person could reasonably do so under normal circumstances. For example, if the person logged in at 9:00AM from their office in Boston and then attempted to log in 45 minutes later from Seattle, this rule would consider the second log in attempt questionable as it would be impossible for the user to travel from Boston to Seattle in 45 minutes. The rule would then force the user to undergo further identity proofing.
CheckUserDemographics — – This rule checks for missing person attributes, such as the user address or job title. If these attributes are missing, EmpowerID prompts the user to enter the missing information before proceeding to the application.
CheckPersonProofing — – This rule checks to see if the person attempting to login has met the identity proofing requirements for your organization. If not, this rule would force the person to undergo further identity proofing.
...