AdaptiveMFA
Description
Enhances security and the user experience, including: Behavioral Anomaly Detection - AI monitors user activity over time to establish a baseline pattern of their behavior. If a login attempt deviates significantly, such as logging in from a foreign country, unknown workstation, or disallowed IP address space, Okta can trigger Adaptive Multi-factor Authentication (aMFA) to block access. Adaptive MFA - Okta's AI-powered Adaptive MFA tailors security challenges based on risk level. Trusted users might only need a password, while high-risk users are prompted for biometric or application-based verification. Real-Time Threat Detection - Okta's integration with AI-driven threat intelligence platforms like CrowdStrike and Microsoft Defender enhance real-time visibility into threats, correlating data from endpoint, network, and identity layers. Access Governance with Intelligence - AI enables smarter access reviews and role recommendations. It detects unusual access rights, flags overprovisioned users, and automatically suggests changes. AI is integrated into DHS's identity and access management solutions to strengthen security and enhance the user experience.
Detailed example
The input includes: device, network, location, travel, IP, and external data from third parties and endpoint security integrations. The output are Risk ratings HIGH, MEDIUM, LOW for each authentication attempt which can be configigured to require stricted access comtrol policies.
AI / analytics pattern
Classical/Predictive Machine Learning: Models trained on data to make predictions or classifications based on identified patterns or relationships.
Automation level / stage
c) Deployed – The use case is being actively authorized or utilized to support the functions or mission of an agency.
Expected benefit
Adaptive Multi-factor Authentication (aMFA) introduces additional intelligence into Identity flows by taking into account the authentication context data during the authentication. Using the data, DHS is able to adapt security and authentication policies to enhance the security to DHS systems.
Controls / human review
ATO: Yes; PIA: Not published
Data needed
The system collects signal data during authentication to dynamically build behaviors of the user.