December 6, 2017 By Brian T. Mulligan 2 min read

Users are tired of inconvenient methods for signing in to their devices and applications, while enterprises and regulators are tired of falling victim to data breaches that can be traced back to phished passwords.

Balancing Convenience and Security

Technology designed to provide increased security without ruining the users experience is advancing rapidly, and three trends are becoming clear:

  1. Going forward, an increasing share of authentication and identity corroboration activities will happen on mobile devices, regardless of whether the service being accessed is on a mobile device, on a desktop, at a kiosk or even in person.
  2. The number and type of authentication mechanisms is expanding, from device as a factor to every conceivable biometric indicator, such as fingerprint, voice, and gait.
  3. When evaluating trust in an authentication event, more importance is being placed on the analytics passively measuring risk and behavior patterns, reducing sole reliance on the outcome of the authentication action itself. For example, a password may be correct, but surrounding information about the user’s behavior or device may provide sufficient reason not to trust him or her.

These trends create a challenge for teams in charge of delivering digital services: Everybody wants users to have a positive, secure experience when they start using a service, but nobody has the time or budget to constantly iterate new authentication experiences to keep pace with the latest technology.

Taking a Platform Approach to Authentication

To make it easier to adopt new authentication types, organizations should adopt a platform approach to authentication. This enables security professionals to remove authentication capabilities from the applications themselves and integrate with an access platform that authenticates users across channels. The result is a looser coupling between the application and the authentication mechanism.


Through this platform approach, application teams can future-proof their organizations against rapid developments in authentication technology, which can be costly to deploy and integrate with applications. Changing authentication methods in the future becomes easier, since the platform itself does not need to change. Once a new mechanism is added to the platform, services using the platform can take advantage of it.

Rapid Integration With IBM Security Access Manager

IBM Security Access Manager (ISAM) is a user access platform that provides a wide range of omnichannel identity services, including a flexible, risk-based authentication engine and multifactor authentication. However, authentication is too important of a challenge to tackle alone. That’s why IBM is teaming up with four leading authentication technology partners — BuyPass, DualAuth, ImageWare and Yubico — to make it easier to use partners’ authentication technologies within the ISAM platform.

These new authentication apps on the IBM Security App Exchange are designed to help organizations quickly and efficiently adopt the latest in authentication technology for their users. This gives organizations an easy way to find new offerings that meet their authentication needs and provides the technology needed to rapidly integrate these authentication offerings with the ISAM platform.

Each of these new integration apps has been vetted and validated by IBM and its partners and is available for download directly from the App Exchange. These integrations will help shorten long development cycles, increase agility for organizations adopting new forms of authentication and enhance the value of taking a platform approach to authentication.


More from Identity & Access

Passwords, passkeys and familiarity bias

5 min read - As passkey (passwordless authentication) adoption proceeds, misconceptions abound. There appears to be a widespread impression that passkeys may be more convenient and less secure than passwords. The reality is that they are both more secure and more convenient — possibly a first in cybersecurity.Most of us could be forgiven for not realizing passwordless authentication is more secure than passwords. Thinking back to the first couple of use cases I was exposed to — a phone operating system (OS) and a…

Obtaining security clearance: Hurdles and requirements

3 min read - As security moves closer to the top of the operational priority list for private and public organizations, needing to obtain a security clearance for jobs is more commonplace. Security clearance is a prerequisite for a wide range of roles, especially those related to national security and defense.Obtaining that clearance, however, is far from simple. The process often involves scrutinizing one’s background, financial history and even personal character. Let’s briefly explore some of the hurdles, expectations and requirements of obtaining a…

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today