Continuous authentication eliminates the periods of “trust” between logins during which user identity is uncertain. Any form of authentication that requires user input, for example as seen in login prompts, verifies identity only at the moment that this input is provided. Once authentication is complete, certainty of the user's identity is lost.¶For example, a user may authenticate at a login prompt, then walk away without logging out—inadvertently leaving their workstation open for another user to carry out illicit activity in their name.¶Continuous authentication solutions, on the other hand, verify a user’s identity on an ongoing basis in real time or near-real time, as a user works. All access can be suspended as soon as the user’s identity is no longer correct.¶Plurilock’s continuous authentication solution uses behavioral biometrics to analyze micro-patterns in keyboard and mouse activity as work occurs. Identity is confirmed every 3-5 seconds throughout the entire workday, silently and in the background. If a user steps away from their workstation without logging out and another user begins to use it, a workstation lockout or other automatic action can be initiated within seconds.¶This eliminates the inherent risk that normally accompanies a “logged in” session—with continuous authentication, the is no point at which a session has “completed” or “passed” authentication, since authentication is always ongoing.¶Continuous authentication ensures that the intended user is always the one presently computing, at every moment throughout the workday.
Stay informed. Join our low-volume list for news and updates.
Plurilock is the leader in advanced, risk-based authentication. We provide invisible, device-free MFA for corporate endpoints, Citrix sessions, cloud applications, and their users in finance, healthcare, education, and SaaS.