21. INTEGRATION SUMMIT 2019
● Over 70% of employees reuse passwords at work
● 59% reuse their passwords everywhere
● 81% of hacking-related breaches leveraged either stolen and/or
weak passwords
● The above rate has gone from 50% to 66% to 81% during the
past three years (2017)
‘Passwords’ are Not Secure!
Source - 2017 Verizon Data Breach Investigations Report (DBIR)
36. INTEGRATION SUMMIT 2019
WSO2 Identity Server Offering - Overview
Static Authentication Flow
● IdP offers static authentication flow to the user
● Multi-factor & Multi-option authentication
● In Multi-option authentication user can pick one
option from each step
Request-based Conditional Authentication Flow
● IdP offers dynamic authentication flow to the user
● Based on attributes of request message
authentication steps will change
● HTTP message, SAML ACR, OIDC ACR
37. INTEGRATION SUMMIT 2019
WSO2 Identity Server Offering - Overview
User-based Conditional Authentication Flow
● IdP offers static authentication flow to the user
● Based on attributes of identified user
authentication steps will change
Adaptive/Risk-based Authentication Flow
● IdP offers dynamic authentication flow to the user
● Authentication steps can be based on user
behaviors, environments, history and risk score
38. INTEGRATION SUMMIT 2019
● Basic API Security can be provided using OAuth2 and OIDC
● Everyone knows passwords are no longer secure.
● Multi-factor authentication offers a perfect solution but less
adopted due to usability issues.
● Multi-factor authentication needs to be more dynamic, responsive
and context sensitive, and we called it ‘Adaptive Authentication’
● WSO2 Identity Server can support any adaptive or risk-based
authentication use case.
Conclusion