Continuous authentication works by assessing user behavior patterns on an ongoing basis. Unlike traditional authentication, which evaluates users just once at login, continuous authentication considers changing risk factors such as location, device, hardware and software setups, along with other behavioral data.
Continuous authentication estimates the likelihood that service users are the ones who they claim to be throughout an entire user lifecycle. For example, John Smith from London registers an account and continues using it, often from the same devices (laptop, smartphone, tablet), connected to the same wifi network or even mobile network associated with the same geographical location, or near the registered address.
Of course, people’s digital movements are now more mobile than ever before, and there may be slight variations in an IP address, geo-location etc., which is why one small deviation to the aforementioned settings is not deemed suspicious in itself. The warning signs come from numerous data attributes that indicate a high probability of fraudulent behavior such as numerous changes to John Smith’s regular account usage - concerted efforts to hide true location, identity and numerous other settings. All of these can be detected, so let’s see how continuous authentication works in practice.