Okta Launches Risk-Based Authentication Solution with Machine Learning Capabilities, Enhancing Adaptive Multi-factor Authentication and Adaptive Single Sign-On Products

Risk-based authentication hinders threat actors while streamlining user experience

SAN FRANCISCO — April 2, 2019 Okta, Inc. (NASDAQ:OKTA), the leading independent provider of identity for the enterprise, today at Oktane19 announced new risk-based authentication that leverages machine learning to deliver greater security, ease of use, and automated detection and response to identity-based attacks. Risk-based authentication delivers panoramic insights into an enterprise’s employees, partners, and customers while also providing a means for transparent security controls. Through risk-based authentication, enterprises can automate security by implementing significantly stronger authentication techniques and remediation when the scenario calls for it, while simultaneously enabling a seamless login experience for users within their normal behaviors using Okta Adaptive Single Sign-On and Okta Adaptive Multi-factor Authentication.

“Technologies are often built with security as a barrier to usability or as an afterthought, but organizations shouldn’t have to choose between providing workforces and customers with the best experience and ensuring their information is secure,” said Todd McKinnon, Chief Executive Officer and co-founder of Okta. “Okta built risk-based authentication to turn security into a user experience benefit, while maintaining deterrence when necessary. The combination of individualized machine learning context with data-rich insights from Okta’s vast ecosystem of customers, integrations, and authentications creates powerful network effects which enable transparent, yet actionable security.”

Leveraging Machine Learning to Build a Robust Behavioral Profile

Using machine learning, Okta can enforce robust authentication context at the user level, recognizing that no two users are alike in terms of the applications they access, the devices they use or the locations from which they access corporate resources. Rather, individualized profiles are built and the machine learning model is tuned over time, supplying deep understanding of how users are engaging with and accessing the technology they need to be effective. Contextual variables such as the device, location, IP address, and even typing biometrics can inform authentication and authorization decisions.

Individualized machine learning is used to turn a multitude of unique data inputs into a contextual behavior profile for each user. Combined with network effect-driven intelligence from ThreatInsight — risk signals seen across Okta’s global dataset, such as high-risk IP addresses — Okta will be able to create quantifiable and actionable risk assessments for each authentication attempt. Beyond simply gathering insights, Okta’s risk-based authentication also facilitates user-specific account remediations, where a user verifies the compromise and triggers a remediation workflow.

Empowering Customers to Automate Security

Okta customers will benefit from risk-based authentication’s insights, automation, and remediation. By leveraging this new functionality with machine learning capabilities, organizations can now automate security practices and implement streamlined authentication techniques.

“Maintaining brand trust at Blackhawk Network is core to our business continuing to succeed, and that has everything to do with creating efficient and secure ways for our partner brands to engage with Blackhawk through partner portals,” said Vijay Bolina, Chief Information Security Officer of Blackhawk Network. “We’ve entrusted Okta to build that experience for us, and the introduction of risk-based authentication offers to advance that fundamental authentication process even more, providing better user experiences and security for our employees and our partners who rely on Blackhawk.”


Okta risk-based authentication is currently available in beta and Okta expects it to be widely available soon as part of Okta Adaptive Single Sign-On and Okta Adaptive Multi-factor Authentication.