Authentication Risk Analytics
Keyri's Scaling and Enterprise plans provide you and your users with IP-based risk analytics that block man-in-the-middle phishing attacks.
Keyri's risk analytics system incorporates the following signals, each of which can be configured in the Dashboard (opens in a new tab) to "Allow", "Warn", or "Deny" a login attempt.
Distance between web client and mobile authenticator device
Country differential between web client and mobile authenticator device
Web client accessing service through a TOR IP
Web client accessing service through a known attacker IP
Web client accessing service through an anonymous proxy such as a black-market SOCKS5 proxy
With risk analytics, the mobile SDK's built-in confirmation modal will include enriched information about the authentication attempt that the user can utilize to make an informed decision as to whether or not to authenticate. In the same vein, if you configure one of the risk signals to "Deny" an authentication attempt if it is detected, the mobile confirmation modal will inform the user that the attempt has been denied and the reason for that denial.
The screenshots of the built-in confirmation modals below represent different risk signal scenarios:
Mobile confirmation screen without risk analytics enabled
Mobile confirmation screen with low risk detected
Mobile confirmation screen with phishing risk detected
Mobile request block screen with phishing risk detected