Authentication Risk Analytics
Keyri's Scaling and Enterprise plans provide you and your users with IP-based risk analytics that block man-in-the-middle phishing attacks.
Keyri's risk analytics system incorporates the following signals, each of which can be configured in the Dashboard (opens in a new tab) to "Allow", "Warn", or "Deny" a login attempt.
-
Distance between web client and mobile authenticator device
-
Country differential between web client and mobile authenticator device
-
Web client accessing service through a TOR IP
-
Web client accessing service through a known attacker IP
-
Web client accessing service through an anonymous proxy such as a black-market SOCKS5 proxy
With risk analytics, the mobile SDK's built-in confirmation modal will include enriched information about the authentication attempt that the user can utilize to make an informed decision as to whether or not to authenticate. In the same vein, if you configure one of the risk signals to "Deny" an authentication attempt if it is detected, the mobile confirmation modal will inform the user that the attempt has been denied and the reason for that denial.
The screenshots of the built-in confirmation modals below represent different risk signal scenarios:

Mobile confirmation screen without risk analytics enabled

Mobile confirmation screen with low risk detected

Mobile confirmation screen with phishing risk detected

Mobile request block screen with phishing risk detected