GuardianKey Auth Security Customized

Painless authentication protection customized for your project or business.

How GuardianKey works

The GuardianKey's detection engine uses Machine Learning and our secret mathematical risk formula to combine the following three analysis approaches:

  • Threat Intelligence

  • Behavioral Profiling

  • Psychometric Profiling (or Behavioral Biometrics Profiling)¹

Using these three pillars, our engine computes a risk for each event sent by the protected systems.

In real time, the online attempt can be blocked, an extra requirement can be requested to the user, or notifications can be triggered.

In the customized edition, information about your business can be combined to maximize accuracy and provide risks oriented to your business.

For example, if your company provides devices and credit cards for payment, variables such as purchase amount, order type, among others, can be used by the detection model.

¹ Currently available only for our Android SDK.

GuardianKey in action

Currently:

  • The protected system (your system) sends events via HTTP-REST for the GuardianKey engine on each login attempt.

  • GuardianKey returns a risk level and a suggested action (ACCEPT, NOTIFY, HARD-NOTIFY, or BLOCK).

  • Your system or GuardianKey can notify your users about accesses in their accounts. Also, high-risk attempts can be blocked.

  • Notified users can tell if the attempts were legitimate or not. In the affirmative case, GuardianKey learns for future analysis, otherwise, your security team can be notified.

  • GuardianKey has a simple API and reference implementations to simplify the integration. Only a few code lines are required to enable the integration. It is also possible to use a reverse proxy, which dismisses coding.

  • GuardianKey protects your systems against the following threats: Account Takeover, Automated attacks, Brute-force attacks, Anonymization, among others.

In the customized edition, these features can be changed to fit your business' needs.

Features

No Hardware

No token, mobile or other device is required.

Easy deployment

Only a couple of code lines is needed. It is also possible to use a reverse proxy.

Real time

The authentication attempts are treated and available for visualization in real time.

Transparent

Less friction! The user is not required to use 2nd factors or extra actions.

High ROI

Improves the security with low costs and low efforts.

High security

The state-of-the-art approach based on Machine Learning and risk assessment to protect the authentication process.

Analyzing the results

GuardianKey has a panel that enables the administrator to:

  • View logged authentication attempts.

  • Analyze graphs about authentication risks and events.

  • Explore users and events.

  • Set-up policies, authentication groups, notification preferences, etc.

GuardianKey can also send the processed events to a WebHook via REST or directly to your log system (e.g., a SIEM). Even then, the GuardianKey's output can be also customized for your business.

See more information about the panel, clicking here.

Licensing and costs

Resources

  • Flexible, by project.

Interested in a quotation? Contact us.