Painless authentication protection customized for your project or business.
How GuardianKey works
The GuardianKey's detection engine uses Machine Learning and our secret mathematical risk formula to combine the following three analysis approaches:
Psychometric Profiling (or Behavioral Biometrics Profiling)¹
Using these three pillars, our engine computes a risk for each event sent by the protected systems.
In real time, the online attempt can be blocked, an extra requirement can be requested to the user, or notifications can be triggered.
In the customized edition, information about your business can be combined to maximize accuracy and provide risks oriented to your business.
For example, if your company provides devices and credit cards for payment, variables such as purchase amount, order type, among others, can be used by the detection model.
¹ Currently available only for our Android SDK.
GuardianKey in action
The protected system (your system) sends events via HTTP-REST for the GuardianKey engine on each login attempt.
GuardianKey returns a risk level and a suggested action (ACCEPT, NOTIFY, HARD-NOTIFY, or BLOCK).
Your system or GuardianKey can notify your users about accesses in their accounts. Also, high-risk attempts can be blocked.
Notified users can tell if the attempts were legitimate or not. In the affirmative case, GuardianKey learns for future analysis, otherwise, your security team can be notified.
GuardianKey has a simple API and reference implementations to simplify the integration. Only a few code lines are required to enable the integration. It is also possible to use a reverse proxy, which dismisses coding.
GuardianKey protects your systems against the following threats: Account Takeover, Automated attacks, Brute-force attacks, Anonymization, among others.
In the customized edition, these features can be changed to fit your business' needs.
Analyzing the results
GuardianKey has a panel that enables the administrator to:
View logged authentication attempts.
Analyze graphs about authentication risks and events.
Explore users and events.
Set-up policies, authentication groups, notification preferences, etc.
GuardianKey can also send the processed events to a WebHook via REST or directly to your log system (e.g., a SIEM). Even then, the GuardianKey's output can be also customized for your business.
See more information about the panel, clicking here.