ForgeRock uses AI to fight fraud

ForgeRock, publisher of identity and access management solutions, presented Autonomous Access, an application that uses AI to prevent cyberattacks and identity-based fraud. The app monitors login requests in real time to block malicious attempts and add authentication steps for abnormal behavior, while streamlining access for authorized users.

“We believe that modern AI-based solutions have the ability to protect organizations, their customers, and their employees from damaging and costly cyberattacks and fraud,” said Peter Barker, chief product officer at ForgeRock. “Our approach is to use AI to stop bad actors at scale and reduce the risk of account takeovers.” Autonomous Access is a SaaS solution integrated with Identity Cloud, a comprehensive identity and access management (IAM) platform, and will be available in June, according to Peter Barker. Autonomous Access is supported by a proprietary combination of AI-powered algorithms, Machine Learning – a subset of AI where, for example, predictions and threat assessment become more accurate as a system ingests more data – and advanced pattern matching.

AI models trained to detect abnormal behavior

“Autonomous Access enhances the vendor’s existing, intuitive workflow design tools to enable intelligent, risk-based, low-friction identity security orchestration that easily scales to meet each organization’s unique requirements,” says Steve Brasen, director of research at consulting firm Enterprise Management Associates. The app uses multiple AI models to detect abnormal behavior, including UEBA (user behavior analysis) for regular users and other models for novice and infrequent users. Additionally, it uses machine learning to analyze the data returned from each login session, indicating whether anomalous activity turned out to be a known user or an unsuccessful login attempt.

In addition to this, the tool will use pattern matching heuristics to stop known threats by preventing bot attacks, credential stuffing, suspicious IP addresses, and other forms of cyberattacks. “ForgeRock’s continued investment in AI across its platform helps customers meet their needs: the ability to make smart decisions quickly and confidently,” said Martin Kuppinger, Founder and Principal Analyst. at KuppingerCole. “Anti-fraud capabilities are important and should complement existing services that customers use. Autonomous Access is a fully integrated add-on solution to ForgeRock’s user journey orchestration.”

No-code interface streamlines processes for administrators

Autonomous Access aims to eliminate the costly deployment and integration of disparate point solutions. It is also designed to allow IT admins to create an unlimited number of custom user access journeys with a no-code drag-and-drop interface. This feature allows IT administrators to design personalized experiences for each sign-in attempt based on the level of risk. For example, known users with low risk scores may benefit from options such as passwordless authentication, while those with abnormal behavior may be prompted for additional authentication or blocked and sent to different journeys for a further analysis and correction.

“Smarter protection with AI enables IT administrators to make smart decisions faster and with greater confidence, reducing deployment costs and making integration easier,” concludes Peter Barker.