AuthSafe Secure Login page feature covers the complete login attempts. Whenever a login attempt is made on the website, AuthSafe calls the login attempt API and uses the pixel to track user activities such as page-related events, mouse movements, mouse clicks, scroll movements, Keypress events.
AuthSafe also collects the user agent and device related information to help create user profile. This also captures the result of the login attempt, whether it is successful or a failed attempt in the following scenarios:
- using credentials that does not exist in the system
- blank attempts
All this data is collected and passed to the AuthSafe’s cognitive engine to perform a detailed analysis and generate a signal against it.
The bad signals are evaluated with the following risk scores categories:
- Low: The user will observe a clean login that is frictionless
- Medium: allows the user to login but record a log about the login
- High: Presents a challenge to allow the user to login
- Critical: Deny login. A verification link is sent to user email address or mobile
Based on the risk score category the user is presented with some challenge and based on the user performance, they will allow to login or deny.
Why a user is denying login?
If AuthSafe observes a credential stuffing attack, the user is stopped from logging in by sending a message or observation in response. This can be a status, severity message, and device.
AuthSafe Device Management API identifies the device risk and based on that allows or denies the user to login. If the user’s risk score is critical, then it denies the user to login which also means that the account is compromised. A verification link is sent to the user email address or mobile SMS to allow the user. Once the verification is successful, the risk score gets back to normal and user is allowed log in.
So, this is how the whole cycle for securing the login page works.