12 risk-based authentication tools compared

Risk-based authentication tools have become more sophisticated and popular as companies transition away from dependence on password protection.

1 2 Page 2
Page 2 of 2

PingOne is a series of identity products that can be used in various configurations to support RBA for both workflow authentication and for transactions. The company acquired SecureTouch last year and now calls that product PingOne Fraud, which looks at behavioral analytics and to identify compromised devices and other questionable signals. Ping is known for its wide collection of more than 1,800 different SAML integrations for its SSO tools. Other tools that are part of its offering include:

  • PingOne Risk is its risk management engine that evaluates these various signals, PingOne Verify is its own ID verification tool,
  • PingOne Authorize is its main RBA tool where you set up authentication rules and policies.
  • PingOne DaVinci, its latest addition, is an identity orchestration tool that can be used to create automation routines using Visio-like flowchart diagrams. This is a big benefit, because setting up risk escalation scenarios using interlocking rule sets and policies can be difficult to debug.

PingID offers free 30-day trials of all components. It has a complete albeit confusing pricing page.


Silverfort takes a different approach to RBA by piggybacking on existing identity providers such as Ping, Okta and Azure AD. It has a comprehensive risk engine that can detect signals including behavioral changes and external risk indicators, such as from your network security management tools. it doesn’t use any software agents or proxies to suss out potential threats and authentication problems, which can be useful if you are concerned about IoT-based compromises or from network-based equipment that can’t be easily monitored or protected. An example of this would be to provide FIDO2 support for any endpoint device. It has user-based pricing.

Thales Safenet Trusted Access 

Thales has two business units for RBA: Its Safenet Trusted Access handles workforce RBA, and its Gemalto unit focuses on banking and transaction RBA. The Safenet product has been around for many years and has developed into a sophisticated collection of rules and policies for combinations of users, OSes and applications. It covers a variety of MFA methods and token form factors and provides both SSO and RBA. It was an early deployment of FIDO and supports its own identity provider and others through SAML. It has partnered with NuData Security for transaction intelligence. Safenet’s base price  is $3.50 per user per month, which includes all MFA and RBA options along with various access management features.

Copyright © 2022 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
7 hot cybersecurity trends (and 2 going cold)