Behavior recognition is a powerful tool, helping to establish that people who request access to business applications or services are in fact who they say they are. When someone attempts to sign in from a familiar device in a familiar location, for example, behavior recognition picks up on those cues. And now it\u2019s proving even more effective when paired with machine learning, which makes it possible to adapt in response to how users behave throughout their access history. The result is higher confidence in a user\u2019s identity and, at the same time, less need to inconvenience the user with requests for additional authentication.A New Way to Apply the Machine Learning ModelIn traditional fraud detection scenarios, machine learning tools look at broad user populations and report back on fraudulent transaction attempts, using the information collected to continually improve the data model. Machine learning in this context relies on people reporting discrepancies in their bank accounts or credit card activity. That makes it less useful for user authentication, because people aren\u2019t likely to be aware of, and therefore can\u2019t report on, unauthorized attempts to access the business services and applications they use.\u00a0In applying machine learning to user authentication, the focus of the model shifts from fraud detection to identity assurance. In other words, how confident can you be that a given user is who he or she claims to be, based on past successful authentications? This confidence is gained by learning from data in users\u2019 past authentication attempts, such as:Location\/networkTime of dayDevice fingerprintPattern of accessKeystroke dynamicsMuch of this data is the same as what\u2019s used to establish static business context rules for access requests. The difference lies in how the data is applied. Instead of declaring a network address \u201ctrusted,\u201d for example, the idea is to analyze user activity to determine if the user has repeatedly provided a high level of authentication from a particular IP address. That provides one data point to consider when determining confidence in the user\u2019s identity. Combine it with other data points, creating confidence across multiple attributes, and you can make an informed determination about whether more authentication is needed.Don\u2019t Be Left BehindMachine learning for user authentication in this context is rapidly evolving. As the possibilities for understanding and responding to a variety of behaviors develop, there\u2019s tremendous potential for authentication that\u2019s even more secure, with less friction for users. As you consider how to take advantage of machine learning, keep in mind that no matter how sophisticated the static rules you use for business context, they can never match the capabilities of an approach that includes machine learning.Don\u2019t be left behind; make sure machine learning has a place in your identity assurance strategy. As you seek out identity and access management partners, look for those that also have a strategy to keep up in this rapidly changing space. Meanwhile, learn more about leveraging identity assurance in the authentication process in this on-demand webinar.