Accelerating Easy, Highly Secure Access with Shape and Okta

CHALLENGES

  • Organizations must be able to control which users are granted access to which applications and data
  • A constant cadence of data breaches coupled with readily available automation tools have made credential stuffing the #1 attack
  • Automated attacks like credential stuffing regularly lead to unauthorized access, account takeover (ATO), and increasingly, fraud
  • Users demand the ability to quickly login, remain logged-in, research and transact.
  • Users prefer to not be distracted with repeated requests to enter ID and password or to constantly prove their identity, all of which can lead them to abandon a transaction or brand

BENEFITS

  • Reduce unnecessary authentication requests, which increases security while boosting user satisfaction and revenue
  • Administrators can centrally manage and control all aspects of user access
  • Users authenticate once and are granted seamless, multi-factor authentication (MFA)-free access to on-premises software-as-a-service (SaaS), and cloud-based applications
  • Slash fraud and abuse from bots and automated attacks and prevent the financial and reputational damage they can cause
  • Employees, partners, and customers each have centralized, secure access to only the appropriate apps and resources for which they are authorized access

There are all kinds of online threats out there and the modes of attack shift and change constantly. Protecting your websites, apps, and APIs from such threats requires multiple layers of security. Shape Security and Okta provide distinct sets of security solutions but are tightly integrated across platforms to support fast and highly secure access for the end user. This alliance currently delivers four critical capabilities:

  • Before login, steps are taken to identify application requests coming from malicious bots or automation sources; and when found, they’re blocked, redirected, or flagged
  • During login, Okta’s IDaaS service takes steps (like multi-factor authentication) to quickly block fraudsters while allowing legitimate users to quickly authenticate
  • Throughout the entire customer journey, anomalous behavior that can be indicative of fraud is analyzed
  • For returning users, actions are performed, behind the scenes, to ensure that only legitimate users gain access—without the need for recurring MFA actions. From the user’s perspective, these capabilities all take place invisibly and instantaneously. They sign in once, and they go about their business.

Shape + Okta = Continuous Identification and Authentication

Okta, one of the world’s premier providers of identity solutions, is well known and highly trusted for offering powerful and easy-to-implement Identity-as-a-Service (IDaaS) solutions, including critical single sign-on (SSO) capabilities and other functionality that contributes to a comprehensive identity and access management (IAM) solution for both customer and workforce identity. This solution provides users with a single, centralized point to log in and access all of the applications to which they are authorized access, and they empower organizations to manage and secure all those user credentials.

F5 and Okta have a longstanding partnership, reflected in the fact that as the Okta platform grows, so does its ability to integrate with F5’s own growing portfolio. Accordingly, the Okta platform has developed features and capabilities that enable solutions from Shape Security to be more efficient and more powerful than ever.

Shape Security is a leader in fraud and abuse prevention, providing protection from automated attacks, botnets, and targeted fraud across the full range of an organization’s digital experiences. The company’s flagship solution, Shape Enterprise Defense, distinguishes real users from malicious bots and automation before login, removing malicious traffic before it even has the opportunity to hammer your login and identity system. This is an important, resource-saving step that becomes more and more necessary every day. Shape’s experience shows that it’s not unusual for 70-90 percent of an organization’s web site’s daily log-in attempts to be from non-human visitors. These may be cheap, rudimentary bots that do nothing but cycle through the millions and millions of stolen and leaked credentials that are already in the wild, one after another, over and over, throwing username and password combinations at your site and hoping for even a tiny fraction to make it through, or they can be motivated attackers that use sophisticated security tools to circumvent mitigations and emulate human behavior to evade detection. With Shape Enterprise Defense, there is now a powerful tool to stop attackers from targeting and retooling to bypass your defenses.

Shape Anti-Fraud Engine (SAFE) monitors for anomalous activity across the entire customer journey, identifying malicious intent to prevent fraudulent transactions. Knowing that motivated attacks may use human click farms or manually interact with an application to bypass anti-automation defenses, SAFE provides an extra blanket of protection from fraud.

Another of the company’s solutions, Shape Recognize, leverages the intelligence that is gained while protecting users at login and uses that information to make repeat visits—by legitimate users—smoother than ever before. Technology like this is already an important part of many leading ecommerce sites, but in most cases, users never even notice it. And that’s very much by design—helping users remain secure without constantly hassling them to identify themselves, enter passwords, or “prove you are not a robot” upon every repeat visit.

For its part, Okta has developed the Okta Risk Ecosystem API to work directly with Shape Security solutions to increase security while providing users a smooth, frictionless experience. For example, when Shape Recognize identifies a returning user that has previously, legitimately logged-in, that information is shared with the Okta CIAM system which in turn enables the user to extend their session without friction.

Better Security for a Better Experience

No matter the extent of your online presence—websites, mobile apps, APIs—your customer identity access management (CIAM) system needs to be able to examine incoming traffic, know where (and who) it is coming from, and apply the appropriate protections. To get the most out of these core capabilities, you also need to be able to share this critical information among the other security components within your ecosystem. By partnering together and sharing their vast stores of threat-based knowledge, F5 and Okta provide a highly granular level of protection to the full suite of security tools you already use.

“Delivering a seamless yet secure experience continues to be the top priority for our customers,” said Maureen Little, VP Technology Partnerships, Okta. “To outsmart the bad actors, a new model for continuous and scaled authentication is required where identity and risk solutions cooperate closely. We couldn’t be more pleased with our partnership with F5 and the capabilities we jointly provide to ensure that our customers are secure.”

Learn more

Shape Recognize demo

Shape Enterprise Solution Overview