Acceptto’s eGuardian® engine continuously creates and monitors user behavior profiles based on user interaction with the It’sMe™ authenticator. Every time an activity occurs, actionable intelligence is gathered and used to optimize the user profile. eGuardian® is capable of autonomously and continually learning new behaviors and adapting existing ones. While policies can still be manually defined and contribute to the computation, our Biobehavioral® AIML approach automatically finds the abnormalities in users behaviour. eGuardian® leverages a mixture of AI & ML, expert systems and SMEs to classify, detect, and model behavior, and assign real-time risk scores to continuously validate one’s identity prior to, during and post-authentication.
eGuardian® can run on a hybrid platform as well as in the cloud. The high level architecture of the system is provided below.
eGuardian sits between different components of the platform and connects them together. It provides an interface to the It's Me mobile application and orchestrates the different parts of the system as well as allow 3rd party applications access to Multi-factor Authentication functionality via REST APIs.
The appliance consists of a set of services and an administrative console (or Admin Console) that provides the following functionality:
- Integration with an existing user directory such as Active Directory or Azure AD
- SSO services such as SAML (CAS, OpenID, OAuth 2.0 are to be added soon)
- Exposing the RADIUS protocol for VPN Authentication
- A user interface to configure the appliance, manage applications, create authentication policies, monitor statistics, and more
The Appliance can run both on-premise and in the cloud while providing an out-of-the-box integration with eGuardian core.
To make it easy for administrators and provide a centralized administrative experience, the Appliance Admin Console allows complete control of the appliance and eGuardian integration from a single user interface. For example, one can define applications in the Appliance in addition to the eGuardian dashboard.
The Risk Engine is part of the eGuardian Core. It collects the raw and derived data on each user from a variety of sources, such as:
- Acceptto AI/ML Engine
- Acceptto Browser Fingerprint
- Third party IP reputations
- Citrix Analytics
- Mainstream Firewalls
The user context key information such as IP and location is mainly collected from the user’s browser, mobile app and other third parties.
The eGuardian Risk Engine is extensible, allowing it to easily ingest 3rd party data from a disparate range of sources to provide enhanced risk scoring using custom data sources.
Policy Engine allows full control of the authentication flow by defining a policy that invokes an action based on the login context and the numerous signals that generate a risk score.
It'sMe Mobile App
There are many functionalities offered by It'sMe mobile application such as:
- Authentication factor through push notifications
- Logging in using QR scanner without username or password
- Offline TOTP
- Viewing the transaction history
- Defining policies to automate things such as automatically approve or rejecting the authentication requests for a give period of time
It'sMe Mobile SDK
The It'sMe Mobile SDK is for customers intending to incorporate eGuardian capabilities into their existing, in-house mobile app.
When it comes to multi-factor authentication for web applications, Acceptto provides two approaches: API and Plugins.
Through API and Plugins
Use the eGuardian REST APIs to integrate Acceptto's Multi-Factor Authentication with any other software, whether custom-built or off-the-shelf.
A second approach is to use Acceptto plugins to enable Acceptto MFA for commonly used software. Find the available plugins from the left side navigation menu.
Note - When there's no user directory eGuardian will provide a user directory on it's own.
eGuardian provides SSO via SAML (OpenID and CAS are to be added soon).
It's provided as part of the Appliance and can be configured within the Appliance admin panel.
eGuardian can be used as a SAAS or deployed fully on-premise, or a combination of the two.
The eGuardian platform, including the core and appliance micro-services, can all be deployed on-premise to provide full physical control over the environment.
The eGuardian platform is already provided as a SAAS in the cloud and so there is no need to worry about infrastructure, scaling, security, or up-time.
If running a user directory inside the network and you (1) don't want to expose data outside the firewall, and (2) want to avoid the overhead of maintaining infrastructure and security for the whole platform, Acceptto provides a third approach. The eGuardian core can be run as a SAAS in the cloud with the Appliance running behind the network firewall. In this case the Appliance securely communicates with the user directory without exposing any identity data to the outside world.