Search Results :


Risk Based Access and Multi-factor Authentication

[smartslider3 slider=”302″]

Key Features

Password-less Authentication

If the user is not logging from trusted device, he needs to authenticate his Identity with 2fa (Without need of username &password).

Access Control

You can regulate priority access to only recognized users and devices in the framework/platform, or you can grant limited access to non-compliant devices and guest users.

Device Restriction

miniOrange provides device restriction to control and overcoming a chance of getting hacked by managing the active sessions of accounts on the different devices.

Overview of risk-based access

Data breaches, Identity theft, Online fraud becoming more common every day. Millions of passwords are stolen or phished each year. In this environment, it is clear that there is a need for something more than just password-based protection for employee, partner and customer access to valuable online resources.

miniOrange Fraud prevention is a non-static authentication system which takes into account the profile of the agent requesting access to the system to determine the risk profile associated with that transaction. The risk profile is then used to determine the complexity of the challenge. Higher risk profiles lead to stronger challenges, whereas a static username/password may suffice for lower-risk profiles. The risk-based implementation allows the application to challenge the user for additional credentials only when the risk level is appropriate.

Fraud prevention works by developing a risk score based on the following contextual elements:
  • IP Address
  • Device
  • Location
  • Time of access
  • User behavior

For example, if the user logged in ten minutes ago from Canada and is now trying to log in from China, it’s definitely considered a higher risk transaction. miniOrange Fraud prevention can be used to reduce fraud and protect users from internet attacks whether they are shopping online, or accessing confidential or private information using application. The following diagram shows miniOrange Fraud Prevention setup:

You can assess the potential risk of a particular login attempt before authenticating the user and then mitigate the risk if required. The calculated risk score is then fed into your policies to decide whether to authorize the current activity, request step-up authentication and/or send an alert or block the activity. This provides your organization with a transparent layer of protection against identity theft, data breaches, and fraud.

This risk score is then evaluated against defined risk levels. You can define the risk levels based on the sensitivity of the information. After the risk level is identified, the authentication mechanism is selected and the user is authenticated. In cases of high risk, the user is either denied access or is required to go through additional authentication methods. Inputs/risk factors are used to estimate the security risk value associated with each access request. The final risk value is then compared with risk policies to make the access decision.

Plans For Everyone


$299 / month

  • Upto 2000 active users allowed per month
  • MFA and RBA supported
  • Custom Checkout experience

$399 / month

  • Upto 4000 active users allowed per month
  • MFA and RBA supported
  • User provisioning and deprovisioning supported
  • Support for Mobile Application
  • Dedicated software engineer available 24*7

$549/ month

  • Upto 10000 active users allowed per month
  • MFA and RBA included (NO extra cost involved)
  • User pro-visioning and deprovisioning supported
  • Support for Mobile Application
  • Dedicated software engineer available 24*7
Hello there!

Need Help? We are right here!

Contact miniOrange Support

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to